urlscan.io logo urlscan.io
SecurityTrails logo

birdgames.smartm.ir Open in urlscan Pro
85.10.210.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://birdgames.smartm.ir/
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 33 HTTP transactions. The main IP is 85.10.210.80, located in Bad Heilbrunn, Germany and belongs to HETZNER-AS, DE. The main domain is birdgames.smartm.ir.
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.
This is the only time birdgames.smartm.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 85.10.210.80 24940 (HETZNER-AS)
2 192.243.61.227 39572 (ADVANCEDH...)
1 185.49.85.27 43754 (ASIATECH)
1 185.143.233.26 205585 (ARVANCLOU...)
6 45.133.44.53 39572 (ADVANCEDH...)
1 172.67.174.51 13335 (CLOUDFLAR...)
2 157.90.84.242 24940 (HETZNER-AS)
7 49.12.169.58 24940 (HETZNER-AS)
1 167.235.163.216 24940 (HETZNER-AS)
4 2a01:4f8:1060... 24940 (HETZNER-AS)
2 2a02:b48:8301... 39572 (ADVANCEDH...)
2 172.64.152.106 13335 (CLOUDFLAR...)
33 13
3    85.10.210.80 (Bad Heilbrunn, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server17.dn-server.com
birdgames.smartm.ir
smartm.ir
2    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
investigationsuperbprone.com
1    185.49.85.27 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
www.zarpop.ir
1    185.143.233.26 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)
zarpop.com
6    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
3f85d85a52.699bfcf9d9.com
js.capndr.com
f110942df5.af54fe2566.com
1    172.67.174.51 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
2    157.90.84.242 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
7    49.12.169.58 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.h16.hostdl.com
zarad.net
1    167.235.163.216 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.163.235.167.clients.your-server.de
nereserv.com
4    2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)
e0647f5ed3.4c7ce5d4e5.com
2    2a02:b48:8301::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
2    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
s-img.adskeeper.com
Apex Domain
Subdomains		 Transfer
7 zarad.net
zarad.net — Cisco Umbrella Rank: 260665
32 KB
4 4c7ce5d4e5.com
e0647f5ed3.4c7ce5d4e5.com
4 KB
4 699bfcf9d9.com
3f85d85a52.699bfcf9d9.com
195 KB
3 smartm.ir
birdgames.smartm.ir
smartm.ir
25 KB
2 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 29618
s-img.adskeeper.com — Cisco Umbrella Rank: 27266
12 KB
2 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 29498
2 KB
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 28965
439 B
2 investigationsuperbprone.com
investigationsuperbprone.com — Cisco Umbrella Rank: 870192
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 24876
201 B
1 af54fe2566.com
f110942df5.af54fe2566.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 24653
1 capndr.com
js.capndr.com — Cisco Umbrella Rank: 30211
238 B
1 zarpop.com
zarpop.com
1 KB
1 zarpop.ir
www.zarpop.ir — Cisco Umbrella Rank: 553279
1 KB
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 45 Failed
33 15
Domain Requested by
7 zarad.net zarpop.com
zarad.net
4 e0647f5ed3.4c7ce5d4e5.com 3f85d85a52.699bfcf9d9.com
4 3f85d85a52.699bfcf9d9.com birdgames.smartm.ir
3f85d85a52.699bfcf9d9.com
2 static.bookmsg.com
2 fp.metricswpsh.com 3f85d85a52.699bfcf9d9.com
2 investigationsuperbprone.com birdgames.smartm.ir
2 birdgames.smartm.ir
1 s-img.adskeeper.com
1 c.adskeeper.com
1 nereserv.com 3f85d85a52.699bfcf9d9.com
1 f110942df5.af54fe2566.com 3f85d85a52.699bfcf9d9.com
1 storage.multstorage.com 3f85d85a52.699bfcf9d9.com
1 js.capndr.com 3f85d85a52.699bfcf9d9.com
1 zarpop.com www.zarpop.ir
1 www.zarpop.ir birdgames.smartm.ir
1 smartm.ir birdgames.smartm.ir
0 accounts.google.com Failed birdgames.smartm.ir
33 17
Subject Issuer Validity Valid
*.smartm.ir
R3		 2024-05-02 -
2024-07-31		 3 months crt.sh
investigationsuperbprone.com
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
zarpop.ir
R11		 2024-06-22 -
2024-09-20		 3 months crt.sh
zarpop.com
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
3f85d85a52.699bfcf9d9.com
R10		 2024-06-22 -
2024-09-20		 3 months crt.sh
js.capndr.com
R10		 2024-06-20 -
2024-09-18		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
f110942df5.af54fe2566.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
notification.tubecup.net
E5		 2024-06-19 -
2024-09-17		 3 months crt.sh
webdisk.zarad.net
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
4c7ce5d4e5.com
E6		 2024-06-23 -
2024-09-21		 3 months crt.sh
static.bookmsg.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://birdgames.smartm.ir/
Frame ID: D90E9B5E9F7CB1EB8B7802C3B6C717E5
Requests: 26 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 9DD676D66661D684BC2B1672327391B7
Requests: 1 HTTP requests in this frame

Frame: https://c.adskeeper.com/c?pv=2&v=0|0|0|m6sBWTAU7p8A1VO_yElXXauAg5JbTyohVTEfJzI0UHPL_6jTEPkfv_KZEtalqGGHT7Yjim-xUWGVXYTAlDWduvmFQkym39UM7ZUQ8Wdx4N0*&cid=1542633&f=1&h2=vlJ0RdnMYFlD0pCQy6adPhoFB91DnEnrSu-34abJEM3PjzKAOR76hLj5aphlltRS&rid=c244d306-32ed-11ef-a749-c84bd6826564&psid=73512650&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.02&cpa=69e1bea5-f7b0-4d6d-949f-9033b18df757&prev_step_diff=795
Frame ID: F7AC9E8C284B685C1D700A8E948BEC8A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

پرنده بازی ها | سایت دانلود رایگان بازی کامپیوتر و موبایل

Page Statistics

33
Requests

97 %
HTTPS

17 %
IPv6

15
Domains

17
Subdomains

13
IPs

5
Countries

274 kB
Transfer

991 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTASAGj4V0j5EtV62Vtgqv_6WUGauC-QoWMUn9z9vac2pKw6U5an5gXiQfyL2k7IUrErat6qbGA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAS42jkpH3AedMQdOFF79uGDS6ZmlXtWewa78ELbsc0REJfjM4XatIBcfBn8eEYN0fyTXDZWtQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922717652%3A1719318221799179&ddm=0

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
birdgames.smartm.ir/ 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdgames.smartm.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Bad Heilbrunn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
57ac9b25ce4f9b938bf50595d9c7f880c72ddfdaab58270574a3386fbcbc2c64

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 12:23:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
style.css
smartm.ir/theme/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartm.ir/theme/style.css
Requested by
Host: birdgames.smartm.ir
URL: https://birdgames.smartm.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Bad Heilbrunn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
299faef87dca5af19491932ff22ca248b734ab6fc995c8debcc6799159f4c7aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:40 GMT
content-encoding
br
last-modified
Tue, 02 Jan 2024 09:03:30 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
4850
expires
Thu, 25 Jul 2024 12:23:40 GMT
5cd8643a399defbad9f53f6d497df082.js
investigationsuperbprone.com/5c/d8/64/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://investigationsuperbprone.com/5c/d8/64/5cd8643a399defbad9f53f6d497df082.js
Requested by
Host: birdgames.smartm.ir
URL: https://birdgames.smartm.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 12:23:41 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
investigationsuperbprone.com/08f810b79f7a9be4288fee5d87339010/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://investigationsuperbprone.com/08f810b79f7a9be4288fee5d87339010/invoke.js
Requested by
Host: birdgames.smartm.ir
URL: https://birdgames.smartm.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 12:23:41 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js
www.zarpop.ir/website/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zarpop.ir/website/js
Requested by
Host: birdgames.smartm.ir
URL: https://birdgames.smartm.ir/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.49.85.27 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
6c526bf2446e55b0464a9bd6fe5639a1a3b61467cd9da5de60d4a53972af02ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:39 GMT
content-encoding
br
last-modified
Tue, 25 Jun 2024 12:23:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0,pre-check=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
711
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
zarpop.com/website/pp/null/1226/birdgames.smartm.ir/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarpop.com/website/pp/null/1226/birdgames.smartm.ir/?107654
Requested by
Host: www.zarpop.ir
URL: https://www.zarpop.ir/website/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.143.233.26 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
6b518579dac9f9ec5d8876ae0b6aa05bce5a2b8d0b89580d2bc4eaa31bfc0845
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
br
x-cache
BYPASS
server-timing
total;dur=264
content-length
1033
x-xss-protection
1; mode=block
x-request-id
66c9da8146cefc5b0f16af583aaa9c4d
x-sid
4101
pragma
no-cache
last-modified
Tue, 25 Jun 2024 12:23:40 GMT
server
ArvanCloud
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0,pre-check=0
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
238c2f9c214a5484e33884d72cd60d86.js
3f85d85a52.699bfcf9d9.com/ 		113 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Requested by
Host: birdgames.smartm.ir
URL: https://birdgames.smartm.ir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5ddf753cac0b18f5ebc00702a70ecd7906bf011ff75df0a6ca0a5ae9a2e99298

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Origin
https://birdgames.smartm.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 25 Jun 2024 12:28:41 GMT
date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2024 11:08:57 GMT
server
nginx/1.18.0
etag
W/"667953c9-1c5ca"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
151125
3f85d85a52.699bfcf9d9.com/e0080bdcc27643e80e745ec6f8ed3eb4/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3f85d85a52.699bfcf9d9.com/e0080bdcc27643e80e745ec6f8ed3eb4/151125?version_name=c&domain=birdgames.smartm.ir
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
01ac5b43e980e7332bec0e6fdd011a70faf94763126805cc3ebaf4ef4cbd75e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 25 Jun 2024 12:28:41 GMT
date
Tue, 25 Jun 2024 12:23:41 GMT
server
nginx/1.18.0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
content-length
1340
x-proxy-cache
MISS
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 25 Jun 2024 12:28:41 GMT
date
Tue, 25 Jun 2024 12:23:41 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
count.html
storage.multstorage.com/log/ Frame 9DD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://birdgames.smartm.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8994ee246da45d9c-FRA
content-encoding
br
content-type
text/html
date
Tue, 25 Jun 2024 12:23:41 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNZQnx9gD7gXk%2FWoP0CZy%2FNK0zBHL5UPF13CvPAkC9oGsC7TTb7jnMbQxrzJvgcxUpID43kl0L%2BBXjdJ4MAkRWngh5jueZGpyuF%2FjwfxyeqKHgJosHluevZPx6n0YgApag5rNPTmklc2PA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
a235c293fdd3f7f7fc06cf28f8f472ad
track
f110942df5.af54fe2566.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f110942df5.af54fe2566.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDg4MTgwMzgxMTk1NjcxNjAwMCIsInRpbWV6b25lIjoyLCJ2ZXIiOiIzLjEyNy4wIiwidGFnX2lkIjoxNTExMjUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQmVybGluIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMTQsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:41 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
7d38ffde96ceb54a15a74d9326ca7375.js
3f85d85a52.699bfcf9d9.com/ 		177 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3f85d85a52.699bfcf9d9.com/7d38ffde96ceb54a15a74d9326ca7375.js
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3c9a4f4437954189802e7b77d860248e83dcc437f24733f944b1ddc2bb45c88c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 25 Jun 2024 12:28:41 GMT
date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2024 13:18:39 GMT
server
nginx/1.18.0
etag
W/"66742c2f-2c21d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=151125
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/238c2f9c214a5484e33884d72cd60d86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
521bb432c4790091f775e0179a4fbf3a688a759b2bc5ee97cd126798e39e503a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 25 Jun 2024 12:23:41 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://birdgames.smartm.ir
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=151125
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://birdgames.smartm.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://birdgames.smartm.ir
Connection
keep-alive
Date
Tue, 25 Jun 2024 12:23:41 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTASAGj4V0j5EtV62Vtgqv_6WUGauC-QoWMUn9z9vac2pKw6U5an5gXiQf...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAS42jkpH3AedMQdOFF79uGDS6ZmlXtWewa78ELbsc0REJfjM4XatIBcfBn8eEYN0fyTXDZWtQ&passive...
0
0
smartm.ir.js
zarad.net/sdk/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarad.net/sdk/smartm.ir.js?t=202452514
Requested by
Host: zarpop.com
URL: https://zarpop.com/website/pp/null/1226/birdgames.smartm.ir/?107654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/
Resource Hash
f89f81d6276186ad48824c47b9aa15824af3d27c871eab7bf595edaedc1e7e6b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
br
last-modified
Sun, 02 Jul 2023 17:26:40 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8178
expires
Wed, 25 Jun 2025 12:23:41 GMT
c5865708fa239e54ce6fd3cfdd3c9ba3.js
3f85d85a52.699bfcf9d9.com/ 		463 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3f85d85a52.699bfcf9d9.com/c5865708fa239e54ce6fd3cfdd3c9ba3.js
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/7d38ffde96ceb54a15a74d9326ca7375.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e08b1aa58c2d2eb68b4e4866a973f201f9267bea4fa0f8a3296e5c4138e64e64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 25 Jun 2024 12:28:41 GMT
date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2024 13:18:33 GMT
server
nginx/1.18.0
etag
W/"66742c29-73bde"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=0&event_id=80499bed-de81-4c41-bdf4-d78a4cc9a602&subid=427308698&sid=3282531853&spot_id=512650&created_at=2024-06-25&timezone=2&ver=8.167.0&is_native=1
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/7d38ffde96ceb54a15a74d9326ca7375.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.163.235.167.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:41 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
e0647f5ed3.4c7ce5d4e5.com/in/ 		35 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e0647f5ed3.4c7ce5d4e5.com/in/multy
Requested by
Host: 3f85d85a52.699bfcf9d9.com
URL: https://3f85d85a52.699bfcf9d9.com/7d38ffde96ceb54a15a74d9326ca7375.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
464d1d2fcea9a9daca69ab1052a133120ac1feaf6c59beb9fceb899df82c517b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:42 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3944
multy
e0647f5ed3.4c7ce5d4e5.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e0647f5ed3.4c7ce5d4e5.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://birdgames.smartm.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Tue, 25 Jun 2024 12:23:41 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
savvy.json
zarad.net/jsons/ 		883 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zarad.net/jsons/savvy.json
Requested by
Host: zarad.net
URL: https://zarad.net/sdk/smartm.ir.js?t=202452514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/
Resource Hash
a0eb3e6ec1755efa3c91151d2a4da09a252638989f4e42607750f3bac262c2bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jun 2024 12:23:41 GMT
content-encoding
br
last-modified
Tue, 25 Jun 2024 12:00:01 GMT
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Content-Type, *
content-length
116
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires
Sat, 24 Aug 2024 12:23:41 GMT
savvy.json
zarad.net/jsons/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zarad.net/jsons/savvy.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://birdgames.smartm.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, *
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET,POST
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
date
Tue, 25 Jun 2024 12:23:42 GMT
vary
User-Agent
favicon.ico
birdgames.smartm.ir/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://birdgames.smartm.ir/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Bad Heilbrunn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
54041a7260427d02c7c03861d2f512176bfe3a503b107bf4277aa63d12b3c08a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/x-icon
date
Tue, 25 Jun 2024 12:23:42 GMT
cache-control
public, max-age=31536000
last-modified
Sat, 26 Oct 2019 23:19:32 GMT
accept-ranges
bytes
content-length
5430
expires
Wed, 25 Jun 2025 12:23:42 GMT
load.php
zarad.net/v1/ 		57 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zarad.net/v1/load.php
Requested by
Host: zarad.net
URL: https://zarad.net/sdk/smartm.ir.js?t=202452514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/ PHP/7.1.33
Resource Hash
8589a580f959a831cc49ec2af832f12210082b9aec64046e1839acb42f3d0304

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:42 GMT
content-encoding
br
x-powered-by
PHP/7.1.33
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://birdgames.smartm.ir
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
58
expires
Thu, 19 Nov 1981 08:52:00 GMT
load.php
zarad.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zarad.net/v1/load.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/ PHP/7.1.33
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://birdgames.smartm.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://birdgames.smartm.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 12:23:42 GMT
vary
User-Agent
x-powered-by
PHP/7.1.33
notif-app.js
zarad.net/asset/js/media/fcm/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarad.net/asset/js/media/fcm/notif-app.js?v=2024525
Requested by
Host: zarad.net
URL: https://zarad.net/sdk/smartm.ir.js?t=202452514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/
Resource Hash
a68086e07d2fbcd82a309abbbb5763059531f8f1f7269c5a03aecd9aa1853006

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:42 GMT
content-encoding
br
last-modified
Wed, 28 Jun 2023 09:32:34 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20512
expires
Wed, 25 Jun 2025 12:23:42 GMT
fcm.js
zarad.net/asset/js/media/fcm/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarad.net/asset/js/media/fcm/fcm.js?v=2024525
Requested by
Host: zarad.net
URL: https://zarad.net/sdk/smartm.ir.js?t=202452514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
49.12.169.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.h16.hostdl.com
Software
/
Resource Hash
fe4b9e0bf9b4046780281e55e4c5dfb23750723ccf194067ea225d853bc3d78f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:42 GMT
content-encoding
br
last-modified
Sat, 01 Jul 2023 11:54:06 GMT
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2401
expires
Wed, 25 Jun 2025 12:23:42 GMT
SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 		486 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=f168194a-4522-4980-82ca-09303027ce23&prev_step_diff=795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 25 Jun 2025 12:23:42 GMT
date
Tue, 25 Jun 2024 12:23:42 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-1e6"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
486
x-proxy-cache
HIT
SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 25 Jun 2025 12:23:42 GMT
date
Tue, 25 Jun 2024 12:23:42 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-42a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1066
x-proxy-cache
HIT
/
e0647f5ed3.4c7ce5d4e5.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e0647f5ed3.4c7ce5d4e5.com/in/show/?tag_ab=c&site_id=31512650&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fbirdgames.smartm.ir%2F&refdom=birdgames.smartm.ir&auction_time=1719318221&subid=427308698&sid=3282531853&tcid=0&ver=8.167.0&ver_c=&spot_id=512650&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-06-25&iabcat=IAB1-6&keywords=&user_fp=15782096757436577954&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D427308698%26spot_id%3D512650%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fbirdgames.smartm.ir%252F%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fomg.makesmestronger.com%2Fidclk%3Fn%3D6%26l%3D%26data%3D121d6f79f831622db3e6b4325fddf978&icons=AjCwBd2qsqS6sOA0479PyysHG3aHxUd0UZ3SpF9W5JtqxH77bV250r8M7ie3J74B4RrlTqDPzGSRmoQF0k0r9l8Rd2q4OvIc8wKssDLIcpim87v-Mx4SA6-pWvmlUAgmtRgA7CUSUDEgRSUd7VpsuM7mZF18JEEaIzmbNuQJUdSuItDRyg&ext_cid=0&px_id=53512650&min_cpm=0.014782566779632701&out_id=1&campaign_type=lq-pop&aid=3268&cid=16699&uniq=46dfbe2d9d1096b86b07841fae17ae5bb9b1bf9d866b826339f2b391c256a796&mid=7412926086527947535&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.06253067734327204&cpm=0&verify_hash=e8e459dfb12b81677a2795c4d932585e&is_native=2&real_bid=0.0008080200254917169&original_bid_usd=0.0009&original_bid=0.0009&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:2:240:3247::11&geo=DE&carrier=-&label_ids=27,108,0,83,89,20&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.0009&hostname=auc-inpage-hz-0-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000009&ext_campaign_id_str=&client_price=0&direct_client_price=0&priority=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=b7e7ea93-11c1-4365-995a-4087417ee812&prev_step_diff=795
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:42 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
e0647f5ed3.4c7ce5d4e5.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e0647f5ed3.4c7ce5d4e5.com/in/show/?tag_ab=c&site_id=31512650&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fbirdgames.smartm.ir%2F&refdom=birdgames.smartm.ir&auction_time=1719318221&subid=427308698&sid=3282531853&tcid=0&ver=8.167.0&ver_c=&spot_id=512650&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-06-25&iabcat=IAB1-6&keywords=&user_fp=15782096757436577954&score=0&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D427308698%26spot_id%3D512650%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fbirdgames.smartm.ir%252F%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=Brainberries&crtid=799127411ac548ea4a0058dbb8bb8880&url=https%3A%2F%2Fclck.adskeeper.com%2Fghits%2F17492356%2Fi%2F57874188%2F2%2Fsrc%2F73512650%2Fpp%2F1%2F1%3Fh%3Dm6sBWTAU7p8A1VO_yElXXauAg5JbTyohVTEfJzI0UHPL_6jTEPkfv_KZEtalqGGHT7Yjim-xUWGVXYTAlDWduvmFQkym39UM7ZUQ8Wdx4N0%2A%26rid%3Dc244d306-32ed-11ef-a749-c84bd6826564%26tt%3DDirect%26att%3D3%26pubsrcid%3D73512650%26cpm%3D1%26ct%3D1%26st%3D120%26h2%3DvlJ0RdnMYFlD0pCQy6adPhoFB91DnEnrSu-34abJEM3PjzKAOR76hLj5aphlltRS&icons=9WA-ixJjL8TtHEqJIe2srV3q4EzlfC223SLO9BLXECc16LDF8FWkRQu4BmdctA4s-EMKcWpMA5N-1mZa8V9lG3pgAcZjO1KjyXBhTuMWJcCqE9X0h4qjMD4Ep0_nEm43QnKx6l6sMJxjuQ4C7X1wcTuRAIOvRmbzMkd-5HNldKzOo1EvKKt5SrDxA6_ELzJb1NxEEM971byWLh8vkZb4GS22pT6C2AqqBBr7Hf42aN1RQ_0mdIhjh6bf7ZA36_KJlAEF7ZxpHZIRJmADDvpsfJYKivmqQwLFXQIMe-rECDGDS1jd56Bjp7Q5erV1l330kv6pJoyXepaG3wHY1Lz2YAbXZ6Qlr9BbhviRfb9m1Txg1e8ddWY8uaUFLziP-nKeV64TAETpQ_fVkQgw6Ta2nxMCpCm9G_jAOMT3XEWGz9jQDWuujNw&ext_cid=44080&px_id=73512650&min_cpm=0.0009658872747169365&out_id=0&campaign_type=hq&aid=62&cid=17127&uniq=&mid=7412926086527947535&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.029840904463711612&cpm=0&verify_hash=8316afe7da488b9ad452eaf5b78695c0&is_native=1&real_bid=0.0059015267307758025&original_bid_usd=0.007332&original_bid=0.007332&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:2:240:3247::11&geo=DE&carrier=-&label_ids=83,90,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1719354221&image_url=https%3A%2F%2Fs-img.adskeeper.com%2Fg%2F17492356%2F200x200%2F-%2FaHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU1Myx5XzUzMy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8xMDE5MjQvMGI0OTllOGVkNTU5Y2FjODMwN2YxNjg1NGQzYmY1NzAuanBn.webp%3Fv%3D1719318221-EHDNJetokT__Jr1rAS8Lng0Bj72-aI8_kTWZxdva3KI&site=native-push-mainstream&price=0.007332&hostname=auc-inpage-hz-0-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.000007332000000000001&ext_campaign_id_str=44080&client_price=0&direct_client_price=0&priority=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.02&cpa=193890f5-be26-4aae-8504-60e0a1b42b6c&prev_step_diff=795
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://birdgames.smartm.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:23:42 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
c
c.adskeeper.com/ Frame F7AC 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|m6sBWTAU7p8A1VO_yElXXauAg5JbTyohVTEfJzI0UHPL_6jTEPkfv_KZEtalqGGHT7Yjim-xUWGVXYTAlDWduvmFQkym39UM7ZUQ8Wdx4N0*&cid=1542633&f=1&h2=vlJ0RdnMYFlD0pCQy6adPhoFB91DnEnrSu-34abJEM3PjzKAOR76hLj5aphlltRS&rid=c244d306-32ed-11ef-a749-c84bd6826564&psid=73512650&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.02&cpa=69e1bea5-f7b0-4d6d-949f-9033b18df757&prev_step_diff=795
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:42 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
8a0ff25e-6593-413d-9ed8-39284404b6ff
server
cloudflare
content-type
image/gif
cf-ray
8994ee2bff59c3b7-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU1Myx5XzUzMy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8xM...
s-img.adskeeper.com/g/17492356/200x200/-/ Frame F7AC 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/17492356/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU1Myx5XzUzMy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8xMDE5MjQvMGI0OTllOGVkNTU5Y2FjODMwN2YxNjg1NGQzYmY1NzAuanBn.webp?v=1719318221-EHDNJetokT__Jr1rAS8Lng0Bj72-aI8_kTWZxdva3KI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d74ae9d8f40c8368927a57b630b47bce49c56d22784e83802a89397c89eb20d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:23:42 GMT
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 20:17:42 GMT
x-mg-request-uuid
8d815518-3d3b-4884-820b-f9286a0e4518
server
cloudflare
age
881252
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8994ee2bff5ac3b7-WAW
content-length
11806
alt-svc
h3=":443"; ma=86400
truncated
/ Frame F7AC 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTAS42jkpH3AedMQdOFF79uGDS6ZmlXtWewa78ELbsc0REJfjM4XatIBcfBn8eEYN0fyTXDZWtQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-922717652%3A1719318221799179&ddm=0

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage number| zarpop_user_id number| zarpop_userMax function| R function| X function| zarpop_pop2under function| openCloseWindow function| openCloseTab undefined| zarpop_url object| zarpop_browser object| script number| x object| bd object| hd string| zarpop_wid number| zarpop_uid object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| activesInpages function| __fp-init number| needpop string| vc_cn string| vc_url object| Page_Enter number| PopWidth number| PopHeight number| PopTargetingMethod number| PopUseDivLayer string| RTSDomain string| debugDomain boolean| Page_Popped boolean| Page2_Popped boolean| Page_Loaded object| MySiteDomain function| InitPop412997553 function| SiteEnter function| createCookie function| readCookie function| RetrieveCount function| IncrementCount function| LoadStandardPop object| h object| s object| d object| __inpageSkins object| keys string| mediad object| ki object| clicked object| poss number| media_id string| baseurl string| twdomain string| fileurl string| fcmuZAR string| baseApi object| op object| validpos object| df number| cv number| userip boolean| supStrg function| viewAds function| getAllLoc function| bestlocation boolean| lc boolean| lcFcmTw function| totalLoc object| cstr undefined| ccd function| aClickC function| totalClick object| isMobile45 boolean| ismob function| toId function| pluski function| plusclicked function| pageToId function| sdget function| zaradAjax function| getsavvy function| upValidPos function| idsCatToScore function| getScoreFrmAd function| getposIdAdsOrderd function| orderIds function| getAds function| actionResultAds function| addStyle45 function| addJsZarad function| urlads function| titleAd function| result4 function| result5 function| result7 function| result8 function| result9 function| result10 function| result11 function| result12 function| Cookies boolean| $best object| vi boolean| a string| r object| head object| style object| locat object| possC object| possC12 string| posIconNotif string| uqFile object| core object| __core-js_shared__ object| firebase string| nmSendToSrv function| reqTokenZarad function| getRegisterToken function| setTokenSentToServer function| sendTokenToServer function| isTokenSentToServer function| saveToken function| fun45 function| htmlButtonReqNotif function| subscribetoTopic string| html546

6 Cookies

Domain/Path Name / Value
birdgames.smartm.ir/ Name: PHPSESSID
Value: bftbrviu9gf75f19qeas1hs552
birdgames.smartm.ir/ Name: c137-2
Value: 1
birdgames.smartm.ir/ Name: lstsavvy
Value: 1719318221
fp.metricswpsh.com/ Name: id
Value: 3887721625209291669
birdgames.smartm.ir/ Name: lstIp
Value: 4
birdgames.smartm.ir/ Name: l
Value: {%224%22:1}

2 Console Messages

Source Level URL
Text
network error URL: https://investigationsuperbprone.com/5c/d8/64/5cd8643a399defbad9f53f6d497df082.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://investigationsuperbprone.com/08f810b79f7a9be4288fee5d87339010/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f85d85a52.699bfcf9d9.com
accounts.google.com
birdgames.smartm.ir
c.adskeeper.com
e0647f5ed3.4c7ce5d4e5.com
f110942df5.af54fe2566.com
fp.metricswpsh.com
investigationsuperbprone.com
js.capndr.com
nereserv.com
s-img.adskeeper.com
smartm.ir
static.bookmsg.com
storage.multstorage.com
www.zarpop.ir
zarad.net
zarpop.com
accounts.google.com
157.90.84.242
167.235.163.216
172.64.152.106
172.67.174.51
185.143.233.26
185.49.85.27
192.243.61.227
2a01:4f8:1060:13eb::2
2a02:b48:8301::24
45.133.44.53
49.12.169.58
85.10.210.80
01ac5b43e980e7332bec0e6fdd011a70faf94763126805cc3ebaf4ef4cbd75e2
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
299faef87dca5af19491932ff22ca248b734ab6fc995c8debcc6799159f4c7aa
3c9a4f4437954189802e7b77d860248e83dcc437f24733f944b1ddc2bb45c88c
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
464d1d2fcea9a9daca69ab1052a133120ac1feaf6c59beb9fceb899df82c517b
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
521bb432c4790091f775e0179a4fbf3a688a759b2bc5ee97cd126798e39e503a
54041a7260427d02c7c03861d2f512176bfe3a503b107bf4277aa63d12b3c08a
57ac9b25ce4f9b938bf50595d9c7f880c72ddfdaab58270574a3386fbcbc2c64
5ddf753cac0b18f5ebc00702a70ecd7906bf011ff75df0a6ca0a5ae9a2e99298
6b518579dac9f9ec5d8876ae0b6aa05bce5a2b8d0b89580d2bc4eaa31bfc0845
6c526bf2446e55b0464a9bd6fe5639a1a3b61467cd9da5de60d4a53972af02ee
8589a580f959a831cc49ec2af832f12210082b9aec64046e1839acb42f3d0304
9d74ae9d8f40c8368927a57b630b47bce49c56d22784e83802a89397c89eb20d
a0eb3e6ec1755efa3c91151d2a4da09a252638989f4e42607750f3bac262c2bc
a68086e07d2fbcd82a309abbbb5763059531f8f1f7269c5a03aecd9aa1853006
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
e08b1aa58c2d2eb68b4e4866a973f201f9267bea4fa0f8a3296e5c4138e64e64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f89f81d6276186ad48824c47b9aa15824af3d27c871eab7bf595edaedc1e7e6b
fe4b9e0bf9b4046780281e55e4c5dfb23750723ccf194067ea225d853bc3d78f