bia2game.com Open in urlscan Pro
185.120.221.254  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bia2game.com/b2g/	3 KB 2 KB	824ms 467ms	Document text/html	185.120.221.254 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.120.221.254 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS irsrv14.hostdl.com Software LiteSpeed / Resource Hash 4462c735615a8ffa0defd546fe619e6afb6f540c7205f3f0ae6c51bdba25fbd8 Request headers :method GET :authority bia2game.com :scheme https :path /b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers set-cookie PHPSESSID=8833e82915a0bc2f77cbb60204aaed29; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 link <https://bia2game.com/wp-json/>; rel="https://api.w.org/" <https://bia2game.com/wp-json/wp/v2/pages/68159>; rel="alternate"; type="application/json" <https://bia2game.com/?p=68159>; rel=shortlink x-litespeed-cache miss content-length 1111 content-encoding br vary Accept-Encoding,Accept-Encoding date Sun, 11 Apr 2021 21:19:09 GMT server LiteSpeed alt-svc h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	style.css bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/	3 KB 932 B	427ms 126ms	Stylesheet text/css	185.120.221.254 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/style.css Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.120.221.254 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS irsrv14.hostdl.com Software LiteSpeed / Resource Hash 45c46258fdd65146e7ddbc67aaeed8e1f2568c1543107aebd192ec44c3d4a04e Request headers Referer https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br last-modified Wed, 11 Mar 2020 14:25:08 GMT server LiteSpeed vary Accept-Encoding,Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=10368000,public accept-ranges bytes content-length 807 expires max-age=A10368000, public
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	27ms 8ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 18:40:33 GMT content-encoding gzip x-content-type-options nosniff age 9515 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Apr 2022 18:40:33 GMT
GET H2	200	script.js Show response bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/	481 B 283 B	427ms 126ms	Script application/javascript	185.120.221.254 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/script.js Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.120.221.254 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS irsrv14.hostdl.com Software LiteSpeed / Resource Hash 6e05d50be27c33907979dffc7192494e0efe7bf84712a1f1ef04d0707a5dce6b Request headers Referer https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br last-modified Wed, 11 Mar 2020 14:21:20 GMT server LiteSpeed vary Accept-Encoding,Accept-Encoding content-type application/javascript cache-control public, max-age=10368000,public accept-ranges bytes content-length 211 expires max-age=A10368000, public
GET H2	200	5f4207243dcc4 Show response mitrarank.ir/advca/show/	0 784 B	451ms 429ms	Script text/html	2606:4700:3030::6815:99d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mitrarank.ir/advca/show/5f4207243dcc4 Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:99d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 11 Apr 2021 21:19:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DHuNGCRMYx%2BW0jjWC4kcCot23%2BRF5uI4KrCu5qAnD5sTD90CQVskblyaDmf7WFxMierfglmNt5ZUZAI20z%2BYkrPjl5czjDqhzcrPvuHs8AaUWhSefGyMtrU%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 63e7405e2e6c05e4-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0964668edc000005e45a2b0000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	dox.min.css plus.sabavision.com/dox/	4 KB 1 KB	385ms 128ms	Stylesheet text/css	185.147.178.24 SABAIDEA
General Check archive.org Show headers Download Go to Full URL https://plus.sabavision.com/dox/dox.min.css Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR), Reverse DNS Software nginx / Resource Hash b7fb5e5a9e766501d64cbd640f90266d157ab4bec38de5b263004491dbdc83a5 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:08 GMT content-encoding gzip last-modified Sun, 16 Aug 2020 13:27:47 GMT server nginx etag W/"5f393453-1164" vary Accept-Encoding content-type text/css
GET H2	200	dox.min.js Show response plus.sabavision.com/dox/	51 KB 15 KB	385ms 129ms	Script application/javascript	185.147.178.24 SABAIDEA
General Check archive.org Show headers Download Go to Full URL https://plus.sabavision.com/dox/dox.min.js Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR), Reverse DNS Software nginx / Resource Hash 54f1c5d73e546f3f2429f11da98c980a4db69cfbff6f3054ab934a87485d2fcb Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:08 GMT content-encoding gzip last-modified Sun, 16 Aug 2020 13:27:49 GMT server nginx etag W/"5f393455-cbfe" vary Accept-Encoding content-type application/javascript
GET H2	200	56-1.jpg bia2game.com/wp-content/uploads/2020/05/	188 KB 188 KB	538ms 237ms	Image image/jpeg	185.120.221.254 ASIATECH
General Check archive.org Show headers Download Go to Show image Full URL https://bia2game.com/wp-content/uploads/2020/05/56-1.jpg Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.120.221.254 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS irsrv14.hostdl.com Software LiteSpeed / Resource Hash 1b42c0f4105a0edce338f6b660a45c948db23396c6610cf9ddd114e04365236d Request headers Referer https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:10 GMT last-modified Sat, 09 May 2020 10:52:01 GMT server LiteSpeed vary Accept-Encoding content-type image/jpeg cache-control public, max-age=10368000,public accept-ranges bytes content-length 192321 expires max-age=A10368000, public
GET H2	200	vazir.woff2 bia2game.com/wp-content/themes/Z-Download-bia2game/fonts/	37 KB 37 KB	423ms 123ms	Font application/font-woff2	185.120.221.254 ASIATECH
General Check archive.org Show headers Download Go to Full URL https://bia2game.com/wp-content/themes/Z-Download-bia2game/fonts/vazir.woff2 Requested by Host: bia2game.com URL: https://bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/style.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 185.120.221.254 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR), Reverse DNS irsrv14.hostdl.com Software LiteSpeed / Resource Hash 62f9cc94ffc6d5a995d9da3c17013fde4e57f439cb89749b4ee46c75d97316de Request headers Origin https://bia2game.com Referer https://bia2game.com/wp-content/themes/Z-Download-bia2game/link_transmitter/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:10 GMT last-modified Wed, 08 May 2019 17:06:50 GMT server LiteSpeed vary Accept-Encoding content-type application/font-woff2 cache-control public, max-age=10368000 accept-ranges bytes content-length 38000 expires max-age=A10368000, public
GET H2	200	loader.js Show response s1.mediaad.org/serve/bia2game.com/	145 KB 42 KB	32ms 17ms	Script application/javascript	2606:4700:e4::ac40:a510 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s1.mediaad.org/serve/bia2game.com/loader.js Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a510 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21acb4e1d5517a8fc848a86803cc1317b1eee7b711aec8e0d63326bed31964b5 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:08 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 231 access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09646690a40000074621af7000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yrsYyTdTz1PpaPRHTA6Eiaev9sOBXKEHEzi%2FVrkBIqNvdKlWrOhW1cdAnB3bZ3MCfdw8HzAqRxZZfDTmoSDQEqfRW%2Fx%2Bt2nH%2FujAzVocNFcicsL2voZ%2F43TcWQ%3D%3D"}],"group":"cf-nel"} content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-expose-headers x-requested-with cache-control max-age=300 access-control-allow-credentials false cf-ray 63e740610dab0746-FRA access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
GET H2	200	yn_bnr.min.js Show response cdn.yektanet.com/template/bnrs/	20 KB 8 KB	72ms 28ms	Script application/javascript	172.67.174.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.yektanet.com/template/bnrs/yn_bnr.min.js?v=202103011023 Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13be3e8c88251ebde4edd3199bbc0ee009b864217152ad41e68f4cf10a56a7de Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6000 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09646690e80000f9d6731fe000000001 last-modified Mon, 15 Mar 2021 13:36:56 GMT server cloudflare etag W/"604f62f8-51e6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZeK9FIuPzqMoxuF7Ar%2F4asBXt7wHJfmDMUlOSNNTiFqn1EnTx6ay2Rp1ZeCPmYb42t24FmPizvcF6PyCJwKdXKTauDZAQTDwFq8kQatYaLZ"}],"group":"cf-nel"} content-type application/javascript cache-control max-age=2678400 cf-ray 63e740617a8ef9d6-PRG
GET H2	200	fingerprint.html Show response mediacdn.mediaad.org/static/ Frame 8392	5 KB 2 KB	384ms 124ms	Document text/html	185.191.77.170 IR-AVABARID-AS
General Check archive.org Show headers Download Go to Full URL https://mediacdn.mediaad.org/static/fingerprint.html Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.191.77.170 , Iran, Islamic Republic Of, ASN51431 (IR-AVABARID-AS, IR), Reverse DNS Software nginx/1.17.6 / Resource Hash 8728d0c2254d0c528e66deb76651e38ccb17113eb5fd131c86512bcaa5d78fe7 Request headers :method GET :authority mediacdn.mediaad.org :scheme https :path /static/fingerprint.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://bia2game.com/ accept-encoding gzip, deflate, br accept-language en-US cookie __cf_bm=aa79f5bd76270c33f56da92ffbcea064730c9dab-1618175948-1800-AUNQJLEca1V/78SjCDFhVOVfFKqmgwixHh5h2OvevVQjMXzNjZFf6UXCKzbKDHeZPcjKFfMjO0oI6oRXjkHSsMU= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://bia2game.com/ Response headers server nginx/1.17.6 date Sun, 11 Apr 2021 21:19:09 GMT content-type text/html last-modified Thu, 12 Mar 2020 19:29:33 GMT etag W/"5e6a8d9d-1543" access-control-allow-origin * expires Mon, 12 Apr 2021 21:19:09 GMT cache-control max-age=86400 public x-cache-status HIT content-encoding gzip
GET H2	200	publisher.json Show response ma-cdn.pegah.tech/serve/bia2game.com/	26 KB 3 KB	37ms 16ms	XHR application/json	2606:4700:3035::6815:111e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ma-cdn.pegah.tech/serve/bia2game.com/publisher.json Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:111e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a4e05d7ec20674edfee5e4a21b4d9781f3c7b165cf905015d69c137f632650d Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 218 access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09646690ff00004e928f341000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bJx8%2BpSzmLZQQIcS6LfpAqU7sCJsE%2B6NZWqoE%2FUMdgjsrxNzbIpXaRxYjbQwDz0266buuFBwYvdFjrCy6v4%2FqI%2FrMKxPJqpIFkeoIJ%2FYeCUX4A5RvkxZercqIx2LsA%3D%3D"}],"max_age":604800} content-type application/json;charset=UTF-8 access-control-allow-origin * access-control-expose-headers x-requested-with cache-control max-age=14400 access-control-allow-credentials false cf-ray 63e740619d4c4e92-FRA access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
GET H2	200	/ Show response bfetch.yektanet.com/	1 KB 1 KB	235ms 234ms	XHR application/json	172.67.174.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bfetch.yektanet.com/?new-cdn=1&big-product=1&product-retargeting=1&format=json&ids=8394&w=1600&h=1200&is-mobile=0&android=0&ios=0&page_title=B2G&page_url=https%3A%2F%2Fbia2game.com%2Fb2g%2F Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abac477a32ee27ff43fa80376ad10ccbd5dbffb428d738c18c5076404a3db699 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 096466910e0000f9d62816d000000001 last-modified Sunday, 11-Apr-2021 21:19:09 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ocYQQd00MQJ%2BOqAckbR7wDQXsCJsxwWA7DiQ1%2BrnCzF7B1SNP6Wf9mZxbuPRgPK3qGN1Uzf93aI4RvIWX%2FpRllXOZL%2Fywj8HA9pcJMxJZte95qsB"}],"group":"cf-nel"} content-type application/json; charset=utf-8 access-control-allow-origin https://bia2game.com cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true cf-ray 63e74061bae9f9d6-PRG
GET H2	200	728-90_cTKFfSA.gif mostatil.yektanet.com/media/	48 KB 48 KB	41ms 40ms	Image image/gif	172.67.174.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mostatil.yektanet.com/media/728-90_cTKFfSA.gif Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5ef4bcc1f501f0ec4c40b3f1fb5569786efc7e7639656b46f1e71d039e0d324 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 697490 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 49016 cf-request-id 09646691fc0000f9d6890f1000000001 last-modified Wed, 10 Mar 2021 08:09:59 GMT server cloudflare etag "60487ed7-bf78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0IEEshHuHhLYEJHOL4eJ34azMwnX%2Bcdk8Ld%2F4CYBVolHF1tEzatIQatPyIE7clPgcULP8v1r%2FKobKCdfJNJAC30yQkxoIFQsRdWwXMk9eJGtOBn4PDE%3D"}],"group":"cf-nel"} content-type image/gif cache-control max-age=315360000 accept-ranges bytes cf-ray 63e740632d1af9d6-PRG expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	yn-icon.svg cdn.yektanet.com/assets/images/	6 KB 2 KB	32ms 32ms	Image image/svg+xml	172.67.174.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.yektanet.com/assets/images/yn-icon.svg Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cace651e975af7bac1f1fe41d3b3807db31d317c1f5bc688174114f751e0c257 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1180 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09646691fc0000f9d62728c000000001 last-modified Wed, 10 Mar 2021 10:06:59 GMT server cloudflare etag W/"60489a43-177a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kX0UhLXH9WIb72FHc7jB5m7cqtP2XmZhLc0jqBAUbwPhNComLCH3p5a0drZFiAB9w48vCSaDnd%2FHLZJ9Noa8xEQL9qijySJAnJI74ucp2GOQ"}],"group":"cf-nel"} content-type image/svg+xml cache-control max-age=2678400 cf-ray 63e740632d13f9d6-PRG
GET H2	200	yn.svg cdn.yektanet.com/assets/images/	9 KB 3 KB	33ms 33ms	Image image/svg+xml	172.67.174.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.yektanet.com/assets/images/yn.svg Requested by Host: bia2game.com URL: https://bia2game.com/b2g/?link=http://dl.bia2game.com/Savegame/B/Battlefield.3.Savegame_www.Bia2Game.com.rar Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 720ac976fdac9cf0c6ffc19f4f45d02bf2fa8e42840cc11f7e309d697eb0bc78 Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1345 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09646691fd0000f9d6799c3000000001 last-modified Wed, 10 Mar 2021 10:06:58 GMT server cloudflare etag W/"60489a42-2248" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TaOtydHzWaDPK2K%2BboaYpVacIhV3yo4Cqzm9w%2FdZ2Red8JlxIz61koSivlke9Ky72805tfVT5tNkpRrpdEOJ%2FPCJ%2F1Toz2lZdKTRbYFlrG%2BL"}],"group":"cf-nel"} content-type image/svg+xml cache-control max-age=2678400 cf-ray 63e740632d17f9d6-PRG
OPTIONS H2	200	serve api.mediaad.org/v1/bia2game.com/ Frame	0 0	335ms 114ms	Preflight	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/bia2game.com/serve?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Protocol H2 Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://bia2game.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 11 Apr 2021 21:19:09 GMT content-length 0 access-control-allow-origin https://bia2game.com access-control-allow-credentials true access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers x-requested-with
POST H2	200	serve Show response api.mediaad.org/v1/bia2game.com/	3 KB 1 KB	192ms 192ms	XHR application/json	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/bia2game.com/serve?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash 5ce1076ce9bcb2a0a9017533616faee84242ca254b90b6f84a77e32b2fbf0763 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE content-type application/json access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
GET H2	200	loaded Show response api.mediaad.org/v1/events/bia2game.com/page/	0 299 B	331ms 110ms	XHR text/plain	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/bia2game.com/page/loaded?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT server nginx access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
POST H2	200	serve Show response api.mediaad.org/v1/bia2game.com/	3 KB 1 KB	155ms 154ms	XHR application/json	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/bia2game.com/serve?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash 433871e2ecfa512611424b58b175f875f58dd6adc95112f8c5b706f5156c689c Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sun, 11 Apr 2021 21:19:09 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE content-type application/json access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
OPTIONS H2	200	serve api.mediaad.org/v1/bia2game.com/ Frame	0 0	177ms 109ms	Preflight	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/bia2game.com/serve?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Protocol H2 Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://bia2game.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 11 Apr 2021 21:19:09 GMT content-length 0 access-control-allow-origin https://bia2game.com access-control-allow-credentials true access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers x-requested-with
GET H2	200	loaded Show response api.mediaad.org/v1/events/bia2game.com/page/	0 298 B	178ms 111ms	XHR text/plain	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/bia2game.com/page/loaded?fid=00814a99-4521-4d1e-b8d4-91aa53846edc Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT server nginx access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
GET H2	200	mediaad_banner_logo_collapsed.jpg s1.mediaad.org/static/	8 KB 9 KB	15ms 14ms	Image image/jpeg	2606:4700:e4::ac40:a510 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s1.mediaad.org/static/mediaad_banner_logo_collapsed.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a510 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ef4acfe3384902966ae68dab97073b3d0c6a0f1442d65a245b776d78cce93db Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 41870 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8460 cf-request-id 096466945700000746be1b1000000001 last-modified Wed, 07 Apr 2021 07:47:18 GMT server cloudflare etag "606d6386-210c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CvxIo5TOT%2FGsFkHNfsxs%2BLqDNnfpHO80rtt7IVw%2BH1B9zKMW5euk9W27hJ3JoctFHlN%2B8Zdk6G9%2Bc5hKsXTt2DbQh4ORI9GmBVk2%2B6gKz1fkrPG%2B2m25wiRSVQ%3D%3D"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 63e74066e8210746-FRA expires Sun, 18 Apr 2021 09:41:19 GMT
GET H2	200	mediaad_banner_logo_expanded.jpg s1.mediaad.org/static/	5 KB 5 KB	11ms 10ms	Image image/jpeg	2606:4700:e4::ac40:a510 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s1.mediaad.org/static/mediaad_banner_logo_expanded.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a510 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d125eaf1978d6083b41a0c38692d59efebfa5b5b979c729e349f7f6a1639404f Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 41870 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4872 cf-request-id 096466945500000746a4a93000000001 last-modified Wed, 07 Apr 2021 07:47:18 GMT server cloudflare etag "606d6386-1308" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=21L2iOtLdJRHLsj4DmNj6mzIeMhVy8%2F1oP%2FijDWNKTu5KJjfkACZYVf4fVg4P6yDRcRtoNaDvWnNPhduiVzRC7ZcMX1PqN%2BHX05eLDlkLlJzuKwik2iUJpI%2FwA%3D%3D"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 63e74066e8220746-FRA expires Sun, 18 Apr 2021 09:41:19 GMT
GET H2	200	1618080590372_120x600.gif mediacdn.mediaad.org/4/10/image/	23 KB 23 KB	226ms 226ms	Image image/gif	185.191.77.170 IR-AVABARID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mediacdn.mediaad.org/4/10/image/1618080590372_120x600.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.191.77.170 , Iran, Islamic Republic Of, ASN51431 (IR-AVABARID-AS, IR), Reverse DNS Software nginx/1.17.6 / Resource Hash 438de653d09fb3a55d2d833314a83b26f9ae44cfc8a4bc489b36cce43105964a Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT last-modified Sat, 10 Apr 2021 18:49:38 GMT server nginx/1.17.6 etag "6071f342-5bf4" x-cache-status HIT content-type image/gif access-control-allow-origin * cache-control max-age=86400, public accept-ranges bytes content-length 23540 expires Mon, 12 Apr 2021 21:19:09 GMT
POST H2	200	verify Show response api.mediaad.org/v1/events/	0 298 B	110ms 109ms	XHR text/plain	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/verify Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sun, 11 Apr 2021 21:19:10 GMT server nginx access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
OPTIONS H2	200	verify api.mediaad.org/v1/events/ Frame	0 0	111ms 111ms	Preflight	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/verify Protocol H2 Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://bia2game.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 11 Apr 2021 21:19:09 GMT content-length 0 access-control-allow-origin https://bia2game.com access-control-allow-credentials true access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers x-requested-with
GET H2	200	mediaad_banner_logo_collapsed.jpg s1.mediaad.org/static/	8 KB 9 KB	12ms 11ms	Image image/jpeg	2606:4700:e4::ac40:a510 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s1.mediaad.org/static/mediaad_banner_logo_collapsed.jpg Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a510 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ef4acfe3384902966ae68dab97073b3d0c6a0f1442d65a245b776d78cce93db Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 41870 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8460 cf-request-id 096466947c0000074624a13000000001 last-modified Wed, 07 Apr 2021 07:47:18 GMT server cloudflare etag "606d6386-210c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L8X%2FWeWkNz6CDv%2F%2FRt1CG57wmyO8TCQDu0ArZv2AAWr9r7por2mHlNTU4phSUpSnK0V08r02aiwhDjObF5ujEQervzhm4nLUt56PN%2BaU57RpDCBZwlYTFpdivw%3D%3D"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 63e7406728870746-FRA expires Sun, 18 Apr 2021 09:41:19 GMT
GET H2	200	mediaad_banner_logo_expanded.jpg s1.mediaad.org/static/	5 KB 5 KB	12ms 11ms	Image image/jpeg	2606:4700:e4::ac40:a510 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s1.mediaad.org/static/mediaad_banner_logo_expanded.jpg Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a510 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d125eaf1978d6083b41a0c38692d59efebfa5b5b979c729e349f7f6a1639404f Request headers Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:09 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 41870 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4872 cf-request-id 096466947d000007460a0e8000000001 last-modified Wed, 07 Apr 2021 07:47:18 GMT server cloudflare etag "606d6386-1308" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hIVTiP75Qoryy6XxMVNliDBMxhzOyFJR1YKiDX7pWEixpjvdyoj7sK7Sgge8J0%2FOvo%2FauFE3A4cxM1k1%2FXBP08LXJ8h9C5bDrsr7le6x6FJQ%2F3%2FwR%2F5cYezJlQ%3D%3D"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 63e7406728890746-FRA expires Sun, 18 Apr 2021 09:41:19 GMT
POST H2	200	verify Show response api.mediaad.org/v1/events/	0 298 B	110ms 109ms	XHR text/plain	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/verify Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sun, 11 Apr 2021 21:19:10 GMT server nginx access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0
OPTIONS H2	200	verify api.mediaad.org/v1/events/ Frame	0 0	109ms 109ms	Preflight	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/verify Protocol H2 Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://bia2game.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 11 Apr 2021 21:19:10 GMT content-length 0 access-control-allow-origin https://bia2game.com access-control-allow-credentials true access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers x-requested-with
GET H2	200	10 Show response api.mediaad.org/v1/events/session/	0 298 B	109ms 108ms	XHR text/plain	45.94.254.30 SINDAD
General Check archive.org Show headers Download Go to Full URL https://api.mediaad.org/v1/events/session/10 Requested by Host: s1.mediaad.org URL: https://s1.mediaad.org/serve/bia2game.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.94.254.30 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR), Reverse DNS host.sindad.org Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/plain, */* Referer https://bia2game.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 21:19:19 GMT server nginx access-control-allow-methods POST, GET, PUT, OPTIONS, DELETE access-control-allow-origin https://bia2game.com access-control-expose-headers x-requested-with access-control-allow-credentials true access-control-allow-headers x-auth-token, x-requested-with, content-type, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token content-length 0

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| head object| script string| sabaVisionWebsiteID string| sabaVisionWebsitePage object| _0x9cae function| _0xe9ca object| SabavisionElement undefined| lightBoxAd undefined| scrollBoxAd undefined| mobileAd number| contentWidth number| screenHeight number| screenWidth object| unSeenAdsPosition boolean| notifiedScrollAd boolean| notifiedLightBoxAd boolean| notifiedMobileAd undefined| resizeTimeout object| totalAds string| baseUrl string| closeImage boolean| initialized number| logoRatio number| smallLogoRatio undefined| _DoxAdData boolean| _DoxSeenTopAds function| compareTop function| closeLightBox function| closeAd function| closeMobileAd function| closeScrollBox function| fillTheFrame function| getLogoSize function| getOffsetTop object| Dox object| JSON2 function| Cookies function| ajax string| doxVersion string| script_address object| now object| __SENTRY__ boolean| mediaadLoaderScriptLoaded function| loadAd object| yn_product_map function| docReady object| ynBnrResponseIds function| ynBnrImgOnLoad object| ynBnrSentErrors function| ynBnrImgOnError object| bnr_content object| ynBnrPositions

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mediaad.org/	1970-01-19 17:29:37	Name: __cf_bm Value: aa79f5bd76270c33f56da92ffbcea064730c9dab-1618175948-1800-AUNQJLEca1V/78SjCDFhVOVfFKqmgwixHh5h2OvevVQjMXzNjZFf6UXCKzbKDHeZPcjKFfMjO0oI6oRXjkHSsMU=
			bia2game.com/	1969-12-31 23:59:59	Name: MEDIAAD_USER_ID Value: 00814a99-4521-4d1e-b8d4-91aa53846edc
			bia2game.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8833e82915a0bc2f77cbb60204aaed29

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mediacdn.mediaad.org/static/fingerprint.html(Line 70) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.mediaad.org
bfetch.yektanet.com
bia2game.com
cdn.yektanet.com
ma-cdn.pegah.tech
mediacdn.mediaad.org
mitrarank.ir
mostatil.yektanet.com
plus.sabavision.com
s1.mediaad.org
172.67.174.163
185.120.221.254
185.147.178.24
185.191.77.170
2606:4700:3030::6815:99d
2606:4700:3035::6815:111e
2606:4700:e4::ac40:a510
2a00:1450:4001:810::200a
45.94.254.30
13be3e8c88251ebde4edd3199bbc0ee009b864217152ad41e68f4cf10a56a7de
1b42c0f4105a0edce338f6b660a45c948db23396c6610cf9ddd114e04365236d
1ef4acfe3384902966ae68dab97073b3d0c6a0f1442d65a245b776d78cce93db
21acb4e1d5517a8fc848a86803cc1317b1eee7b711aec8e0d63326bed31964b5
433871e2ecfa512611424b58b175f875f58dd6adc95112f8c5b706f5156c689c
438de653d09fb3a55d2d833314a83b26f9ae44cfc8a4bc489b36cce43105964a
4462c735615a8ffa0defd546fe619e6afb6f540c7205f3f0ae6c51bdba25fbd8
45c46258fdd65146e7ddbc67aaeed8e1f2568c1543107aebd192ec44c3d4a04e
54f1c5d73e546f3f2429f11da98c980a4db69cfbff6f3054ab934a87485d2fcb
5ce1076ce9bcb2a0a9017533616faee84242ca254b90b6f84a77e32b2fbf0763
62f9cc94ffc6d5a995d9da3c17013fde4e57f439cb89749b4ee46c75d97316de
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6e05d50be27c33907979dffc7192494e0efe7bf84712a1f1ef04d0707a5dce6b
720ac976fdac9cf0c6ffc19f4f45d02bf2fa8e42840cc11f7e309d697eb0bc78
7a4e05d7ec20674edfee5e4a21b4d9781f3c7b165cf905015d69c137f632650d
8728d0c2254d0c528e66deb76651e38ccb17113eb5fd131c86512bcaa5d78fe7
abac477a32ee27ff43fa80376ad10ccbd5dbffb428d738c18c5076404a3db699
b7fb5e5a9e766501d64cbd640f90266d157ab4bec38de5b263004491dbdc83a5
cace651e975af7bac1f1fe41d3b3807db31d317c1f5bc688174114f751e0c257
d125eaf1978d6083b41a0c38692d59efebfa5b5b979c729e349f7f6a1639404f
d5ef4bcc1f501f0ec4c40b3f1fb5569786efc7e7639656b46f1e71d039e0d324
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855