haftbarg.com/
302 Found 682 B IP
ASN #60631 Pars Parva System LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 93b233ee6bf065764ddb8af044b2e190
8fa6c52448aec94995dc8a3a28d40e9ac265ed00
22ac4ac7d78bc8eee343d05d7db2c9812c898bed7fe6ca22a00583d547a489a8
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 682
Date: Tue, 29 Nov 2022 00:50:57 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Location: https://www.haftbarg.com/
Vary: User-Agent
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13442
Expires: Tue, 29 Nov 2022 04:35:00 GMT
Date: Tue, 29 Nov 2022 00:50:58 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4498
Cache-Control: max-age=125721
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:58 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:46:19 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2326
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Tue, 29 Nov 2022 00:50:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 00:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1885
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 344
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:50:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 77b61a8bcdfab623a9efda5405673089
cb325c3e04156006b35a404d58223e56b70ea0c4
3f76743a828d7fdd4d23ced2e9aa9a1a549a1937ce0037bed341df27a6a7921b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F76743A828D7FDD4D23CED2E9AA9A1A549A1937CE0037BED341DF27A6A7921B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Tue, 29 Nov 2022 06:50:47 GMT
Date: Tue, 29 Nov 2022 00:50:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 00:11:12 GMT
cache-control: public,max-age=3600
age: 2386
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1926
Cache-Control: max-age=118083
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:58 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:39:01 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.haftbarg.com/
200 OK 9.3 kB IP
ASN #60631 Pars Parva System LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4545)
Hash 23fbae690e5d6d075c4645720175c278
531985917e8cef4ffa45b2d2af1fbd583823bf8e
bc4cd6102b652438354b6bc5d1a80305fcd55cae5e7f33d3160a4aa5a7ce5ba2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; expires=Tue, 29-Nov-2022 02:50:58 GMT; Max-Age=7200; path=/; samesite=lax; secure
haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0; expires=Tue, 29-Nov-2022 02:50:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-length: 9268
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 29 Nov 2022 00:50:58 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 29b46d43c98c61ae831e74dfaaf4f29f
e788fc68cfc59605d09e9f792b716a6d1bf3d5f5
3e049e8f59bfd46852ebd11ecd50621b9b220d71dd0ee0528e66927a56cfda44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3311
Cache-Control: max-age=160841
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Etag: "63851bcd-116"
Expires: Wed, 30 Nov 2022 21:31:40 GMT
Last-Modified: Mon, 28 Nov 2022 20:36:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
www.haftbarg.com/front/css/tiny-slider.css
200 OK 623 B URL HTTP/2 www.haftbarg.com/front/css/tiny-slider.css
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (2121)
Hash 231dccfadbef6c2893ad5d2c913fe5ea
e480c91f62645b83b4171ed36110d18ceda3b1cc
1422f5e20bdf0be5a65b43763002c6ed10901232331274e6438fc477edeef4bd
GET /front/css/tiny-slider.css HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Wed, 28 Apr 2021 10:44:44 GMT
etag: "877-60893c9c-a23df57f8e21e8ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 623
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/css/choices.min.css
200 OK 1.6 kB URL HTTP/2 www.haftbarg.com/front/css/choices.min.css
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (6679), with no line terminators
Hash b2781c4af7632dc4176cedbfa04d7c02
bea1cd77d44db96a033b9ef6d7a6b089f30615fc
274c9aa880c82db30f269bc9e017b16d1c4946a92ea77f6e67a99b809cfc1e04
GET /front/css/choices.min.css HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Sat, 02 Oct 2021 14:36:32 GMT
etag: "1a17-61586e70-ecb38367d44eb8d2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1599
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 610ded4071faac3b5dd03e4d8b3dd898
4666bf6acd9745388a8a38cfaecc2dfae48c62b7
f29c768b4cc5d3983adad7ae41caba96c0d341e496d1d07c74523183a5aa3ce1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2513
Cache-Control: max-age=102485
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Etag: "63843af7-117"
Expires: Wed, 30 Nov 2022 05:19:04 GMT
Last-Modified: Mon, 28 Nov 2022 04:37:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash 29b46d43c98c61ae831e74dfaaf4f29f
e788fc68cfc59605d09e9f792b716a6d1bf3d5f5
3e049e8f59bfd46852ebd11ecd50621b9b220d71dd0ee0528e66927a56cfda44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3311
Cache-Control: max-age=160841
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Etag: "63851bcd-116"
Expires: Wed, 30 Nov 2022 21:31:40 GMT
Last-Modified: Mon, 28 Nov 2022 20:36:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
www.haftbarg.com/front/css/bootstrap.rtl.min.css
200 OK 20 kB URL HTTP/2 www.haftbarg.com/front/css/bootstrap.rtl.min.css
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 text, with very long lines (65307)
Hash b691c53e4649b433c17d6124f468993a
f54c629d2e168101688d977c7885399e97186bfd
f1f4445d4487b5d5d8cc234940227597f54bec5300f9fe3a558db35eedc5a66e
GET /front/css/bootstrap.rtl.min.css HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:33:08 GMT
etag: "2612d-62f5d804-16d59f31179a3c92;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20369
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 610ded4071faac3b5dd03e4d8b3dd898
4666bf6acd9745388a8a38cfaecc2dfae48c62b7
f29c768b4cc5d3983adad7ae41caba96c0d341e496d1d07c74523183a5aa3ce1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2513
Cache-Control: max-age=102485
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Etag: "63843af7-117"
Expires: Wed, 30 Nov 2022 05:19:04 GMT
Last-Modified: Mon, 28 Nov 2022 04:37:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
www.haftbarg.com/front/css/materialdesignicons.min.css
200 OK 42 kB URL HTTP/2 www.haftbarg.com/front/css/materialdesignicons.min.css
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2b40ad78bbe245713af8b9aa8a621c61
95ca3cdf14683e25ddf84893c53843b04c27d5ee
d0f5501a64c631915af2160e44eef79d3d9fe718122b55b53609a824b37ce23f
GET /front/css/materialdesignicons.min.css HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Sun, 17 Jan 2021 03:50:46 GMT
etag: "42ee2-6003b416-acce2f7a997b7e4d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 42020
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MM77iFZ/OnasQXoUdQXWsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fywyj9jrmmNMJ24MKHPS9XIROAo=
www.haftbarg.com/front/css/style.css?2
200 OK 16 kB URL HTTP/2 www.haftbarg.com/front/css/style.css?2
IP
ASN #60631 Pars Parva System LLC
File type assembler source, ASCII text, with very long lines (551)
Hash 8bc0f0b9b25e2e5a4df6c4f1afe9b8a4
864504356dfdccda575d15d419ab268a2d173bc5
cf52cac349c1f87e1542d7694ac73211a8322fbd27c177c35ae80b23a6260161
Analyzer Verdict Alert fortinet Phishing
GET /front/css/style.css?2 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Mon, 22 Aug 2022 00:36:24 GMT
etag: "1e2db-6302cf88-9d70e10cc78b6450;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 15824
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/css/colors/default.css
200 OK 1.4 kB URL HTTP/2 www.haftbarg.com/front/css/colors/default.css
IP
ASN #60631 Pars Parva System LLC
File type CSV text\012- assembler source, ASCII text, with CRLF line terminators
Hash be738d59f4c8b4a0d834574fdbad035f
52d6d6260819c9844d443edf42d8d215dfc67e0d
43f5570071c578a6a4c69d21d8f07ba084984c568c63e5ddaa4c0fabfc044514
GET /front/css/colors/default.css HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Thu, 03 Feb 2022 10:54:16 GMT
etag: "211c-61fbb458-b755c80ee2359363;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1403
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/css/my.css?7.4
200 OK 1.5 kB URL HTTP/2 www.haftbarg.com/front/css/my.css?7.4
IP
ASN #60631 Pars Parva System LLC
File type assembler source, ASCII text
Hash 52fdcde0fe439e886ebb54fee49a9b08
3211fd1b1686d96e84ec40b1fa8aee294ff5c372
fd1ce34f23fe95dda1c6cc284a11caab986aab60e8c4615db2e1244e0ce26f35
Analyzer Verdict Alert fortinet Phishing
GET /front/css/my.css?7.4 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 14:23:25 GMT
etag: "1e3c-6304e2dd-9d23fde89e131006;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1496
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/plugins.init.js
200 OK 3.9 kB URL HTTP/2 www.haftbarg.com/front/js/plugins.init.js
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with CRLF line terminators
Hash f48f824f5431eb23d13fe3dfa3aefaee
ee9d2a38d9809165dffe9b53deb594c7e7375369
e3cd0729cae2a249682dc69d6d7743280a849aeb8e0cbc19e416ccdc54cf8610
Analyzer Verdict Alert fortinet Phishing
GET /front/js/plugins.init.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 17:16:22 GMT
etag: "4ef9-61fd5f66-b385be1e5961aa50;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3934
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/app.js?7.3
200 OK 1.6 kB URL HTTP/2 www.haftbarg.com/front/js/app.js?7.3
IP
ASN #60631 Pars Parva System LLC
Hash 333c4ea87d1b9ba32b32f77e1d1432e4
7f460f2abacef248e0c81997d9fc7f86a7a0377d
9ef4511aae97d9ef9e969573615649cf6159db0ab9d2f9d413465750bb6a6580
GET /front/js/app.js?7.3 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 01:35:04 GMT
etag: "1b7e-6302dd48-15c4594bf5503b2e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1622
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/assets/js/persianumber.min.js
200 OK 446 B URL HTTP/2 www.haftbarg.com/assets/js/persianumber.min.js
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1437), with CRLF line terminators
Hash 20d553225ed18504b87c8c82c281fca9
4f09938be3c73e73bc42486852498aa460947465
518734aed3806572da7fa1cb10b98f13972d43f0c370341a69847a2729fb9adb
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/persianumber.min.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Fri, 07 May 2021 16:34:06 GMT
etag: "5a2-60956bfe-69be5c725ba01c18;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 446
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/images/logo-light-trans.png
200 OK 5.7 kB URL HTTP/2 www.haftbarg.com/front/images/logo-light-trans.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 80 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 49d1b4ff734d08db34d6f4bebf625021
47f46bfcd59276b3e7351d0efb11604a2b6607e5
c60b95451cfeb73a03d8e26f9a645f3f30e7da669cfb2d56e7afd754a4c8adad
GET /front/images/logo-light-trans.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 14:43:04 GMT
etag: "1618-62f7b878-284037fea2eee1de;;;"
accept-ranges: bytes
content-length: 5656
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:50:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.haftbarg.com/assets/js/jquery-2.1.0.min.js
200 OK 29 kB URL HTTP/2 www.haftbarg.com/assets/js/jquery-2.1.0.min.js
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (32065), with CRLF line terminators
Hash 42c2a18a3c9ab56c5a302501686b7228
f2f1d53b22720117d7b0694ca231152ca2f46337
49497071c7416fe75516005056d33d9f70e7e250dbb5c82a57724d336254c020
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-2.1.0.min.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Fri, 07 May 2021 16:34:06 GMT
etag: "146a3-60956bfe-fea6423ebecc9abd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 28596
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/bootstrap.bundle.min.js
200 OK 22 kB URL HTTP/2 www.haftbarg.com/front/js/bootstrap.bundle.min.js
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (65299)
Hash 5eb1c5cbc976eabbe6cf106772c048d0
763b4dcc0aed6589a8fb327d5aa2b58eb3c04164
16a2ffb4059b0e9685e36a6a338e8667c8c4a92063999233816bacf656991cbc
Analyzer Verdict Alert fortinet Phishing
GET /front/js/bootstrap.bundle.min.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Sat, 09 Oct 2021 20:14:24 GMT
etag: "13131-6161f820-9b1dc0853529ffbb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 22192
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/tiny-slider.js
200 OK 12 kB URL HTTP/2 www.haftbarg.com/front/js/tiny-slider.js
IP
ASN #60631 Pars Parva System LLC
File type ASCII text, with very long lines (31911)
Hash c1b7ab9cd31c3c8bfa1649dc9567ffde
4e26af3f4c4afc9c17f41001cc4a3dbf7dac0b47
f2b24cc8f3080602c37112fd822af3fa2b5385f86b534bc3376fbec6b37fdca9
Analyzer Verdict Alert fortinet Phishing
GET /front/js/tiny-slider.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Wed, 28 Apr 2021 10:44:32 GMT
etag: "7cd0-60893c90-b7a7fc9adcef249b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12400
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/feather.min.js
200 OK 19 kB URL HTTP/2 www.haftbarg.com/front/js/feather.min.js
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 text, with very long lines (61490)
Hash 9841a3acf72cf7dc75a5c9f7715369cd
7092c7bee8935e1e4d8bc1d12df2ed94da1c0798
ce4f7e196160385c7d7ada7cc668db133147b5498e96e9a72c471b87b5ff32fd
Analyzer Verdict Alert fortinet Phishing
GET /front/js/feather.min.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Tue, 27 Apr 2021 10:34:02 GMT
etag: "12803-6087e89a-54dde5aa16e8ab2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19341
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/choices.min.js
200 OK 18 kB URL HTTP/2 www.haftbarg.com/front/js/choices.min.js
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 text, with very long lines (62528)
Hash ff0b4361b5c45ecfb6f1c82c9e74439b
be30b38f2f53b9037895d8a57fca0fe200225fac
e376d565491d055250a7b1c199d8b5f626644fb41f4f74a8e8ecde4fabb3bca8
Analyzer Verdict Alert fortinet Phishing
GET /front/js/choices.min.js HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Sat, 02 Oct 2021 14:36:50 GMT
etag: "12039-61586e82-60d911396b65a451;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18545
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/front/js/floating-wpp.js?v=2.2
200 OK 4.1 kB URL HTTP/2 www.haftbarg.com/front/js/floating-wpp.js?v=2.2
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 text, with very long lines (2615)
Hash c5c65dbf50efe80816b7e582aad8ecad
6de464966c2e9487bc8cb758e5487f8175a2a40e
c5d7178ec1e5cd1a852ee71c1d9f5420fa42842bcd143cab3498470c49880cec
GET /front/js/floating-wpp.js?v=2.2 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 14:45:46 GMT
etag: "2a7f-6320979a-159454b0f602b7dd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4142
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Manrope:wght@400;500;600&display=swap
200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css2?family=Manrope:wght@400;500;600&display=swap
IP
Hash 6bd5fb2364f5e8f633f3a55443db890f
b530a1d0d3d8fcf7806a5f4022b25fb6b662cb31
6689b0e037357fc618c4ded26ad3d0d2dba7ef4068aaf2d40fdfe67bb902f086
GET /css2?family=Manrope:wght@400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 00:50:59 GMT
date: Tue, 29 Nov 2022 00:50:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.haftbarg.com/front/images/logo-dark-trans.png
200 OK 5.5 kB URL HTTP/2 www.haftbarg.com/front/images/logo-dark-trans.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 80 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e57f22bf9175a2900263322d8c2a79b
bb46b73e45f651492861e5e5127c4016df641033
809e0154c8e44b7fc657334ad4b4eb2b4f6e0b17857971a3457c16f31ec4d73a
GET /front/images/logo-dark-trans.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 14:47:10 GMT
etag: "1552-62f7b96e-f1dad6691e7f156c;;;"
accept-ranges: bytes
content-length: 5458
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/front/fonts/iranYekan/iranyekanwebregular.e31c09af.woff2
200 OK 17 kB URL HTTP/2 www.haftbarg.com/front/fonts/iranYekan/iranyekanwebregular.e31c09af.woff2
IP
ASN #60631 Pars Parva System LLC
File type Web Open Font Format (Version 2), TrueType, length 16904, version 1.0\012- data
Hash 1fdcadecb1a82e89e6d2547bc027976e
d2f39675c0d34ac7d0d973f72cef8d279324ca63
6da82b2652c9a0459453f025e284bc6143db51dad050541d102eac6a922d01d4
Analyzer Verdict Alert fortinet Phishing
GET /front/fonts/iranYekan/iranyekanwebregular.e31c09af.woff2 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.haftbarg.com/front/css/my.css?7.4
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: font/woff2
last-modified: Thu, 11 Aug 2022 00:45:38 GMT
etag: "4208-62f45132-3a5892fa8e5018d0;;;"
accept-ranges: bytes
content-length: 16904
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/front/fonts/iranYekan/iranyekanweblight.1225b31b.woff2
200 OK 17 kB URL HTTP/2 www.haftbarg.com/front/fonts/iranYekan/iranyekanweblight.1225b31b.woff2
IP
ASN #60631 Pars Parva System LLC
File type Web Open Font Format (Version 2), TrueType, length 17300, version 1.0\012- data
Hash a80f71ff899a3f07228e1584b6426744
af9f0b41c9bb9fdab4b4f6b8f3981628d123c996
cff341d8949170000ae867aaefe3f82122790c4d9c43acb87bae7e8692be8a56
Analyzer Verdict Alert fortinet Phishing
GET /front/fonts/iranYekan/iranyekanweblight.1225b31b.woff2 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.haftbarg.com/front/css/my.css?7.4
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: font/woff2
last-modified: Thu, 11 Aug 2022 01:02:48 GMT
etag: "4394-62f45538-e659e1b2e0d955e5;;;"
accept-ranges: bytes
content-length: 17300
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/front/fonts/iranYekan/iranyekanwebbold.cfb6e26c.woff2
200 OK 17 kB URL HTTP/2 www.haftbarg.com/front/fonts/iranYekan/iranyekanwebbold.cfb6e26c.woff2
IP
ASN #60631 Pars Parva System LLC
File type Web Open Font Format (Version 2), TrueType, length 17048, version 1.0\012- data
Hash fe12f13a160a0abadd60db289937a1ef
5edb5c3670e022824f7f14d46120ac637785351f
8606b35f6eac323bee34566e322f3c1705b46062600e862fd5d6a79bc21fd245
Analyzer Verdict Alert fortinet Phishing
GET /front/fonts/iranYekan/iranyekanwebbold.cfb6e26c.woff2 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.haftbarg.com/front/css/my.css?7.4
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: font/woff2
last-modified: Thu, 11 Aug 2022 00:45:48 GMT
etag: "4298-62f4513c-a3ada5b421124451;;;"
accept-ranges: bytes
content-length: 17048
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 00:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 00:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 00:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 00:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12076
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 00:51:00 GMT
Connection: keep-alive
www.haftbarg.com/front/fonts/iranYekan/iranyekanwebmedium.2d4f96e5.woff
200 OK 36 kB URL HTTP/2 www.haftbarg.com/front/fonts/iranYekan/iranyekanwebmedium.2d4f96e5.woff
IP
ASN #60631 Pars Parva System LLC
File type Web Open Font Format, TrueType, length 35925, version 3.0\012- data
Hash 492984b84b9f05835f9c5e7edfb9db12
a8b47d55d0d5b18a5e78b382d822c39d27cadae1
a92ad94d332d7a07f75dbb982ecb1312de15f9a416ef200817be8aa69c04a18d
Analyzer Verdict Alert fortinet Phishing
GET /front/fonts/iranYekan/iranyekanwebmedium.2d4f96e5.woff HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.haftbarg.com/front/css/my.css?7.4
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Thu, 11 Aug 2022 00:45:42 GMT
etag: "8c55-62f45136-3cc980eca6711cc1;;;"
accept-ranges: bytes
content-length: 35925
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e44c46db2ac9917110dc47aa38fdc85
b5b245c90705ad80c31d457c0d7c96709ca31e96
5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:45 GMT
age: 53835
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:58 GMT
age: 76742
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06723cdab42df9b5334f540a8c7ebc60
3bbc44cb84a37ce6a067db4301dd81647a77c29f
9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 73Fr-7-mRcw9_OVt8Wdi4pjFBHkqi_vBa-zgLtbHKEx1ay9s8wDSgQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 06:26:11 GMT
age: 66289
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 10926
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RAAJeCuVxs-hpp4wMmcBEmqPf71bUMueBvhwLaYTixj9IiIGNp0ZIQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:28:27 GMT
age: 1353
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b421b66a29c15df61049ef5d5f34bc2
f3c1297885fa2fd37557222d5490dfb0afed19ef
3c88aecb898378f0d070fe9e9733ac42b89b57349e8e9f51ffb0508b88821980
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: e9825e7e-0fa7-4165-9b59-f554a4bf1d6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_dkuFKToAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c761e-7ebc3c3b480cdd94059616b7;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:11:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TQQiAdJwsSxsS2C-3y_SNOHPtiuPMKcfu-4Db4zlOjbHsTfRnHWl8Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:00:12 GMT
age: 60648
etag: "f3c1297885fa2fd37557222d5490dfb0afed19ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.haftbarg.com/livewire/livewire.js?id=de3fca26689cb5a39af4
200 OK 60 kB URL HTTP/2 www.haftbarg.com/livewire/livewire.js?id=de3fca26689cb5a39af4
IP
ASN #60631 Pars Parva System LLC
File type Unicode text, UTF-8 text, with very long lines (54451)
Hash 61b74de191d349c10f969cbbcfd0cc77
1efafc174d2f0b73c7813e2b4ecc832f65d1c6cf
1973347e86e694771b609c3c19a53a1bc5b959fcc404f88bce13779c69fd6c55
Analyzer Verdict Alert fortinet Phishing
GET /livewire/livewire.js?id=de3fca26689cb5a39af4 HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
content-type: application/javascript; charset=utf-8
expires: Wed, 29 Nov 2023 00:50:59 GMT
cache-control: max-age=31536000, public
last-modified: Thu, 11 Aug 2022 07:42:06 GMT
accept-ranges: bytes
set-cookie: haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0; expires=Tue, 29-Nov-2022 02:50:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/cover-1_4x1.jpg
200 OK 36 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/cover-1_4x1.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x357, components 3\012- data
Hash 05089f4a6f8313619a69088df8f4a9e8
82943441d29345dc89f8191dd09b13a96d60d731
9daa67b7e0fc37bdf0ce343f9c92b1dbcb3fa25462e07d9fbab1b6cdd9133e8a
GET /plugins/filemanager/source/cover-1_4x1.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Mon, 21 Nov 2022 07:15:49 GMT
etag: "8b6b-637b25a5-4815261cd61ffd38;;;"
accept-ranges: bytes
content-length: 35691
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/front/images/bg/44.png
200 OK 63 kB URL HTTP/2 www.haftbarg.com/front/images/bg/44.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 942 x 500, 8-bit/color RGB, non-interlaced\012- data
Hash 09e417225bb293cecc4723560c6f34f2
55c60d31def3570b2fa4066f011ef7cd7c9679e5
7bb12a043647854d7658d0169cb7ed3840a1f70713536a2284da9f80fbfd4166
GET /front/images/bg/44.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Fri, 12 Aug 2022 04:10:26 GMT
etag: "f59f-62f5d2b2-a77041afd23c36c7;;;"
accept-ranges: bytes
content-length: 62879
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/images/left-arrow.svg
200 OK 714 B URL HTTP/2 www.haftbarg.com/images/left-arrow.svg
IP
ASN #60631 Pars Parva System LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 55022ff10f5cf40e62fda9f664763088
d13e45c5f753fb561a2b94212fa26d9e4f9a6cb8
6b6420a358c95d334cd14a87fa934e890666a28a63c78530238928af7f691506
Analyzer Verdict Alert fortinet Phishing
GET /images/left-arrow.svg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:51:00 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Apr 2021 19:05:05 GMT
etag: "6a2-60886061-8ccdc881063caa28;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 714
date: Tue, 29 Nov 2022 00:51:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/%D9%86%D9%85%D9%88%D9%86%D9%87-%D8%A8%D8%B1%D8%AF%D8%A7%D8%B1%DB%8C-%D8%A8%D8%B1%DA%AF.jpg
200 OK 50 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/%D9%86%D9%85%D9%88%D9%86%D9%87-%D8%A8%D8%B1%D8%AF%D8%A7%D8%B1%DB%8C-%D8%A8%D8%B1%DA%AF.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 628x378, components 3\012- data
Hash 0a7e82e1ec52ff77847729c67dd0ceff
3935a5587f42402277603801545349f44fe1eb24
f024ed03e91596eb060b87518a7e024dc0c65dd42659904c77011aee3b718c05
GET /plugins/filemanager/source/%D9%86%D9%85%D9%88%D9%86%D9%87-%D8%A8%D8%B1%D8%AF%D8%A7%D8%B1%DB%8C-%D8%A8%D8%B1%DA%AF.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Wed, 16 Nov 2022 10:24:02 GMT
etag: "c545-6374ba42-a1413209d76c0764;;;"
accept-ranges: bytes
content-length: 50501
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/1480148320fish-597x430.jpg
200 OK 67 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/1480148320fish-597x430.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 597x430, components 3\012- data
Hash cf931daa85c338bde63a2671569d6eba
b3ba24cdfa681b85935ef1fe6f73ceae79f9945e
501218d2fc85a330962adc0fd147bd01015a183f28b3aac2489199bb989b0729
GET /plugins/filemanager/source/1480148320fish-597x430.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Tue, 22 Nov 2022 17:49:53 GMT
etag: "1053a-637d0bc1-751f9c202d9f1cad;;;"
accept-ranges: bytes
content-length: 66874
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/373.jpg
200 OK 113 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/373.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x473, components 3\012- data
Size 113 kB (113154 bytes)
Hash 444928e5c5e74920635c9f380372fb37
23c91e6ac99b6ce9a88a8f8ac7902d5dafe21343
4cdbe4246ca1735be550e53bd69d9e1d74b2df7bc5b78af079155ea4be42671a
GET /plugins/filemanager/source/373.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Fri, 18 Nov 2022 09:33:11 GMT
etag: "1ba02-63775157-8731ed80f18dbd07;;;"
accept-ranges: bytes
content-length: 113154
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/%D8%A8%D8%A7%D8%BA%20%DA%AF%DB%8C%D8%A7%D9%87%20%D8%B4%D9%86%D8%A7%D8%B3%DB%8C4.jpg
200 OK 114 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/%D8%A8%D8%A7%D8%BA%20%DA%AF%DB%8C%D8%A7%D9%87%20%D8%B4%D9%86%D8%A7%D8%B3%DB%8C4.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 680x338, components 3\012- data
Size 114 kB (113974 bytes)
Hash 347bb4a891f4e17c5500f12608112f4f
dff3b9bc885c35f814435318ee7c739076d87d6b
878b41bc78edececb4f76b9e36d8ef041e7cd503ad4ca488dfc3bfa9e3f5d791
GET /plugins/filemanager/source/%D8%A8%D8%A7%D8%BA%20%DA%AF%DB%8C%D8%A7%D9%87%20%D8%B4%D9%86%D8%A7%D8%B3%DB%8C4.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 08:17:36 GMT
etag: "1bd36-63734b20-2b01fc627352c773;;;"
accept-ranges: bytes
content-length: 113974
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/06d16f109058509-5fcb24458da1a-1024x549.jpg
200 OK 140 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/06d16f109058509-5fcb24458da1a-1024x549.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x549, components 3\012- data
Size 140 kB (139911 bytes)
Hash 9ae3bb62aef4f76044d974c898bf0bb0
d2864191b305220f7a7513e3503d11ce266f40b6
1307a6e8702ca7182823236493e0019db54460fa72d0c083a1856d314fd5c8ab
GET /plugins/filemanager/source/06d16f109058509-5fcb24458da1a-1024x549.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Thu, 10 Nov 2022 10:43:21 GMT
etag: "22287-636cd5c9-df1c1a21a0be54bf;;;"
accept-ranges: bytes
content-length: 139911
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/14-1.jpg
200 OK 192 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/14-1.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1350x672, components 3\012- data
Size 192 kB (191823 bytes)
Hash 9bcdbd29545f70024c6399b2a12f4b80
bfff8d49adef24b873cf730c09833d5d6c4e8bb9
7ad18283abbbcb5887c2446b254ba27c772289bdc32fbc7ce6178a360850afe3
GET /plugins/filemanager/source/14-1.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Sat, 26 Nov 2022 16:39:30 GMT
etag: "2ed4f-63824142-5060c1cdb5547da3;;;"
accept-ranges: bytes
content-length: 191823
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
haftbarg.com/plugins/filemanager/source/yoga%20(1).png
200 OK 180 kB URL HTTP/2 haftbarg.com/plugins/filemanager/source/yoga%20(1).png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 370 x 264, 8-bit/color RGB, non-interlaced\012- data
Size 180 kB (179782 bytes)
Hash 8bba0a06584711b895b1b790b0df8091
99f063ff93a34cc093f6471d5dcf74f33cc4994e
08b89a8a2b1d2386bf3e7a1737280e698308dd5a80915479b2786cfc408c5919
GET /plugins/filemanager/source/yoga%20(1).png HTTP/1.1
Host: haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Sun, 20 Nov 2022 17:21:13 GMT
etag: "2be46-637a6209-8b38e505ba5667d1;;;"
accept-ranges: bytes
content-length: 179782
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/apple-touch-icon.png
200 OK 24 kB URL HTTP/2 www.haftbarg.com/apple-touch-icon.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ade6e95913060d4515efb58333a2069
5e1e4cc3c299bbca9c29be103883884c8620ea37
33326805c86e5492b9a88841ee809add2a1bb8e32738ce04eafcd3bdbb61a69f
GET /apple-touch-icon.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:51:03 GMT
content-type: image/png
last-modified: Thu, 12 May 2022 12:59:14 GMT
etag: "5dfe-627d04a2-a5bc33684d5826f9;;;"
accept-ranges: bytes
content-length: 24062
date: Tue, 29 Nov 2022 00:51:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/favicon-16x16.png
200 OK 2.0 kB URL HTTP/2 www.haftbarg.com/favicon-16x16.png
IP
ASN #60631 Pars Parva System LLC
Hash 96caa3cb4c9faeaa0105347d345344b8
5f9982b35c9b5b9793bf1c99e5ad32871ac446c1
3d84183f0d02ebf58f229fc6d95180f7f7fff3361c850bf43b62d5a582e45811
GET /favicon-16x16.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:51:03 GMT
content-type: image/png
last-modified: Thu, 12 May 2022 12:59:14 GMT
etag: "2f2-627d04a2-b0f30656f67efc18;;;"
accept-ranges: bytes
content-length: 754
date: Tue, 29 Nov 2022 00:51:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/saghakhane.png
200 OK 345 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/saghakhane.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 333 x 433, 8-bit/color RGB, non-interlaced\012- data
Size 345 kB (344600 bytes)
Hash 373c445ab99b8c9da62127d44792118c
cd1678e67939823d9c2adf4de9f3c352d4671f7a
55e698e2ff1806e2dd4f24a85cedb8299c023f982ca3c33cc274d825ebd007cf
GET /plugins/filemanager/source/saghakhane.png HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Mon, 21 Nov 2022 09:09:19 GMT
etag: "54218-637b403f-efafdf92e44147a2;;;"
accept-ranges: bytes
content-length: 344600
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.haftbarg.com/plugins/filemanager/source/Bird_Cages_Berlin_Zoo.jpg
200 OK 428 kB URL HTTP/2 www.haftbarg.com/plugins/filemanager/source/Bird_Cages_Berlin_Zoo.jpg
IP
ASN #60631 Pars Parva System LLC
File type JPEG image data, baseline, precision 8, 1200x800, components 3\012- data
Size 428 kB (427718 bytes)
Hash 0d0e0b128a6c8ec2169aa2b04a2501d9
722d365e5daef8a295a94db9a24c43dec86d99c1
2190d18d11b87bbe51f5a4dd44bdccbdd6cbfbfcbe95576b3aaf70546591b29b
GET /plugins/filemanager/source/Bird_Cages_Berlin_Zoo.jpg HTTP/1.1
Host: www.haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjdaOW05MWRQNDRIQ1NZQVRZTG1GOHc9PSIsInZhbHVlIjoiVy9pUE1mOU9pNjh4TEkvalFLbVNDME9EK1lzWFpuZHJmQjNqdjdhK3JFaXJuRTRTVkMxMFNTK0NUeUpkNUNmd1VXN1J0RFJ2dDZ5VmlHMGVUMThUcnIvMmg5SXVENXBTb1ZOVlQ1MnpEcVFIYzRlRjhxSVJDUEhSZ1p1NlFkSlciLCJtYWMiOiI0YThhN2I5MDIzNmY5ZmU3YTE2NzZjYWEwMWY0NTY2N2Q0YTUxN2VlMGFkMWZiMTc3ODU2NjVjOTM2M2Q0ZGIwIn0%3D; haftbarg_session=Ucey2x6LvcRY7FdkISVkIzscFptOoKFMyhAwyBr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/jpeg
last-modified: Sat, 19 Nov 2022 15:41:52 GMT
etag: "686c6-6378f940-6abd37cdb0256d9a;;;"
accept-ranges: bytes
content-length: 427718
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
haftbarg.com/plugins/filemanager/source/Untitled.png
200 OK 477 kB URL HTTP/2 haftbarg.com/plugins/filemanager/source/Untitled.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 542 x 354, 8-bit/color RGB, non-interlaced\012- data
Size 477 kB (476614 bytes)
Hash bd2228a511792d0023891c3b422d7334
0b686637ed16879e6875e9de8183382d037aa726
9bb8598a0df7c03dda489acfce13a52b49b9874b60c013a30a16e24e7b0944e3
GET /plugins/filemanager/source/Untitled.png HTTP/1.1
Host: haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Mon, 14 Nov 2022 11:52:23 GMT
etag: "745c6-63722bf7-102c86705ada2884;;;"
accept-ranges: bytes
content-length: 476614
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
haftbarg.com/plugins/filemanager/source/mosighi.png
200 OK 491 kB URL HTTP/2 haftbarg.com/plugins/filemanager/source/mosighi.png
IP
ASN #60631 Pars Parva System LLC
File type PNG image data, 492 x 393, 8-bit/color RGB, non-interlaced\012- data
Size 491 kB (490771 bytes)
Hash 1e6079b1c852acd0e3caea7eedcf6dbd
ef473bbe9cd120f37cb0c3f30ae15757daa83efb
ce0800194411a33fbcf19afb2649e836885a1a77809df5e2a8a6fc6a43f84fcc
GET /plugins/filemanager/source/mosighi.png HTTP/1.1
Host: haftbarg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 00:50:59 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 13:13:48 GMT
etag: "77d13-636e4a8c-c545b80e4f0808c9;;;"
accept-ranges: bytes
content-length: 490771
date: Tue, 29 Nov 2022 00:50:59 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
rawcdn.githack.com/rafaelbotazini/floating-whatsapp/3d18b26d5c7d430a1ab0b664f8ca6b69014aed68/floating-wpp.min.css
200 OK 0 B URL HTTP/2 rawcdn.githack.com/rafaelbotazini/floating-whatsapp/3d18b26d5c7d430a1ab0b664f8ca6b69014aed68/floating-wpp.min.css
IP
GET /rafaelbotazini/floating-whatsapp/3d18b26d5c7d430a1ab0b664f8ca6b69014aed68/floating-wpp.min.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:50:59 GMT
content-type: text/css; charset=utf-8
etag: W/"bcda91a30b07f4990bfead66a191b59f6e981ff80424db46f5b634b9f0c24732"
x-content-type-options: nosniff
x-github-request-id: DE20:031E:125F15:15B98C:620D21AA
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1645044387.313477,VS0,VE168
vary: Authorization,Accept-Encoding,Origin
x-fastly-request-id: a807c84f4e3eabfc38f2f2f6da5f35bfb8fddcb9
source-age: 0
expires: Sat, 05 Aug 2023 04:44:42 GMT
cache-control: max-age=31536000, public, immutable
x-robots-tag: none
access-control-allow-origin: *
x-githack-cache-status: STALE
cf-cache-status: HIT
age: 7765088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Tc%2FJYt%2F2uX6uIHNhYt6sajoaK8%2B4tUGaeSPyZVvEBnIRwVq1A6%2BlJr1%2FsL%2FQ%2BWPjEz7HtpEeLOjG4bSmuNm%2B2O1ITYMO7oghcmFwA8rnUtcCg3JspsUtgUTJqHoez%2BabtcQjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77175a2f9beadc21-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unicons.iconscout.com/release/v4.0.0/css/line.css
200 OK 0 B URL HTTP/2 unicons.iconscout.com/release/v4.0.0/css/line.css
IP
GET /release/v4.0.0/css/line.css HTTP/1.1
Host: unicons.iconscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.haftbarg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:50:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=66419
etag: W/"accdbde3b79ab05345137cafe7201b9d"
last-modified: Thu, 20 May 2021 04:30:22 GMT
x-amz-id-2: P5XLhUx9Ug+xt3oqeVBPLAqJKpW6FnNyUcRXEofuVPqZGVy5h+A14EktSxYCFF35OTsERcxKceg=
x-amz-request-id: 72MVX3TAYHRCCVJJ
cf-cache-status: HIT
age: 1724987
expires: Wed, 29 Nov 2023 00:50:59 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77175a2f4c79b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
185.231.115.85
54.148.77.40
104.21.234.230
93.184.220.29
23.36.77.32