urlquery - report: user-mtb01.hufeer.ir/login.php

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-09-24 04:21:50 UTC	23.36.76.226
user-mtb01.hufeer.ir (8)	0	2022-06-29 16:16:04 UTC	2022-09-24 15:34:28 UTC	212.33.195.109	Unknown ranking
ocsp.entrust.net (9)	1208	2013-07-24 12:09:14 UTC	2022-09-24 04:23:49 UTC	104.110.10.32
nexus.ensighten.com (1)	2786	2017-01-29 18:53:16 UTC	2022-09-24 11:34:33 UTC	54.230.111.63
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-24 05:36:42 UTC	35.163.196.193
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-24 04:22:29 UTC	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-24 15:49:37 UTC	143.204.55.115
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-24 04:26:56 UTC	143.204.55.110
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-24 04:22:23 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-24 12:29:46 UTC	93.184.220.29
resources.mtb.com (8)	144011	2014-11-08 14:57:30 UTC	2022-09-24 09:36:18 UTC	24.75.29.77
asset.mtb.com (1)	246397	2017-02-13 04:24:51 UTC	2022-09-24 09:36:19 UTC	54.230.111.37

Scan Date	Severity	Indicator	Comment
2022-08-27	2	user-mtb01.hufeer.ir/login.php	M & T Bank Coporation

Scan Date	Severity	Indicator	Comment
2022-07-31	2	user-mtb01.hufeer.ir/login.php	Other

Scan Date	Severity	Indicator	Comment
2022-09-24	2	user-mtb01.hufeer.ir/login.php	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cb (...)	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cb (...)	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cb (...)	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js	Phishing
2022-09-24	2	user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-04 17:40:19 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=4610 (...)	212.33.195.109
2023-01-04 17:39:30 +0000	0 - 0 - 1	www.user-mtb01.hufeer.ir/login.php?online_id= (...)	212.33.195.109
2023-01-04 17:39:29 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=cdfb (...)	212.33.195.109
2023-01-04 17:36:18 +0000	0 - 0 - 1	www.user-mtb01.hufeer.ir/login.php?online_id= (...)	212.33.195.109
2023-01-04 17:36:10 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=05b2 (...)	212.33.195.109

Date	UQ / IDS / BL	URL	IP
2023-03-31 21:56:23 +0000	0 - 0 - 10	danaapp.rozblog.com/	79.127.127.68
2023-03-31 21:50:00 +0000	0 - 6 - 0	android100.ir/cat/androidkade/51/	79.127.127.68
2023-03-31 21:28:54 +0000	0 - 3 - 0	milanchampion.rozblog.com/post/1498	79.127.127.68
2023-03-31 20:04:11 +0000	0 - 0 - 10	webhelp.rozfa.ir/post/14	79.127.127.68
2023-03-31 13:10:57 +0000	0 - 0 - 2	enter17.rozblog.com/post/14	79.127.127.68

Date	UQ / IDS / BL	URL	IP
2023-01-04 17:40:19 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=4610 (...)	212.33.195.109
2023-01-04 17:39:30 +0000	0 - 0 - 1	www.user-mtb01.hufeer.ir/login.php?online_id= (...)	212.33.195.109
2023-01-04 17:39:29 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=cdfb (...)	212.33.195.109
2023-01-04 17:36:18 +0000	0 - 0 - 1	www.user-mtb01.hufeer.ir/login.php?online_id= (...)	212.33.195.109
2023-01-04 17:36:10 +0000	0 - 0 - 1	user-mtb01.hufeer.ir/login.php?online_id=05b2 (...)	212.33.195.109

Date	UQ / IDS / BL	URL	IP
2023-03-31 22:10:23 +0000	8 - 1 - 7	mindhackclub.com/mtbank1x1/login.php?online_i (...)	69.49.247.70
2023-03-31 21:55:28 +0000	8 - 1 - 7	myjayonce.info/mtbank1x/login.php?online_id=8 (...)	69.49.231.212
2023-03-31 21:35:06 +0000	6 - 1 - 5	gagestreetventures.com/mtbank1x/login.php?cou (...)	69.49.247.70
2023-03-31 21:35:03 +0000	8 - 1 - 7	gagestreetventures.com/mtbank1x/login.php?cou (...)	69.49.247.70
2023-03-31 21:34:41 +0000	8 - 1 - 7	gagestreetventures.com/mtbank1x/login.php?cwe (...)	69.49.247.70

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.115 HASH: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45 143.204.55.115 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 24 Sep 2022 21:04:54 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: -A4gqJ0iaeq_VUh-qj1x7X1YMWRqb6nS8NFqiUfazh1GE9a1eQmntQ== Age: 3179 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 1b3053fa528e28810f8a2cc9284cc921 Sha1: cca9eb471d941881a6b9a1793aecb6c281908f6a Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10796 Expires: Sun, 25 Sep 2022 00:57:49 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 09a973de929ab7452edc342c780d3668 Sha1: 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 Sha256: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.110 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.110 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 24 Sep 2022 04:35:15 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: NL9DHvGdXZdblDAaEx7t8ciOTIUz7lKo2RyCR76dHguxD4uUw64X_A== age: 62559 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /login.php HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: user-mtb01.hufeer.ir/login.php FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 0208b343f1f505560ddc01fefda5c50c04b0a6609cd52c0cf3f1ca1f58980c60 212.33.195.109 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Connection: Keep-Alive Cache-Control: public, max-age=0 Expires: Sat, 24 Sep 2022 21:57:52 GMT Content-Length: 4798 Content-Encoding: gzip Vary: Accept-Encoding Date: Sat, 24 Sep 2022 21:57:52 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF line terminators Size: 4798 Md5: d9d3b9129013d7c03caa960e39f0344d Sha1: b61db46f8e8e7406f0414ff9f12a59605fd068d0 Sha256: 0208b343f1f505560ddc01fefda5c50c04b0a6609cd52c0cf3f1ca1f58980c60 Alerts: Blocklists: - openphish: M & T Bank Coporation - phishtank: Other - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 24 Sep 2022 21:57:53 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f (...) FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f (...) FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.115 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.115 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 24 Sep 2022 21:04:17 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Sat, 24 Sep 2022 21:54:16 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: z-YfhMmBOVMUZ82a_YtH0swNdsJBu_KydAhQ-Z7bTHOVx_-FaX4X6A== Age: 3216 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_1020520 (...) FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/TSPD/0856addebbab2000ba949201dad9f (...) FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=2244 Expires: Sat, 24 Sep 2022 22:35:17 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 3180bd2a1f5c59e9131dc5862ee91882 Sha1: 80885bf0554e9452e3120d9ba262e772f8e7f4c9 Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=2244 Expires: Sat, 24 Sep 2022 22:35:17 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 3180bd2a1f5c59e9131dc5862ee91882 Sha1: 80885bf0554e9452e3120d9ba262e772f8e7f4c9 Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=2308 Expires: Sat, 24 Sep 2022 22:36:21 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 3180bd2a1f5c59e9131dc5862ee91882 Sha1: 80885bf0554e9452e3120d9ba262e772f8e7f4c9 Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC Content-Length: 1588 Cache-Control: public, no-transform, must-revalidate, max-age=2233 Expires: Sat, 24 Sep 2022 22:35:06 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1588 Md5: 3180bd2a1f5c59e9131dc5862ee91882 Sha1: 80885bf0554e9452e3120d9ba262e772f8e7f4c9 Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=1922 Expires: Sat, 24 Sep 2022 22:29:55 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 1998a84bea8588065c21b224d34c53ed Sha1: 5f7728ad5a61122bcb6009fec377e7561d85b700 Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=1935 Expires: Sat, 24 Sep 2022 22:30:08 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 1998a84bea8588065c21b224d34c53ed Sha1: 5f7728ad5a61122bcb6009fec377e7561d85b700 Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=1841 Expires: Sat, 24 Sep 2022 22:28:34 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 1998a84bea8588065c21b224d34c53ed Sha1: 5f7728ad5a61122bcb6009fec377e7561d85b700 Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=1866 Expires: Sat, 24 Sep 2022 22:28:59 GMT Date: Sat, 24 Sep 2022 21:57:53 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 1998a84bea8588065c21b224d34c53ed Sha1: 5f7728ad5a61122bcb6009fec377e7561d85b700 Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/ruxitagentjs_ICA2SVfhjqrux_1020520 (...) FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:53 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6597 Cache-Control: 'max-age=158059' Date: Sat, 24 Sep 2022 21:57:53 GMT Last-Modified: Sat, 24 Sep 2022 20:07:56 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a7809de115ea73f8b61f3d20a9978493 Sha1: 01fc65a2b694d7aadd5204d21801e87b2b55b73e Sha256: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/r/simple-layout-responsive/css.mtb?v= (...) FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 59df120e12a64898104a890d8a3d976a0c9ef2e31c0741215106fd1edfa172d9 24.75.29.77 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Expires: Sun, 24 Sep 2023 21:57:53 GMT Last-Modified: Sat, 24 Sep 2022 21:57:52 GMT ETag: "1664056673:dtagent10247220811100421ZWhG" Vary: User-Agent X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="1270323194" Date: Sat, 24 Sep 2022 21:57:53 GMT Cteonnt-Length: 258715 Cache-Control: private Content-Encoding: gzip Set-Cookie: dtCookie=v_4_srv_6_sn_1FE5E0DF2B56650020CD569E8EAB3DEA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926b280153352b46adb4f169a28103ae8f6c0b85275673e57430e5fc812215620e09a16d1dff4c0dea139102515f1db4cc7; Path=/ TS0128739d=01fb46a926c54d0bdca689ebb238a9c5b975c4dbb2c0b85275673e57430e5fc812215620e01576aeb9f71a92792623be0f900a095dde4a7668dd5fa5e653ac5db46d4bb6ef; path=/; domain=.mtb.com TSea15929a027=0856addebbab20003179a806677c7538aaea4c46df8f9f0f3b8bd9d4e11f62876131a769564d17c008a4757c6a113000a3961215d16b1fb0011436581800355c4254cc1afd28bfaeb6ff93b768376c7d0f6dcbb79b85dec5373e5a14954dc443; Path=/ Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size: 34711 Md5: a09551203c370fcc0c14eee4d7af4fac Sha1: 6fcd08a7f0871a33ded481a49023de7c42bcdbf0 Sha256: 59df120e12a64898104a890d8a3d976a0c9ef2e31c0741215106fd1edfa172d9
GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1 Host: nexus.ensighten.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/	URL: nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js FQDN: nexus.ensighten.com IP: 54.230.111.63 HASH: c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633 54.230.111.63 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 15 Connection: keep-alive Date: Sat, 24 Sep 2022 21:57:55 GMT x-amz-replication-status: COMPLETED Last-Modified: Fri, 22 Jul 2022 23:48:01 GMT ETag: "ffe905f50d9b47e6353b68513c4d48ac" x-amz-server-side-encryption: AES256 Cache-Control: no-cache, no-store x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL Accept-Ranges: bytes Server: AmazonS3 X-Cache: Error from cloudfront Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: z-Miet5dr2rbib4Ta13X77ex1jdxo60pz9PofGMu2aMiyLsPemGKtA== --- Additional Info --- Magic: ASCII text Size: 15 Md5: ffe905f50d9b47e6353b68513c4d48ac Sha1: d2c2ee4201cca3be67abf771ed1f1922fa94d083 Sha256: c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ELJGepLcozk7Ry/tDvCelg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.163.196.193 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.163.196.193 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: HkehiPcRzusE7F+d7H17d7Gna4A= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Assets/img/mtb-entrust.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-entrust.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:13:54 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2144432933" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 1349 Set-Cookie: TSea15929a027=0856addebbab2000e46b37802e61ae5cb087bd5fdec925d6fca8a396ba9d86d8d407ff655026ca700854ae597d113000a9f08978ee0bfe0a011436581800355c0a098d6dfe9e2ed84e1c5417ecc1e736dde5588e1460a6b01544acc3957acee5; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators Size: 1349 Md5: 9a569ad20708d7453d89fe6c72e7fcdc Sha1: 60b6a41620583484642f7c826faf8e3c879a6374 Sha256: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-equalhousinglender.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:13:54 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="694482797" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 230 Set-Cookie: TSea15929a027=0856addebbab2000a8f5ffd1278e3037e869049fb0f1000e49dae3b055ff54ae0cef560bc6cbfc630898811b0c113000ee638922365df604011436581800355c5d578a136255bed169aafcb5b1777f2aa88c4b89e25dca0fd2918e6c899f705f; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 230 Md5: 916635d10512ae6a1840614a895dcd38 Sha1: db175de4c42281bb4d239c57d1b95b8e75c529ec Sha256: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-logo.svg HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/Assets/img/mtb-logo.svg FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac 24.75.29.77 HTTP/1.1 200 OK Content-Type: image/svg+xml Last-Modified: Wed, 21 Sep 2022 01:13:54 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="2055353467" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 2039 Set-Cookie: TSea15929a027=0856addebbab2000013dcd6655505a0f1907d6ee0b0f809057e733f649bdafe992f4773717372a07086968995f1130002d51e530bbb8265f011436581800355c1b23e87bbe2729424cd1be655a627d178e59ae38e6df328d5fa418103efeea26; Path=/ --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators Size: 2039 Md5: f2b901cf895852a0866fe4a16c7f1730 Sha1: c4240af1ec798477b4e65a185ddbb1b038817da4 Sha256: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/r/simple-layout-responsive/js.mtb?v=0 (...) FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9 24.75.29.77 HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Sun, 24 Sep 2023 21:57:53 GMT Last-Modified: Sat, 24 Sep 2022 21:57:52 GMT ETag: "1664056673:dtagent10247220811100421ZWhG" Vary: User-Agent X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Server-Timing: dtSInfo;desc="0", dtRpid;desc="1084776443" Date: Sat, 24 Sep 2022 21:57:53 GMT ntCoent-Length: 322405 Cache-Control: private Content-Encoding: gzip Set-Cookie: dtCookie=v_4_srv_2_sn_807D1A0560AC4F9B41B84FBF4CF567A9_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926ecdb7762414703fe4061ce56d18ec3133fe869bafab60dea7da7e3eaac89eadaf525c44a2c8d25fc16e184238652dd24; Path=/ TS0128739d=01fb46a92621251bad91343e96822bd8576ee1a4003fe869bafab60dea7da7e3eaac89eada56b2aab04a0b97c9b86b155ba26394994879757b577a84ed00fbc5abe84350df; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000beef73af7c6329913928ca32dc76d26143a106a5636bc2aa51cfdf5086c550f008849ee893113000226f52eb1dfb8c7a011436581800355ca3f390e406908b3b9446253d413b65e39d509b76fef248a15c6467ebfee5b62e; Path=/ Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 103531 Md5: 709ebc99ab68894c16d41797eb08e778 Sha1: 76a47991fe6d37cfff3521535bf366798a97e292 Sha256: 3ac3d1438229e5d19ab15b5a7552eb05497af3ea08ecc93fb3c5d084d73e60b9
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://user-mtb01.hufeer.ir Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtpg-iconfont.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:13:53 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="322207369", dtTao;desc="1" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 4776 Set-Cookie: dtCookie=v_4_srv_4_sn_AB237653FAABA2DF79AA23F4AC8CAEFA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a92655e14c8e2eb15b483eb94954a401703d87b9465f68890477bb25ddf4b79829beb8351565219431cbef776c678f4e31dd; Path=/ TS0128739d=01fb46a9260d9a9541d41100d8d59bd6df4163c41387b9465f68890477bb25ddf4b79829be588d91e5c31304705e563c53526bb82aa840eda910c3c75e6d9e1140518ee16f; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000361f313fbc31dd6e489f036dd09aed317aa7e774a01c4f659bc1c2174dbf4e6b08feb8afa01130004db8fe6ef898a3f7011436581800355c2ada9723c4b9e7c53ec4b2c24ccb313df6a9c3a46266b5ac36ce7ab68b142ff1; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 4776, version 1.0\012- data Size: 4776 Md5: ac13691b89191d11d0e5577eb3cf3d53 Sha1: 0126fa82c0ab022e61b5de74f1fe3e204a905a7b Sha256: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /Assets/scripts/Login/Index.js HTTP/1.1 Host: user-mtb01.hufeer.ir User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/login.php	URL: user-mtb01.hufeer.ir/Assets/scripts/Login/Index.js FQDN: user-mtb01.hufeer.ir IP: 212.33.195.109 HASH: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa 212.33.195.109 HTTP/1.1 404 Not Found Content-Type: text/html Connection: Keep-Alive Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0 Pragma: no-cache Content-Length: 708 Date: Sat, 24 Sep 2022 21:57:54 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 708 Md5: 2382378378c002d88b9a507c712c3349 Sha1: 2e894db3808b554abadc8b144338ad9e2ea937ba Sha256: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Alerts: Blocklists: - fortinet: Phishing
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://user-mtb01.hufeer.ir Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:13:53 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="1799925003", dtTao;desc="1" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 67671 Set-Cookie: dtCookie=v_4_srv_9_sn_415F9370EA20B077E7EE74186F8D1DCA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926db7a18056b726d480c9be642d497e7f1f0762470e590dce8bb0c62205aca7b56f6244e0cd7dcbd9e5c75f3ba40c2ff34; Path=/ TS0128739d=01fb46a926423e0ec8f39423e440b2b9dc50fbe3bbf0762470e590dce8bb0c62205aca7b56649d5105594127bd9c20bff06ffa25bf11952c2873e00673f30068f2598bfa89; path=/; domain=.mtb.com TSea15929a027=0856addebbab20003d9132f8e6722a153b2c809c008c22375b31523617e5562eb71a2293e98ee7db087bd321331130004390d9166f928e3c011436581800355c32dc68bb8269f6f53395abe065c5f69d340e16db625421c33fcb5c5f715be664; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 67671, version 1.0\012- data Size: 67671 Md5: 6cd469e8613d82d4d07834a5ca7745f0 Sha1: 95347ba0a03d27e1aa91bc17c937d8aefe53e6ff Sha256: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1 Host: resources.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://user-mtb01.hufeer.ir Connection: keep-alive Referer: https://resources.mtb.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff FQDN: resources.mtb.com IP: 24.75.29.77 HASH: b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc 24.75.29.77 HTTP/1.1 200 OK Content-Type: APPLICATION/X-WOFF Last-Modified: Wed, 21 Sep 2022 01:13:53 GMT Accept-Ranges: bytes ETag: "0357f6a57cdd81:0:dtagent10247220811100421ZWhG" X-Srv: B-SC-02 Access-Control-Allow-Origin: * X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ Timing-Allow-Origin: * Server-Timing: dtSInfo;desc="0", dtRpid;desc="672022482", dtTao;desc="1" Date: Sat, 24 Sep 2022 21:57:53 GMT Content-Length: 64318 Set-Cookie: dtCookie=v_4_srv_9_sn_F550F606807710242FCF175A62BAA6EC_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com TS019299a7=01fb46a926aeb2a3c099f40394ce464b9480d47e89788330c3ba8c5cfe41743ea108fc6b0e87e475bdcf8e31db05b10bcd6d9360a5; Path=/ TS0128739d=01fb46a926298dc7aebfd06e42e25f75ecf54d9f17788330c3ba8c5cfe41743ea108fc6b0ed1fe36e569b22e493272209a4648cb86849e9e732cb265c9fb7317ab0275fc38; path=/; domain=.mtb.com TSea15929a027=0856addebbab2000d96d1464af18eecdd267542f1bb5bbdb29df4e6fce6c477cbc62724b8829893c08a203afa81130000ff6f176aa7b0cc9011436581800355c54a59082eeef593700c8c7e49f0a705494e0d36c41e34cb17bafd56e2eafd8d8; Path=/ --- Additional Info --- Magic: Web Open Font Format, TrueType, length 64318, version 1.0\012- data Size: 64318 Md5: b245a55f7e33e1cf4d2477570936ef84 Sha1: 12bf1c1eda6db246778f7c343acebbaad8fa36f4 Sha256: b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
POST / HTTP/1.1 Host: ocsp.entrust.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.entrust.net/ FQDN: ocsp.entrust.net IP: 104.110.10.32 HASH: 278d49083c757cb76c518abcdc2c3b79a640d2f9d105400fe0f09d97d784922c 104.110.10.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response ETag: "278D49083C757CB76C518ABCDC2C3B79A640D2F9D105400FE0F09D97D784922C" Last-Modified: Sat, 24 Sep 2022 15:00:00 UTC Content-Length: 1585 Cache-Control: public, no-transform, must-revalidate, max-age=3530 Expires: Sat, 24 Sep 2022 22:56:45 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1585 Md5: 33ef04d2acbd4a7aaeb00e9e92c76939 Sha1: fb6b52a79429586a5e484d915ef0f56acfe6b0b6 Sha256: 278d49083c757cb76c518abcdc2c3b79a640d2f9d105400fe0f09d97d784922c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14639 Expires: Sun, 25 Sep 2022 02:01:54 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14639 Expires: Sun, 25 Sep 2022 02:01:54 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14639 Expires: Sun, 25 Sep 2022 02:01:54 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14639 Expires: Sun, 25 Sep 2022 02:01:54 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14639 Expires: Sun, 25 Sep 2022 02:01:54 GMT Date: Sat, 24 Sep 2022 21:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6671 x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y-_EAHQ2oAMFaqA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0 x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA== via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:05 GMT etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa" age: 1250 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6671 Md5: 328516d7184ca4b4f6e50bf895b9bce0 Sha1: 752c2278004a98fcfacf4c3f16470d610ffd2daa Sha256: 8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8883 x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y--PmEaqIAMFz4w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0 x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:05 GMT age: 1250 etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8883 Md5: 4ecc2a02c5bf02ae98849085d835b2dd Sha1: 5fc6f043ab0929c95b84b78c9d03befbe0fadea0 Sha256: ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12552 x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YlYTrHz0oAMF2eA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0 x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:05 GMT age: 1250 etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12552 Md5: e8a0d2b8beddf9f866a2bfe96ac21c2e Sha1: dfe5c93dc1637162a0b6ac174dcd7107af80763a Sha256: 0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12826 x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YfVRNFP-oAMFgrA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0 x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:19 GMT age: 1236 etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data Size: 12826 Md5: b3a72e81317074689a71dac7059e4b6a Sha1: b6d56333d7f1ea7ddc8838d84de498ff913c5464 Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11435 x-amzn-requestid: e1288aca-0375-4ce8-9daa-81afe23c9c5c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y-_ETHE6oAMFqGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632f7881-01a836ab57a326356f838bfc;Sampled=0 x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: X8xpMQCKuQGx46BrQ_851U0HhXIALy0k22WRO-zp8TuFhK0KaHItBw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:06 GMT etag: "27f05479fd4fbe68993748fdb043850807ddebdd" age: 1249 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11435 Md5: 1a9f4d93ea4a06628bc31a00a9c4e692 Sha1: 27f05479fd4fbe68993748fdb043850807ddebdd Sha256: 31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8914 x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y-_EUHqJoAMF7MQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0 x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 21:37:06 GMT etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5" age: 1249 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8914 Md5: dfdacc8edea3c24dad020d7e9c11b3f4 Sha1: 2b6e37596e88b62f288dc8e8c937fd904fae28d5 Sha256: 338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /Documents/html/homepage/favicon.ico HTTP/1.1 Host: asset.mtb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://user-mtb01.hufeer.ir/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: asset.mtb.com/Documents/html/homepage/favicon.ico FQDN: asset.mtb.com IP: 54.230.111.37 HASH: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3 54.230.111.37 HTTP/2 200 OK content-type: image/x-icon content-length: 14862 accept-ranges: bytes cache-control: max-age=3600, no-cache="set-cookie" content-disposition: inline content-encoding: gzip date: Sat, 24 Sep 2022 21:57:55 GMT last-modified: Wed, 04 May 2022 18:18:59 GMT server: Apache strict-transport-security: max-age=31536000; includeSubdomains; preload x-content-type-options: nosniff x-dispatcher: dispatcher1useast1 x-frame-options: SAMEORIGIN x-vhost: publish etag: "3dce-5de33a8b9cac0-gzip" vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 64TUEPukpJotYRPMkbYhrzOwGA_1uDcjFXOBJ2HV0xka6QyDCHcRpg== X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data Size: 14862 Md5: e82f458a5c1c5353a97401eccc925613 Sha1: 949d6c8d06ca14b52f496c20f63fae269b6708c2 Sha256: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sat, 24 Sep 2022 21:04:54 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: -A4gqJ0iaeq_VUh-qj1x7X1YMWRqb6nS8NFqiUfazh1GE9a1eQmntQ== 

                                        
                                            
Age: 3179 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    1b3053fa528e28810f8a2cc9284cc921

                                                Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a

                                                Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.110

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sat, 24 Sep 2022 04:35:15 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: NL9DHvGdXZdblDAaEx7t8ciOTIUz7lKo2RyCR76dHguxD4uUw64X_A== 

                                        
                                            
age: 62559 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC 

                                        
                                            
Content-Length: 1588 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2244 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:35:17 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1588

                                                Md5:    3180bd2a1f5c59e9131dc5862ee91882

                                                Sha1:   80885bf0554e9452e3120d9ba262e772f8e7f4c9

                                                Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "AF2C5B9A082C490F72364F08D9E22DCB9C1839F139B7B405E3A7094D94BC632E" 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 11:00:00 UTC 

                                        
                                            
Content-Length: 1588 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2233 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:35:06 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1588

                                                Md5:    3180bd2a1f5c59e9131dc5862ee91882

                                                Sha1:   80885bf0554e9452e3120d9ba262e772f8e7f4c9

                                                Sha256: af2c5b9a082c490f72364f08d9e22dcb9c1839f139b7b405e3a7094d94bc632e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=1935 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:30:08 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    1998a84bea8588065c21b224d34c53ed

                                                Sha1:   5f7728ad5a61122bcb6009fec377e7561d85b700

                                                Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "E36023EC04EF2A94543D286B45950CFBAF966154F6C120DE214A252E1A9EC90D" 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=1866 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:28:59 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    1998a84bea8588065c21b224d34c53ed

                                                Sha1:   5f7728ad5a61122bcb6009fec377e7561d85b700

                                                Sha256: e36023ec04ef2a94543d286b45950cfbaf966154f6c120de214a252e1a9ec90d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6597 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 20:07:56 GMT 

                                        
                                            
Server: ECS (ska/F704) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    a7809de115ea73f8b61f3d20a9978493

                                                Sha1:   01fc65a2b694d7aadd5204d21801e87b2b55b73e

                                                Sha256: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

                                        
                                            GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1 

                                        
                                            
Host: nexus.ensighten.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://user-mtb01.hufeer.ir/

                                         54.230.111.63

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Content-Length: 15 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:55 GMT 

                                        
                                            
x-amz-replication-status: COMPLETED 

                                        
                                            
Last-Modified: Fri, 22 Jul 2022 23:48:01 GMT 

                                        
                                            
ETag: "ffe905f50d9b47e6353b68513c4d48ac" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
Cache-Control: no-cache, no-store 

                                        
                                            
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Cache: Error from cloudfront 

                                        
                                            
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: z-Miet5dr2rbib4Ta13X77ex1jdxo60pz9PofGMu2aMiyLsPemGKtA== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   15

                                                Md5:    ffe905f50d9b47e6353b68513c4d48ac

                                                Sha1:   d2c2ee4201cca3be67abf771ed1f1922fa94d083

                                                Sha256: c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633

                                        
                                            GET /Assets/img/mtb-entrust.svg HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://user-mtb01.hufeer.ir/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:13:54 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0357f6a57cdd81:0" 

                                        
                                            
X-Srv: B-SC-02 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2144432933" 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Content-Length: 1349 

                                        
                                            
Set-Cookie: TSea15929a027=0856addebbab2000e46b37802e61ae5cb087bd5fdec925d6fca8a396ba9d86d8d407ff655026ca700854ae597d113000a9f08978ee0bfe0a011436581800355c0a098d6dfe9e2ed84e1c5417ecc1e736dde5588e1460a6b01544acc3957acee5; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators

                                                Size:   1349

                                                Md5:    9a569ad20708d7453d89fe6c72e7fcdc

                                                Sha1:   60b6a41620583484642f7c826faf8e3c879a6374

                                                Sha256: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

                                        
                                            GET /Assets/img/mtb-logo.svg HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://user-mtb01.hufeer.ir/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:13:54 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0357f6a57cdd81:0" 

                                        
                                            
X-Srv: B-SC-02 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2055353467" 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Content-Length: 2039 

                                        
                                            
Set-Cookie: TSea15929a027=0856addebbab2000013dcd6655505a0f1907d6ee0b0f809057e733f649bdafe992f4773717372a07086968995f1130002d51e530bbb8265f011436581800355c1b23e87bbe2729424cd1be655a627d178e59ae38e6df328d5fa418103efeea26; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators

                                                Size:   2039

                                                Md5:    f2b901cf895852a0866fe4a16c7f1730

                                                Sha1:   c4240af1ec798477b4e65a185ddbb1b038817da4

                                                Sha256: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac

                                        
                                            GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: http://user-mtb01.hufeer.ir 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://resources.mtb.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: APPLICATION/X-WOFF

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:13:53 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0357f6a57cdd81:0:dtagent10247220811100421ZWhG" 

                                        
                                            
X-Srv: B-SC-02 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="322207369", dtTao;desc="1" 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Content-Length: 4776 

                                        
                                            
Set-Cookie: dtCookie=v_4_srv_4_sn_AB237653FAABA2DF79AA23F4AC8CAEFA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a92655e14c8e2eb15b483eb94954a401703d87b9465f68890477bb25ddf4b79829beb8351565219431cbef776c678f4e31dd; Path=/
TS0128739d=01fb46a9260d9a9541d41100d8d59bd6df4163c41387b9465f68890477bb25ddf4b79829be588d91e5c31304705e563c53526bb82aa840eda910c3c75e6d9e1140518ee16f; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000361f313fbc31dd6e489f036dd09aed317aa7e774a01c4f659bc1c2174dbf4e6b08feb8afa01130004db8fe6ef898a3f7011436581800355c2ada9723c4b9e7c53ec4b2c24ccb313df6a9c3a46266b5ac36ce7ab68b142ff1; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format, TrueType, length 4776, version 1.0\012- data

                                                Size:   4776

                                                Md5:    ac13691b89191d11d0e5577eb3cf3d53

                                                Sha1:   0126fa82c0ab022e61b5de74f1fe3e204a905a7b

                                                Sha256: 108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df

                                        
                                            GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1 

                                        
                                            
Host: resources.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: http://user-mtb01.hufeer.ir 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://resources.mtb.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         24.75.29.77

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: APPLICATION/X-WOFF

                                        

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 01:13:53 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "0357f6a57cdd81:0:dtagent10247220811100421ZWhG" 

                                        
                                            
X-Srv: B-SC-02 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/ 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1799925003", dtTao;desc="1" 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:53 GMT 

                                        
                                            
Content-Length: 67671 

                                        
                                            
Set-Cookie: dtCookie=v_4_srv_9_sn_415F9370EA20B077E7EE74186F8D1DCA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926db7a18056b726d480c9be642d497e7f1f0762470e590dce8bb0c62205aca7b56f6244e0cd7dcbd9e5c75f3ba40c2ff34; Path=/
TS0128739d=01fb46a926423e0ec8f39423e440b2b9dc50fbe3bbf0762470e590dce8bb0c62205aca7b56649d5105594127bd9c20bff06ffa25bf11952c2873e00673f30068f2598bfa89; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20003d9132f8e6722a153b2c809c008c22375b31523617e5562eb71a2293e98ee7db087bd321331130004390d9166f928e3c011436581800355c32dc68bb8269f6f53395abe065c5f69d340e16db625421c33fcb5c5f715be664; Path=/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format, TrueType, length 67671, version 1.0\012- data

                                                Size:   67671

                                                Md5:    6cd469e8613d82d4d07834a5ca7745f0

                                                Sha1:   95347ba0a03d27e1aa91bc17c937d8aefe53e6ff

                                                Sha256: 4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.entrust.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.110.10.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
ETag: "278D49083C757CB76C518ABCDC2C3B79A640D2F9D105400FE0F09D97D784922C" 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 15:00:00 UTC 

                                        
                                            
Content-Length: 1585 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3530 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:56:45 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:55 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1585

                                                Md5:    33ef04d2acbd4a7aaeb00e9e92c76939

                                                Sha1:   fb6b52a79429586a5e484d915ef0f56acfe6b0b6

                                                Sha256: 278d49083c757cb76c518abcdc2c3b79a640d2f9d105400fe0f09d97d784922c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14639 

                                        
                                            
Expires: Sun, 25 Sep 2022 02:01:54 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:55 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14639 

                                        
                                            
Expires: Sun, 25 Sep 2022 02:01:54 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 21:57:55 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6671 

                                        
                                            
x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y-_EAHQ2oAMFaqA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA== 

                                        
                                            
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 24 Sep 2022 21:37:05 GMT 

                                        
                                            
etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa" 

                                        
                                            
age: 1250 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6671

                                                Md5:    328516d7184ca4b4f6e50bf895b9bce0

                                                Sha1:   752c2278004a98fcfacf4c3f16470d610ffd2daa

                                                Sha256: 8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12552 

                                        
                                            
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YlYTrHz0oAMF2eA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ== 

                                        
                                            
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 24 Sep 2022 21:37:05 GMT 

                                        
                                            
age: 1250 

                                        
                                            
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12552

                                                Md5:    e8a0d2b8beddf9f866a2bfe96ac21c2e

                                                Sha1:   dfe5c93dc1637162a0b6ac174dcd7107af80763a

                                                Sha256: 0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11435 

                                        
                                            
x-amzn-requestid: e1288aca-0375-4ce8-9daa-81afe23c9c5c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y-_ETHE6oAMFqGQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632f7881-01a836ab57a326356f838bfc;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: X8xpMQCKuQGx46BrQ_851U0HhXIALy0k22WRO-zp8TuFhK0KaHItBw== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 24 Sep 2022 21:37:06 GMT 

                                        
                                            
etag: "27f05479fd4fbe68993748fdb043850807ddebdd" 

                                        
                                            
age: 1249 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11435

                                                Md5:    1a9f4d93ea4a06628bc31a00a9c4e692

                                                Sha1:   27f05479fd4fbe68993748fdb043850807ddebdd

                                                Sha256: 31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab

                                        
                                            GET /Documents/html/homepage/favicon.ico HTTP/1.1 

                                        
                                            
Host: asset.mtb.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://user-mtb01.hufeer.ir/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.111.37

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/x-icon

                                        

                                        
                                            
content-length: 14862 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
cache-control: max-age=3600, no-cache="set-cookie" 

                                        
                                            
content-disposition: inline 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Sat, 24 Sep 2022 21:57:55 GMT 

                                        
                                            
last-modified: Wed, 04 May 2022 18:18:59 GMT 

                                        
                                            
server: Apache 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-dispatcher: dispatcher1useast1 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-vhost: publish 

                                        
                                            
etag: "3dce-5de33a8b9cac0-gzip" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: 64TUEPukpJotYRPMkbYhrzOwGA_1uDcjFXOBJ2HV0xka6QyDCHcRpg== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   14862

                                                Md5:    e82f458a5c1c5353a97401eccc925613

                                                Sha1:   949d6c8d06ca14b52f496c20f63fae269b6708c2

                                                Sha256: cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3

URL	user-mtb01.hufeer.ir/login.php
IP	212.33.195.109 (Iran)
ASN	#43754 Asiatech Data Transmission company
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-24 21:58:04 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	10
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (12)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 212.33.195.109

Last 5 reports on ASN: Asiatech Data Transmission company

Last 5 reports on domain: hufeer.ir

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (45)

Overview

Domain Summary (12)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 212.33.195.109

Last 5 reports on ASN: Asiatech Data Transmission company

Last 5 reports on domain: hufeer.ir

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (45)

Network Intrusion Detection Systems