Overview

URL kuzogaxawhyc.mihanblog.com/
IP5.144.133.146
ASNAS59441 Noavaran Shabakeh Sabz Mehregan
Location Iran, Islamic Republic of
Report completed2018-01-16 22:17:04 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-01-16 2 click.sabavision.com/get_camp.php?id=2152,2151,2150,2149 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.144.133.146

Date UQ / IDS / BL URL IP
2018-12-12 01:15:42 +0100
0 - 0 - 1 www.eghtesad-84.mihanblog.com/ 5.144.133.146
2018-12-11 10:34:14 +0100
0 - 0 - 1 www.pichakeentezar.mihanblog.com/ 5.144.133.146
2018-12-11 08:52:30 +0100
0 - 0 - 1 www.bhgroup.mihanblog.com/ 5.144.133.146
2018-12-10 21:47:24 +0100
0 - 0 - 1 dargazfootball.ir/page/4 5.144.133.146
2018-12-10 19:11:59 +0100
0 - 0 - 1 mozik1.ir/ 5.144.133.146
2018-12-10 18:27:04 +0100
0 - 0 - 3 model-irani.mihanblog.com/post/100 5.144.133.146
2018-12-10 14:16:45 +0100
0 - 0 - 3 model-irani.mihanblog.com/post/142 5.144.133.146
2018-12-09 02:39:28 +0100
0 - 0 - 1 www.azadehamini.mihanblog.com/ 5.144.133.146
2018-12-06 08:26:32 +0100
0 - 0 - 1 u-electronic.mihanblog.com/ 5.144.133.146
2018-12-05 00:38:39 +0100
0 - 0 - 2 rezasattari.mihanblog.ir/ 5.144.133.146

Last 10 reports on ASN: AS59441 Noavaran Shabakeh Sabz Mehregan

Date UQ / IDS / BL URL IP
2018-12-12 01:15:42 +0100
0 - 0 - 1 www.eghtesad-84.mihanblog.com/ 5.144.133.146
2018-12-11 20:53:59 +0100
0 - 0 - 0 www.p30download.com 5.144.130.116
2018-12-11 10:34:14 +0100
0 - 0 - 1 www.pichakeentezar.mihanblog.com/ 5.144.133.146
2018-12-11 08:52:30 +0100
0 - 0 - 1 www.bhgroup.mihanblog.com/ 5.144.133.146
2018-12-10 21:47:24 +0100
0 - 0 - 1 dargazfootball.ir/page/4 5.144.133.146
2018-12-10 19:11:59 +0100
0 - 0 - 1 mozik1.ir/ 5.144.133.146
2018-12-10 18:27:04 +0100
0 - 0 - 3 model-irani.mihanblog.com/post/100 5.144.133.146
2018-12-10 14:16:45 +0100
0 - 0 - 3 model-irani.mihanblog.com/post/142 5.144.133.146
2018-12-09 02:39:28 +0100
0 - 0 - 1 www.azadehamini.mihanblog.com/ 5.144.133.146
2018-12-08 18:54:26 +0100
0 - 0 - 1 biomesbah.com/c.exe 5.144.130.40

No other reports on domain: mihanblog.com



JavaScript

Executed Scripts (59)


Executed Evals (2)

#1 JavaScript::Eval (size: 3204, repeated: 1) - SHA256: 14eea6a9677643a672ad6b4bee9ead62e876283dc8f7b992c938de8d22ec71de

                                        function showMihanBlogSmileBox(textarea_id) {
    if (document.getElementById('MihanBlogSmiles_' + textarea_id).style.display == 'inline') {
        document.getElementById('MihanBlogSmiles_' + textarea_id).style.display = 'none'
    } else {
        document.getElementById('MihanBlogSmiles_' + textarea_id).style.display = 'inline'
    }
}

function MihanBlogShowSmile(value, textarea_id) {
    if (value.length > 10) {
        return
    }
    var bodyString = document.getElementById(textarea_id).value;
    document.getElementById(textarea_id).tempValue = bodyString.substring(0, mihanBlog_commentBody_cursorPos) + '[' + value + ']' + bodyString.substring(mihanBlog_commentBody_cursorPos);
    document.getElementById(textarea_id).value = document.getElementById(textarea_id).tempValue;
    showMihanBlogSmileBox(textarea_id)
}

function Set_Cookie(name, value, expires, path, domain, secure) {
    var today = new Date();
    today.setTime(today.getTime());
    if (expires) {
        expires = expires * 1000 * 60 * 60 * 24 * 30
    }
    var expires_date = new Date(today.getTime() + (expires));
    document.cookie = name + "=" + escape(value) + ((expires) ? ";expires=" + expires_date.toGMTString() : "") + ((path) ? ";path=" + path : "") + ((domain) ? ";domain=" + domain : "") + ((secure) ? ";secure" : "")
}

function Get_Cookie(check_name) {
    var a_all_cookies = document.cookie.split(';');
    var a_temp_cookie = '';
    var cookie_name = '';
    var cookie_value = '';
    var b_cookie_found = false;
    for (i = 0; i < a_all_cookies.length; i++) {
        a_temp_cookie = a_all_cookies[i].split('=');
        cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
        if (cookie_name == check_name) {
            b_cookie_found = true;
            if (a_temp_cookie.length > 1) {
                cookie_value = unescape(a_temp_cookie[1].replace(/^\s+|\s+$/g, ''))
            }
            return cookie_value;
            break
        }
        a_temp_cookie = null;
        cookie_name = ''
    }
    if (!b_cookie_found) {
        return null
    }
}

function Delete_Cookie(name, path, domain) {
    if (Get_Cookie(name)) document.cookie = name + "=" + ((path) ? ";path=" + path : "") + ((domain) ? ";domain=" + domain : "") + ";expires=Thu, 01-Jan-1970 00:00:01 GMT"
}

function c_textBox_blockSpam(id) {
    el = document.getElementById(id);
    var focusFunc = el.onfocus;
    var blurFunc = el.onblur;
    var onkeydownFunc = el.onkeydown;
    var onkeyupFunc = el.onkeyup;
    el.onfocus = function(el) {
        c_textBox_focusEl(this, focusFunc)
    };
    el.onblur = function(el) {
        c_textBox_restoreData(this, true, blurFunc)
    };
    el.onkeydown = function(event, el) {
        return c_textBox_noCopyKey(event, this, onkeydownFunc)
    };
    el.onkeyup = function(el) {
        c_textBox_saveData(this, onkeyupFunc)
    };
    el.oncontextmenu = function(el) {
        return false
    };
    el.value = '';
    el.tempValue = '';
    el.focusNum = 0;
    el.blurNum = 0;
    el.focus();
    setTimeout(function() {
        el.blur()
    }, 200)
}

function c_textBox_noCopyKey(e, el, otherFunc) {
    if (otherFunc) {
        otherFunc()
    }
    var key;
    var isCtrl;
    if (window.event) {
        key = window.event.keyCode;
        isCtrl = window.event.ctrlKey;
        isShift = window.event.shiftKey
    } else {
        key = e.which;
        isCtrl = e.ctrlKey;
        isShift = e.shiftKey
    }
    if ((isCtrl && key == 86) || (isShift && key == 45)) {
        return false
    }
    return true
}

function c_textBox_saveData(el, otherFunc) {
    if (otherFunc) {
        otherFunc()
    }
    el.tempValue = el.value
}

function c_textBox_focusEl(el, otherFunc) {
    if (otherFunc && el.focusNum) {
        otherFunc()
    }
    el.focusNum = 1;
    el.focusVar = true;
    setTimeout(function() {
        el.value = el.tempValue
    }, 200)
}

function c_textBox_restoreData(el, type, otherFunc) {
    if (type) {
        if (otherFunc && el.blurNum) {
            otherFunc()
        }
        el.blurNum = 1;
        el.focusVar = false
    }
    if (!el.focusVar) {
        el.value = el.tempValue;
        setTimeout(function() {
            c_textBox_restoreData(el, false, otherFunc)
        }, 200)
    }
}
                                    

#2 JavaScript::Eval (size: 1430, repeated: 1) - SHA256: c3a80419ab1a11ea2e230f2c09fa63da16c2b8f27bff6802d80b43c179840e5b

                                        var sabavisionisMobile = navigator.userAgent.match(/(iPhone|iPod|iPad|Android|BlackBerry|Mobile)/);
var touch = function() {
    try {
        document.createEvent("TouchEvent");
        return true
    } catch (e) {
        return false
    }
};
var orientationChange = (('onorientationchange' in window)),
    touchEvents = ('ontouchstart' in window) || (window.DocumentTouch && document instanceof DocumentTouch) || touch();
var sabavisioniSmobileFlag = (Math.floor((Math.random() * 100) + 1)) * 2;
if (sabavisionisMobile || orientationChange || touchEvents) {
    sabavisioniSmobileFlag += 1
}

function createCookie(name, value, hours) {
    if (hours) {
        var date = new Date();
        date.setTime(date.getTime() + (hours * 60 * 60 * 1000));
        var expires = "; expires=" + date.toGMTString()
    } else var expires = "";
    document.cookie = name + "=" + value + expires + "; path=/"
}

function readCookie(name) {
    var nameEQ = name + "=";
    var ca = document.cookie.split(';');
    for (var i = 0; i < ca.length; i++) {
        var c = ca[i];
        while (c.charAt(0) == ' ') c = c.substring(1, c.length);
        if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length)
    }
    return null
}

function makeGetVar(param, val) {
    if (val) {
        url += "&" + param + "=" + val
    }
};

function encodeuri(b) {
    if (typeof encodeURIComponent == "function") {
        return encodeURIComponent(b)
    } else {
        return escape(b)
    }
};
var varloc = '';
if (((window.location.host).indexOf("sabavision.com")) > 0 || ((window.location.host).indexOf("akairan.com")) > 0) {
    varloc = encodeuri(document.location).split('%23')[0]
} else {
    try {
        varloc = encodeuri(window.parent.location.href).split('%23')[0]
    } catch (e) {
        varloc = ''
    }
};
                                    

Executed Writes (17)

#1 JavaScript::Write (size: 23, repeated: 1) - SHA256: f2578eed52dd20369a07018c9fdb058d0515f92f5ba92ab7ba3ce2182721be18

                                        , E9G 22 '1/�(G4* 1396
                                    

#2 JavaScript::Write (size: 1, repeated: 12) - SHA256: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

                                        0
                                    

#3 JavaScript::Write (size: 3, repeated: 1) - SHA256: 5ef6fdf32513aa7cd11f72beccf132b9224d33f271471fff402742887a171edf

                                        104
                                    

#4 JavaScript::Write (size: 3, repeated: 1) - SHA256: a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3

                                        123
                                    

#5 JavaScript::Write (size: 2, repeated: 1) - SHA256: f5ca38f748a1d6eaf726b8a42fb575c3c71f1864a8143301782de13da2d9202b

                                        20
                                    

#6 JavaScript::Write (size: 2, repeated: 1) - SHA256: 535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790

                                        23
                                    

#7 JavaScript::Write (size: 2, repeated: 1) - SHA256: c2356069e9d1e79ca924378153cfbbfb4d4416b1f99d41a2940bfdb66c5319db

                                        24
                                    

#8 JavaScript::Write (size: 4, repeated: 1) - SHA256: f6142d191a2f19d20f07ba7ede424003d67a0f5987a99d150e65d93eaa44b1de

                                        2592
                                    

#9 JavaScript::Write (size: 5, repeated: 1) - SHA256: 5811612fa5b8bab0d49ab98690bb46348252a0a8ce5cb9a45e4531151fa48628

                                        27798
                                    

#10 JavaScript::Write (size: 1, repeated: 1) - SHA256: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

                                        3
                                    

#11 JavaScript::Write (size: 4, repeated: 1) - SHA256: 52d77984d95c7488ca0352141692368c1a2e1cc2fcd54dac736c6d77aa6dd46f

                                        3588
                                    

#12 JavaScript::Write (size: 2, repeated: 1) - SHA256: 7a61b53701befdae0eeeffaecc73f14e20b537bb0f8b91ad7c2936dc63562b25

                                        37
                                    

#13 JavaScript::Write (size: 67, repeated: 1) - SHA256: 00053de11dd9d2ab0ff8d8a3a04e9e58b82e7d34158a72f7de25a18464b02396

                                        < div style = "width:0px; height:0px;"
id = "sabavisionbody64716" > < /div>
                                    

#14 JavaScript::Write (size: 67, repeated: 1) - SHA256: 5837d2363f56e75787e621cc05ccd0e5fadfabe194bdec40e9411f36336c7515

                                        < div style = "width:0px; height:0px;"
id = "sabavisionbody75442" > < /div>
                                    

#15 JavaScript::Write (size: 829, repeated: 1) - SHA256: 14de10c2fe24b8f6607a3ec8c5fea4757d8dd40210a3383f89cb55b6c733d229

                                        < iframe frameborder = "0"
allowfullscreen name = "clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a"
id = "clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a"
width = "120"
height = "240"
frameborder = 0 src = "http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowFullScreen = "true"
webkitallowfullscreen = "true"
mozallowfullscreen = "true" > < /iframe>
                                    

#16 JavaScript::Write (size: 23, repeated: 1) - SHA256: d2562f1fefd5c88dd124120eefbc08cbd51fe5143dfe3920bf7990229a527e04

                                        �
G '14F(G 27 /� 1396
                                    

#17 JavaScript::Write (size: 31, repeated: 1) - SHA256: b889b99e32b249350f0cac248fbb9efdea736aadffe97b97aa515be7f4b4c098

                                        �
G '14F(G 27 /� 1396 (00:50)
                                    


HTTP Transactions (57)


Request Response
                                        
                                            GET //public/scripts/run/g.other.v3.js HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 2370
Last-Modified: Sun, 22 Sep 2013 12:09:51 GMT
Etag: "523ede0f-942"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   2370
Md5:    4cc5f2c75356a8ada1b14b226b723f63
Sha1:   7ec249fb587ed5870525464d8ad8942b9373698c
Sha256: 9c7e6c2ebd2ac2b10978a8627e31d1cd287aa43f19e5a8233b018103dad507d2
                                        
                                            GET //public/images/publish/advert_close.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 281
Last-Modified: Wed, 27 Apr 2011 10:52:17 GMT
Etag: "4db7f561-119"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 8 x 8
Size:   281
Md5:    6db25f1545b6179dd2892b5463fdbacd
Sha1:   c9c25c12188352960803c3fe2da938fadef9e46a
Sha256: 841a15c57af7f10aa34f4c309392f2d902218d4a9031c44d3a4c63af7389e05d
                                        
                                            GET / HTTP/1.1 
Host: kuzogaxawhyc.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:04 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, must-revalidate
Set-Cookie: kuzogaxawhyc_ads_cnt=1; expires=Wed, 17-Jan-2018 21:23:04 GMT; Max-Age=86400 mib_lb_id=m0; path=/; domain=.mihanblog.com
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Toofun/1.0.1


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26214
Md5:    4e93cc22b52d36775a8cc4ed6b667e8f
Sha1:   123ebf6ab341d2f15a5fb69646483d3a0f033b77
Sha256: 363379c48a583de92c49883086727699ee9d6ba9ae9f34f8c4697fb7ed74bd74
                                        
                                            GET /ejL63ZO.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:44 GMT
Etag: "7cc4c7bfe2da9d92deaacefd70898aae"
Fastly-Debug-Digest: 0214f18c54269a15fb8c8e3d33b030506eb8126b324df339f596af38816ade43
Cache-Control: public, max-age=31536000
Content-Length: 8649
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 5988916
Connection: keep-alive
X-Served-By: cache-iad2149-IAD, cache-ams4442-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.720995,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x113
Size:   8649
Md5:    7cc4c7bfe2da9d92deaacefd70898aae
Sha1:   f8e74e85f3d220f4958d7ef9a8c402eba73c3d63
Sha256: 48feca67106d33d56365094db4733f8e497ec13734db71dd626dc161b64c00f9
                                        
                                            GET /lI4ST6e.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:50 GMT
Etag: "ab09c2d100999fcaeb484ee00cc4aae5"
Fastly-Debug-Digest: 65d353aa5442145a27f0235860c4abd6553c10c4e48f7c1596026fc8d598fbfe
Cache-Control: public, max-age=31536000
Content-Length: 4708
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 3144498
Connection: keep-alive
X-Served-By: cache-iad2148-IAD, cache-ams4424-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.721260,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x194
Size:   4708
Md5:    ab09c2d100999fcaeb484ee00cc4aae5
Sha1:   8e86ef2e679d808bb895fff2fe3fed75c26e8c1e
Sha256: cf544a8cc4963d3348fd4df4c7239336dbef0a774d772e41195b22c641da26fa
                                        
                                            GET /cy0NeFi.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:01 GMT
Etag: "ced66b50dfa682a0a62926633bbe89b9"
Fastly-Debug-Digest: c8dc04afa7629327a2b405f2115f01b1a16ee2123e0700a34c23f3bfb119a233
Cache-Control: public, max-age=31536000
Content-Length: 5996
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 10130235
Connection: keep-alive
X-Served-By: cache-iad2149-IAD, cache-ams4439-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.721940,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x225
Size:   5996
Md5:    ced66b50dfa682a0a62926633bbe89b9
Sha1:   0a7a3765ab247baf758b8c8f26e797bbd641fd44
Sha256: 2e2e41e8bdf01c93a5bc2e8c0b7fc2e21177870dde47eab07fb6d97b705a5ac4
                                        
                                            GET /y1SHyFe.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:33 GMT
Etag: "a026578a41e9b939b615b5a64956cafb"
Fastly-Debug-Digest: c704d6aa42030b6160dc1d785cca5b70c9ac1f0947d2736ba653039614fa6d20
Cache-Control: public, max-age=31536000
Content-Length: 7864
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 3146891
Connection: keep-alive
X-Served-By: cache-iad2142-IAD, cache-ams4148-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.723256,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x102
Size:   7864
Md5:    a026578a41e9b939b615b5a64956cafb
Sha1:   dc929f5deb3c9ce4cafe755231e5b94b4ec168cc
Sha256: 7c56efaea28107dd643707cf4de17c292f8c1d8c5bc114d463ba17e860f6dae7
                                        
                                            GET /4J0pu1d.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:47 GMT
Etag: "8dd752c12e36bb0a96cfa06fbc666992"
Fastly-Debug-Digest: fab550974c5d151b46d678f5ad4658eec4ac33e1b49a2ea08094542e78c85fbf
Cache-Control: public, max-age=31536000
Content-Length: 7287
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 3063227
Connection: keep-alive
X-Served-By: cache-iad2122-IAD, cache-ams4144-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.722453,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x179
Size:   7287
Md5:    8dd752c12e36bb0a96cfa06fbc666992
Sha1:   2dbf6588a0ae5e5f5ade0b6b01998fd2a0c0bf47
Sha256: 25014a36bfc45239154a102b08eeb6dfc420caa2172b437ed7a0456e8600f389
                                        
                                            GET /QUONoYH.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:16 GMT
Etag: "566b4759ef3bceafac6cdcf24c31a466"
Fastly-Debug-Digest: 8f2670468b19bf9db37a509d3044735b65056c7c19adf82c5e53f28c52911275
Cache-Control: public, max-age=31536000
Content-Length: 7045
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 3144871
Connection: keep-alive
X-Served-By: cache-iad2150-IAD, cache-ams4139-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.730087,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   7045
Md5:    566b4759ef3bceafac6cdcf24c31a466
Sha1:   21103b02bd6575ebf10eae3181d31c48ddf5837e
Sha256: 514c7a6d8235b77a5385c521f82a9b0b3ddcf50500b9a4d43e9229964f0e045c
                                        
                                            GET /MnJ60Dx.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:41 GMT
Etag: "8c633aca4e3a805cc682ddbfd063ebe1"
Fastly-Debug-Digest: b7c886539f4f460c483f9daf79851d82257ee77b92f364be38cc3fcfd5125b59
Cache-Control: public, max-age=31536000
Content-Length: 9246
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 10494076
Connection: keep-alive
X-Served-By: cache-iad2150-IAD, cache-ams4424-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.757035,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x144
Size:   9246
Md5:    8c633aca4e3a805cc682ddbfd063ebe1
Sha1:   49bd805d5e6e32fc1780065a806ca19ea7fefc01
Sha256: 8187667e675c7c678bba9e66a432f81a2374d2f75c307f0d2f8fde5cf7ffc354
                                        
                                            GET /WArZ22c.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:05 GMT
Etag: "bb5bd60b63254dbea2a9936580a106a4"
Fastly-Debug-Digest: 72922864b5b25ca14a362f819990afc0784809a0203d64af5320652646513848
Cache-Control: public, max-age=31536000
Content-Length: 8217
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 11103197
Connection: keep-alive
X-Served-By: cache-iad2135-IAD, cache-ams4442-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.751177,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  PNG image, 221 x 60, 8-bit/color RGBA, non-interlaced
Size:   8217
Md5:    bb5bd60b63254dbea2a9936580a106a4
Sha1:   1caa280afd81e6529924adcde730646f8ecaebce
Sha256: 414090f6453ff9cbc26657c5858b1091e913e1467ce4270ba25766bde1dabeb6
                                        
                                            GET /uzyRrvs.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:25 GMT
Etag: "f0e87760fc77aef21a154b48fa442ef6"
Fastly-Debug-Digest: 6d8dd2128e7451cb67eae92ed03bf07c1ccef9a2abb66134436e2087aa748455
Cache-Control: public, max-age=31536000
Content-Length: 8138
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 1018527
Connection: keep-alive
X-Served-By: cache-iad2144-IAD, cache-ams4439-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.761195,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x186
Size:   8138
Md5:    f0e87760fc77aef21a154b48fa442ef6
Sha1:   f016438ba83e8017d31ac90605997a14a5d042e1
Sha256: df3ef509fbb54a0ed0fc9b62ebe050e6b4554d2ea4a4bde4158729b22b2371fc
                                        
                                            GET /788yd1b.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:38 GMT
Etag: "e95433aacd69661da7940d0c5b690f3d"
Fastly-Debug-Digest: 6a8c3041dcca58c25446156ac713cc7cc00b695cba4ecf68882cfde1998c5e48
Cache-Control: public, max-age=31536000
Content-Length: 5638
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 7808741
Connection: keep-alive
X-Served-By: cache-iad2146-IAD, cache-ams4148-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.761728,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x130
Size:   5638
Md5:    e95433aacd69661da7940d0c5b690f3d
Sha1:   67964f95afc2f76a7410780cf5b9e5f9b9a1c8c7
Sha256: d8a4012490d251408d2ccc3cc90f7dcf708e147a2266f3b78192ccfde8916e34
                                        
                                            GET /5ONZuod.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:55 GMT
Etag: "6b5aebd2f15e32123d1f717ff7d267bb"
Fastly-Debug-Digest: 0019bd30c60159283214cf3f0917d46dabba06ce5ba04706774a755c4d7a96b0
Cache-Control: public, max-age=31536000
Content-Length: 8030
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 2801578
Connection: keep-alive
X-Served-By: cache-iad2131-IAD, cache-ams4144-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.762515,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x216
Size:   8030
Md5:    6b5aebd2f15e32123d1f717ff7d267bb
Sha1:   738c7e6bae1864675a7c9712058d37ad2673e4aa
Sha256: 321fea37676c9bd75f91471a563faffd5b868bb45d6a5ba2aa749f123cf08409
                                        
                                            GET /WVq6kUp.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:03:22 GMT
Etag: "c1268eda3a164137e49acc6d57865e85"
Fastly-Debug-Digest: 733f68d26f841fe5263307b08ff6b87005d294f086a73004bb7b0f815c134713
Cache-Control: public, max-age=31536000
Content-Length: 8558
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:05 GMT
Age: 2890799
Connection: keep-alive
X-Served-By: cache-iad2126-IAD, cache-ams4139-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 362
X-Timer: S1516137786.762727,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   8558
Md5:    c1268eda3a164137e49acc6d57865e85
Sha1:   43468e2603d0403296973a374ef0a0379b5f8f9e
Sha256: f22addd5eb96f670a661283d2e430964499ee70b19ae71659c8b1e151ac41fad
                                        
                                            GET /showads.php?posid=42 HTTP/1.1 
Host: mihan.ads.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Server: nginx
X-Upstream-CT: 0.088
X-Upstream-HT: 0.180
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  HTML document text
Size:   2886
Md5:    783de764901a778bc8d6c4407117b1b4
Sha1:   1ae2422cf6e5697abe3404a32bfaa6c401424bba
Sha256: 9fb64774300301acf9f80adc3a6317b6e2418056bcf5999115e72db5890fc8fe
                                        
                                            GET /showads.php?posid=229 HTTP/1.1 
Host: mihan.ads.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Server: nginx
X-Upstream-CT: 0.089
X-Upstream-HT: 0.180
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  HTML document text
Size:   3190
Md5:    aa485d8963a331ab0577a6c88ff9589f
Sha1:   e1d8fc3dac13427c60923098341f4a77ed0b9942
Sha256: a1b8bec649a120196b1af736da4ce28cc66414ec1cb6de838f08bd4d5be3ac8a
                                        
                                            GET /public/public/images/icon/100c.gif HTTP/1.1 
Host: www.cloob.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         185.147.176.29
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 1046
Last-Modified: Tue, 19 Jan 2010 07:02:46 GMT
Etag: "4b555916-416"
Expires: Thu, 15 Feb 2018 21:23:05 GMT
Cache-Control: max-age=2592000, private
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
X-Content-Options: nosniff
Accept-Ranges: bytes
Set-Cookie: clb_lb_id=s5; path=/; domain=.cloob.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   1046
Md5:    ea5c5f9ef3a713f82d2403dbf32a2749
Sha1:   597a12ce6d45a7c98635bdf5759361d32c277c32
Sha256: 09ed172c2bedaef7d340c322c268a83879ee8e85c7c37ce891a83d2f891df9b3
                                        
                                            GET /public/public/user_data/template/17/images/menu_bg_right.jpg HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 1421
Last-Modified: Wed, 27 Apr 2011 11:20:17 GMT
Etag: "4db7fbf1-58d"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1421
Md5:    6b780a97f47fb80305b0e160bc06f087
Sha1:   67991774609dd2c756ed45862839effabf95cc66
Sha256: fc290bbf0f4d873ed9ffbf7d3ec2c8c13e51186970a99f2a24285d1ed5ea5c4e
                                        
                                            GET /public/public/user_data/template/17/images/menu_left_bg.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 94
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-5e"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 35
Size:   94
Md5:    2d2d8a946d44fb6ca41025812bccd872
Sha1:   1a811b7427be50fcd03ad975dca43f96f9c79c3c
Sha256: 9a90909392c67b64f02c46e22966a0e61babad81c22c85d1bd8e8b8d8dfd8409
                                        
                                            GET /public/public/user_data/template/17/images/bg.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 1010
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-3f2"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 70 x 70
Size:   1010
Md5:    2606b70d66e7e4f88eb0924814fccb5f
Sha1:   ebbe46bf0de8a5f1981e849feb75d1358df6f53e
Sha256: 96c16aaed3a850d92d9b22b7aac945e9e0b9cc38b6c88d2a08a8ab80472b1d98
                                        
                                            GET /public/public/user_data/template/17/images/content_wrap_bg.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 916
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-394"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 781 x 3
Size:   916
Md5:    6a4793de888cea78cc9abff7156fc497
Sha1:   0acb68dc7f1cce08770e7bcf6ca3a26cb823c93e
Sha256: 21652d1ef5678e82a06f454a5726191a004167068c6ef46ac3c777487385aa85
                                        
                                            GET /public/public/user_data/template/17/images/search_button.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:05 GMT
Content-Length: 646
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-286"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 90 x 26
Size:   646
Md5:    c66c9b2fa8aab133f63839ddd14275f8
Sha1:   a9d441ac1b715af6752bcc43adf61e9306beb4f8
Sha256: ed940ae26f1f972b79117630ecbff8ddf8556ae1313f3668d91e786cc2d8341b
                                        
                                            GET /Kv9k4HI.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 09 Feb 2016 11:02:53 GMT
Etag: "8306b66e8dd1d592ff3dd230fef48cbd"
Fastly-Debug-Digest: 726b7d384dc4706d24f6e835cafc7b4f5389262d1505559cfc82200cbc60f888
Cache-Control: public, max-age=31536000
Content-Length: 6384
Accept-Ranges: bytes
Date: Tue, 16 Jan 2018 21:23:06 GMT
Age: 3061648
Connection: keep-alive
X-Served-By: cache-iad2140-IAD, cache-ams4424-AMS
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1516137786.199316,VS0,VE1
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 0, 4360x235
Size:   6384
Md5:    8306b66e8dd1d592ff3dd230fef48cbd
Sha1:   6cd503afdb53efb248f7e85ce77c267b0e45ba0f
Sha256: 0cc8355520175a8251760bbc03c07eb3788c7fc67595fe599acf25ca650a5080
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 16 Jan 2018 20:39:08 GMT
Expires: Tue, 16 Jan 2018 22:39:08 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17172
Age: 2638
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17172
Md5:    43adefe535269f3b75e0f229d0dba4d6
Sha1:   5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a
Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
                                        
                                            GET /public/public/user_data/template/17/images/bullet.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:06 GMT
Content-Length: 49
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-31"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 5
Size:   49
Md5:    cf1f19fa86f7b1d855066ef1546c49e8
Sha1:   25ce8113eafbf584cddb140d2076fe7ff60cc4ed
Sha256: 9f8167b0e97585da184cc3827596acd8a7614424febe1442adb0b74c0b9595c9
                                        
                                            GET /public/public/user_data/template/17/images/atom.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:06 GMT
Content-Length: 298
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-12a"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 15
Size:   298
Md5:    c0a8c36e65f52ef9957e7315c9b6941a
Sha1:   4d22c097688f02a11591d8033af1a508cc2011d6
Sha256: 9af8e8163556b45af04dfd62e4ab8a5c880fb5f23f796d647053a0e78e6a8f20
                                        
                                            GET /public/public/user_data/template/17/images/rss.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:06 GMT
Content-Length: 328
Last-Modified: Wed, 27 Apr 2011 11:20:16 GMT
Etag: "4db7fbf0-148"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 15
Size:   328
Md5:    bb224dfd80035a195fe22a54a01de7ff
Sha1:   637dcfb94a3a108b50a07c241d992ef88d9a1b25
Sha256: 74f6ea11faf233e43954e55398dc9e508fafc4ba6404d38a4533e1655f604ab4
                                        
                                            GET /public/public/images/logo/poweredby.gif HTTP/1.1 
Host: mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:06 GMT
Content-Length: 2774
Last-Modified: Wed, 27 Apr 2011 10:52:18 GMT
Etag: "4db7f562-ad6"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 86 x 131
Size:   2774
Md5:    56be1d96db75b04af21b12ad37885f2f
Sha1:   c00b3198b30f696010783f72b5953f516138d5d4
Sha256: e54578c8be717ff994e5d0206c426ff8e2da5ca68493c9d4184ed9317b3c6b9a
                                        
                                            GET /public/public/user_data/advert_banner/5/14254.gif?url=http://mihan.ads.sabavision.com/advert/program/visit/onlineid/278 HTTP/1.1 
Host: www.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=229
Cookie: sv_lb_id=m0

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:06 GMT
Content-Length: 3996
Last-Modified: Wed, 09 Nov 2016 13:38:24 GMT
Etag: "582326d0-f9c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Cache-Control: max-age=2592000
Server: nginx
Expires: Thu, 15 Feb 2018 21:23:06 GMT
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 40
Size:   3996
Md5:    5bd0fa3b9645391733f54e0303b75ad7
Sha1:   8375bb855ad12b79afdc8965a9fc7251e8d4ebf4
Sha256: 7affe6e89a29c94b2b0a0f7f2729ad8549abbd2217914a7c637bdaf1e6929f7a
                                        
                                            GET /p/9781583675755.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 09 Apr 2015 18:18:12 GMT
Expire: Tue, 23 Jan 2018 21:22:50 GMT
Cache-Control: public, max-age=604800
Content-Length: 19710
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   19710
Md5:    10532d126a6ba1f38b864163784aef30
Sha1:   98b764eded8c67c111d46338b699b2d7d7afe7f9
Sha256: 8c4f834ea41a1628e39c3c1ed34f88b388263f6999e6ed53eb9860c38e318261
                                        
                                            GET /p/9781496323293.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 02 Feb 2016 15:00:06 GMT
Expire: Fri, 19 Jan 2018 17:34:11 GMT
Cache-Control: public, max-age=604800
Content-Length: 21975
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   21975
Md5:    38effddb707ecc4cd42308e8a7adf9a9
Sha1:   36f62c4f3678066926e81a60b5c86d372425df0f
Sha256: ae451e8fa6ebf6fafe595c5e920a47c182c8ce729f9b3b24d0e10b7c498607fc
                                        
                                            GET /p/9781491927182.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 28 Oct 2016 19:39:08 GMT
Expire: Sat, 20 Jan 2018 18:33:44 GMT
Cache-Control: public, max-age=604800
Content-Length: 11130
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   11130
Md5:    7264c2b77853e84faa8b37778fcf511b
Sha1:   e9b202bcc14e7b519e25fa2ad0fa158a51c0e5ac
Sha256: dfd05e13232099e6d3c8b0a769a1bfce715e10aa0b69a2f09a41fd70ac3dd0df
                                        
                                            GET /p/9781844672134_p0_v2_s600.JPG HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Wed, 03 Jul 2013 01:29:47 GMT
Expire: Tue, 23 Jan 2018 21:22:24 GMT
Cache-Control: public, max-age=604800
Content-Length: 13091
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Handmade Software, Inc. Image A"
Size:   13091
Md5:    be4c4293689b73c2d1eb90e5f6280a40
Sha1:   60b70eb5219af62a6911b64272674db5a33cc9f4
Sha256: ff478040781a7a6e458c27dfb72cd20e1583845e31796b40643f58113709a5c4
                                        
                                            GET /p/9781455506774.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 30 May 2013 20:27:07 GMT
Expire: Sun, 21 Jan 2018 02:01:39 GMT
Cache-Control: public, max-age=604800
Content-Length: 26995
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   26995
Md5:    66924536d0e8e7fa6bb622d8c309c34c
Sha1:   f05dc86ecc6e3e44db95159853bb629589d6853d
Sha256: 43c88c1e7be93357b656e373c4e528040c513e56afd1a23cbc8c4cdfca098d0e
                                        
                                            GET /p/9781440344756.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 01 Apr 2016 12:16:10 GMT
Expire: Sun, 21 Jan 2018 08:18:30 GMT
Cache-Control: public, max-age=604800
Content-Length: 35806
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   35806
Md5:    d802746df61314c1da98046909c12874
Sha1:   0c8266c4b0cc8395a532b1cb72c3489b03024878
Sha256: 762ed82329ffe40261cf1cbcbfb523f1f45ae7bd2ddb6531df0edc49d8e150dc
                                        
                                            GET /p/9780008155858.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 01 Apr 2016 20:15:50 GMT
Expire: Tue, 23 Jan 2018 21:22:24 GMT
Cache-Control: public, max-age=604800
Content-Length: 33266
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   33266
Md5:    cb40d095ffbd7a8ee73d422bb0af9c74
Sha1:   c01a8cd21812280b365cc7eace8292352b43188e
Sha256: ffc03aa6fb5219a7e598981083a55c9d81ce0a89c4e363aa12cd63dd559d4e86
                                        
                                            GET /p/9780071835688.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 29 Jan 2015 03:03:25 GMT
Expire: Mon, 22 Jan 2018 14:34:43 GMT
Cache-Control: public, max-age=604800
Content-Length: 25709
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   25709
Md5:    56a042e8859747ae8b50bc029ebdf1db
Sha1:   85c03fdc385d0bdf6109bef6ddd9c7533046182b
Sha256: 47a92d52fb55b8fd2bd1a1d5ab22607ec8babedaf626d574871808198bc5a06d
                                        
                                            GET /p/9781786120120.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 08 Oct 2015 06:44:57 GMT
Expire: Tue, 23 Jan 2018 21:22:24 GMT
Cache-Control: public, max-age=604800
Content-Length: 41803
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   41803
Md5:    046ce766166e1a349d5fd44758decdbb
Sha1:   ad6d79be78a4bb1017b46a263dfa030ab14df645
Sha256: 9a8a1e434ebd2810821b6b0ef95fc9599c18e507244cf22a13f59c001523e753
                                        
                                            GET /p/9781119207498.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 30 Oct 2015 17:33:15 GMT
Expire: Sun, 21 Jan 2018 10:56:10 GMT
Cache-Control: public, max-age=604800
Content-Length: 15833
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   15833
Md5:    b9d81c48c71478bb91b99fe033c63d56
Sha1:   e56dac9aa2441cb79cd9f7f713612bc2b8e7b54f
Sha256: bf66eb60982ada9b3e658329fca4b5b8e0c3ac0371ddd2ec80b26b311e85ce85
                                        
                                            GET /p/9780062276544.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 24 Jun 2016 22:00:55 GMT
Expire: Sun, 21 Jan 2018 10:34:00 GMT
Cache-Control: public, max-age=604800
Content-Length: 43877
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   43877
Md5:    226e904a47ec44f9c1c9fc3925028207
Sha1:   06f6477e39272d839fa3a24db6c8b91c2de7021e
Sha256: c49d3f8d0fad36e1322420597e12cd5dfd48b4109f08d9b0b9b69eb6f939fbd1
                                        
                                            GET /p/9781844655755.jpg HTTP/1.1 
Host: img1.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.18
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 01 Oct 2013 12:15:30 GMT
Expire: Tue, 23 Jan 2018 21:22:24 GMT
Cache-Control: public, max-age=604800
Content-Length: 18347
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   18347
Md5:    abcddea0e229629f29caccba42dae0dc
Sha1:   2f53fce394743b05043ef31952d4e29416ef1bac
Sha256: 0d29009268dfb5bc84f8dc7d4b67cd1166003502e66651e1f62c4f89bee99430
                                        
                                            GET /get_camp.php?id=2152,2151,2150,2149 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: sv_lb_id=m0

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:07 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Set-Cookie: cl_lb_id=m1; path=/; domain=.click.sabavision.com
Server: nginx
X-Upstream-CT: 0.186
X-Upstream-HT: 0.595
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4926
Md5:    72a1d237284c1302937fe7652eff6350
Sha1:   48f620ce3a612ea3b8a1350e9dc39a97848f42e7
Sha256: 06e217c7a6d8c510823cbbeded034c60c89ed454798e6b9959c9c1ee95d78619

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /p/9780470975435_p0_v2_s600.JPG HTTP/1.1 
Host: img2.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.56
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 29 Jan 2013 22:37:28 GMT
Expire: Tue, 23 Jan 2018 21:22:24 GMT
Cache-Control: public, max-age=604800
Content-Length: 43485
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   43485
Md5:    1ab379aab6c21d6516e6f1cc4f209201
Sha1:   693ced9385fbc0c3d7ff85975b069d937dc23b23
Sha256: 3b3818e74721ce0e92822bd14043d1475cb1e1fc677fb863a93c458789c861f3
                                        
                                            GET /images/102050000/102055148.jpg HTTP/1.1 
Host: img2.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.56
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Wed, 20 Apr 2011 23:27:44 GMT
Accept-Ranges: bytes
Etag: "018b38cb2ffcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 17185
Date: Tue, 16 Jan 2018 21:23:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   17185
Md5:    8684d1cb42569093e2393561a3194803
Sha1:   2dd78118c94234357eb9e4eebee6437fc88a9207
Sha256: c7d29a612f3c92015bc1d9f641a42a0d661c47c348aee95999954a3b0ce3e095
                                        
                                            GET /p/9780879757427_p0_v2_s600.JPG HTTP/1.1 
Host: img2.imagesbn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         80.239.159.56
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 13 Feb 2015 21:41:07 GMT
Expire: Sat, 20 Jan 2018 08:08:07 GMT
Cache-Control: public, max-age=604800
Content-Length: 33169
Server: Jetty(8.1.4.v20120524)
Date: Tue, 16 Jan 2018 21:23:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Handmade Software, Inc. Image A"
Size:   33169
Md5:    0e58f75958e46ff8fad4278b2dd4ede8
Sha1:   9a0af3aff5979dec3f0ff8114268cf5cf5ece244
Sha256: f1735d3da356c5d408eb4ce90e63a5b27f33ccb9a697e9574da8c00d3869a256
                                        
                                            GET /r/__utm.gif?utmwv=5.7.1&utms=1&utmn=829920884&utmhn=kuzogaxawhyc.mihanblog.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Nicole%26%23039%3Bs%20collection&utmhid=272848334&utmr=-&utmp=%2F&utmht=1516137787428&utmac=UA-153829-9&utmcc=__utma%3D235272603.1809255732.1516137787.1516137787.1516137787.1%3B%2B__utmz%3D235272603.1516137787.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=603764123&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         172.217.20.46
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-9&cid=1809255732.1516137787&jid=603764123&_v=5.7.1&z=829920884
Access-Control-Allow-Origin: *
Date: Tue, 16 Jan 2018 21:23:07 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 367


--- Additional Info ---
Magic:  HTML document text
Size:   367
Md5:    6a358b93cef0ef55e609cfc29566f82c
Sha1:   b21e47bdeb06614e3b32afb0e2f27827c52f4913
Sha256: a6cf15f216a8a6bfa71e9757c50eb10093e3fa2afdce6f01eefd43e6d90cc514
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 16 Jan 2018 21:23:07 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    cb19ae1b38b11524f093928a7c581f25
Sha1:   97c74c300f111921008a147474f1e88c8080d2bf
Sha256: 6c01e100ccfd7b0c7c5c51b5d93476b79e576f994c03d3142f1af3f39663eac6
                                        
                                            GET //showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: sv_lb_id=m0; cl_lb_id=m1

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:07 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: cs_all=%2C26008; expires=Wed, 17-Jan-2018 20:29:00 GMT; Max-Age=83153
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Upstream-CT: 0.089
X-Upstream-HT: 0.198
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5925
Md5:    f56c28da3d59d2cfd27533999dee8cac
Sha1:   4633c51dda34578c53a4a88ab5ed237358b83762
Sha256: 6f188800e8c0988b03bd4bf197598e148f3c329eb9754a7d041fbb0707acc22a
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 16 Jan 2018 21:23:07 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-9&cid=1809255732.1516137787&jid=603764123&_v=5.7.1&z=829920884 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://kuzogaxawhyc.mihanblog.com/

                                         
                                         64.233.161.155
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Tue, 16 Jan 2018 21:23:07 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET //showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: cs_all=%2C26008; sv_lb_id=m0; cl_lb_id=m1

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 16 Jan 2018 21:23:08 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: cs_all=%2C26008%2C26045; expires=Wed, 17-Jan-2018 20:29:00 GMT; Max-Age=83109
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Upstream-CT: 0.089
X-Upstream-HT: 0.194
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5922
Md5:    8b4caee8dc66a78e6c65426210f7e9d8
Sha1:   518df711b4900cb47ed1d8e12f32ef1fb0b330f0
Sha256: 688391b9a31403cb2e9ea8787f716394db382603fba1110080b5acf1c951db55
                                        
                                            GET /public//public/user_data/user_banner/18/51444.gif HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112
Cookie: sv_lb_id=m0; cl_lb_id=m1

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 16 Jan 2018 21:23:08 GMT
Content-Length: 25144
Last-Modified: Tue, 16 Jan 2018 12:21:40 GMT
Etag: "5a5dee54-6238"
Expires: Thu, 15 Feb 2018 21:23:08 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 240
Size:   25144
Md5:    0a26c21fab77021652b3ae9943a114cc
Sha1:   a377e9cfc28dbe910491e5da3e45baa7bfdc59ee
Sha256: d0facf7ff4530aaa57c37f6482ba9e112ca745e86a5ec1b4be378e8b7cac0020
                                        
                                            GET /public//public/images/banner_saba_logo_small.png HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112
Cookie: sv_lb_id=m0; cl_lb_id=m1

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 16 Jan 2018 21:23:08 GMT
Content-Length: 1281
Last-Modified: Tue, 08 Mar 2016 15:25:49 GMT
Etag: "56deeefd-501"
Expires: Thu, 15 Feb 2018 21:23:08 GMT
Cache-Control: max-age=2592000
Server: nginx
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 13 x 11, 8-bit/color RGBA, non-interlaced
Size:   1281
Md5:    226971addd095ba581944ec05af2140b
Sha1:   b87e85064cb3b8e14d7627774b7500aa19f296f9
Sha256: 9d47a0fe7fba29bb3e6de700dc91961402b249be3e52c2c9145d621e68627bab
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: kuzogaxawhyc.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: kuzogaxawhyc_ads_cnt=1; mib_lb_id=m0; __utma=235272603.1809255732.1516137787.1516137787.1516137787.1; __utmb=235272603.1.10.1516137787; __utmc=235272603; __utmz=235272603.1516137787.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 16 Jan 2018 21:23:07 GMT
Content-Length: 1150
Last-Modified: Tue, 10 Apr 2012 06:35:23 GMT
Etag: "4f83d4ab-47e"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    1d7ec18d59c62859ca9c7c6645940786
Sha1:   811c1bc7cb794216bcc6eec9013d874c02fb7807
Sha256: 787dc32a02dbf7dc4dfcb00c2ac15b3912f5a176b4ddcc60c813226a759fb3a2
                                        
                                            POST / HTTP/1.1 
Host: gt.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1456
Content-Transfer-Encoding: binary
Cache-Control: max-age=581488, public, no-transform, must-revalidate
Last-Modified: Tue, 16 Jan 2018 14:52:04 GMT
Expires: Tue, 23 Jan 2018 14:52:04 GMT
Date: Tue, 16 Jan 2018 21:23:08 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1456
Md5:    da7a22b9f5f5f56655a9879332c1d3b3
Sha1:   0e444ede28ab30b75d587c6f414811153e147c49
Sha256: c61e6e5b7082ab2381e8e82cae965b4704f58d42c89509dc3442c132e6b302a0
                                        
                                            GET /?7g_buyer=59db1b69237a06000a7ff3c5&7g_referrer=http://kuzogaxawhyc.mihanblog.com/ HTTP/1.1 
Host: pixel.7grid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1516137786&ct=436a61cabcd102ba3dd7d456e2549987663cc4e1&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fkuzogaxawhyc.mihanblog.com%2F&bannerid=clicknet_vars_frame5498ad73611b-af57-3003-1d6e-3681c322f46a&vt=112

                                         
                                         185.147.176.83
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 16 Jan 2018 21:23:08 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: 7g=77086640-12a2-4429-99dd-c0b86fc9de84; Path=/
Strict-Transport-Security: max-age=15768000


--- Additional Info ---