Report - wapka.rzb.ir/

Report Overview

Visited public
2025-06-09 08:36:16
Tags
Submit Tags
URL
wapka.rzb.ir/
Finishing URL
wapka.rzb.ir/
IP / ASN
178.216.251.232
#43754 Asiatech Data Transmission company
Title
wapka.r98.ir

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
upload.tehran98.com	unknown	2011-03-11	2012-10-24	2025-01-28	842 B	0 B	0.0.0.0
rozblog.com	202745	2009-12-07	2012-05-23	2025-06-08	1.3 kB	1.4 kB	79.127.127.68
www.rozblog.com	unknown	2009-12-07	2012-07-05	2025-06-04	3.7 kB	75 kB	79.127.127.68
wapka.rzb.ir	unknown	unknown	2025-06-09	2025-06-09	8.7 kB	404 kB	178.216.251.232
up.mspdl.ir	unknown	unknown	2025-06-09	2025-06-09	412 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-09	medium	mspdl.ir	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	wapka.rzb.ir/	ScriptElement	172 B	2025-06-09	2025-06-09
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-09 08:36 Last Seen2025-06-09 08:36 Times Seen1 Hash 0dc7086f8521fd1d6b0dfe0eb46e76e5 4a122a5ff310a4f1de0b2c205c3ffbea5d956f5c 31df909b43c3c8cef674e59c2268ccd4d31234908e1c44056a6ac365e8be9b37 Loading...

	wapka.rzb.ir/	ScriptElement	172 B	2025-06-09	2025-06-09
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-09 08:36 Last Seen2025-06-09 08:36 Times Seen1 Hash 0dc7086f8521fd1d6b0dfe0eb46e76e5 4a122a5ff310a4f1de0b2c205c3ffbea5d956f5c 31df909b43c3c8cef674e59c2268ccd4d31234908e1c44056a6ac365e8be9b37 Loading...

	wapka.rzb.ir/	ScriptElement	71 B	2024-08-02	2025-07-13
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-02 10:10 Last Seen2025-07-13 03:57 Times Seen83 Hash dab04c8631f41a7502729de26ef01283 35fc5e7a7e8563ac8ade34359e936a4068035899 7aba0ff8a112646941014dcb7e9c113e7df3d3370b2b1ef099c8f16348729c75 Loading...

	wapka.rzb.ir/js/site.js?24.22	ScriptElement	74 kB	2025-05-30	2025-06-12
Pretty URL wapka.rzb.ir/js/site.js?24.22 IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 08:47 Last Seen2025-06-12 07:38 Times Seen9 Hash e56a4c52838e03df656c48792b2a57cb 00de597702a932e67a004acc721d76e0eb8bbc99 2dd67fba4cadc0c42067bd90622e44f3b79fdf6da2277178a782fc5e040110c7 Loading...

	wapka.rzb.ir/temp/default/script.js	ScriptElement	1.2 kB	2023-03-07	2025-07-13
Pretty URL wapka.rzb.ir/temp/default/script.js IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-13 03:57 Times Seen628 Hash 0f79a0db21adf42d6692070342a13c8e bf3349841b9b81f0cb9b6694cbc5b4ebb8fe714a c73a5c5ae7ea0f3c2f22e53038af6a95f5ceaa91abb56a7ac80f61c14745f359 Loading...

	wapka.rzb.ir/code/popup	ScriptElement	3.2 kB	2025-06-09	2025-06-09
Pretty URL wapka.rzb.ir/code/popup IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-09 08:36 Last Seen2025-06-09 08:36 Times Seen1 Hash 0b3df940f3d24df0ac82975a7fd6cf7d 1dd28c4ba54867d96d4a7d744aa8df584eb33fb4 e7ba457d2d9cf5b7a2965e4fd156a3278a9ef8260af3f7e46fbfc5865783c68f Loading...

	wapka.rzb.ir/	Eval	339 B	2023-11-06	2025-07-13
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by eval Embedded in HTML false Observations First Seen2023-11-06 03:28 Last Seen2025-07-13 03:57 Times Seen540 Hash a89c17fe41f8c30cded2b40d908b4046 b2c0c22975ec2c2ccd36cbd55f7fe7dbc6fd53f3 76589eaae47466b16f06ac5b6442d9534917f538b4fdce9dfd5bae0f3b1ad5a8 Loading...

	wapka.rzb.ir/	Eval	684 B	2024-07-05	2025-07-13
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by eval Embedded in HTML false Observations First Seen2024-07-05 06:35 Last Seen2025-07-13 03:57 Times Seen98 Hash adda90a1ec2ad44862c1bf03ef149447 01c283dfbde9ea42c0125abf6645bc78fcbbc091 aad90e46b64cc7d2c6ef9ff48543b90b48ddb89f4a5ef8df8b0c7150f66275a5 Loading...

	wapka.rzb.ir/	Eval	142 B	2023-03-07	2025-07-13
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-07-13 03:57 Times Seen689 Hash 379686aa20f7045d96c393363f6d117e 7b948699c1ec200169dc9c470be04809b5da42d2 818d91b37b1e996c8afdfd05018b5780ff2be46b14430eaf5a166463bfe2f0c3 Loading...

	wapka.rzb.ir/	Eval	350 B	2023-09-03	2025-07-13
Pretty URL wapka.rzb.ir/ IP 178.216.251.232 ASN #43754 Asiatech Data Transmission company Introduced by eval Embedded in HTML false Observations First Seen2023-09-03 23:51 Last Seen2025-07-13 03:57 Times Seen653 Hash 22a2214d6bc75c7ca9f8a1b59281d3c9 7460ebe76697609ad95a026a1a3bbe35651a0986 ac7a643ea85d7458d8e394b68122cfe131679e59c4b746990515ba19294833a0 Loading...

HTTP Transactions (30)

URL IP Response Size

GET upload.tehran98.com/img1/l2uhhwk12m2h3nmyas.jpg

0.0.0.0

0 B

URL GET
upload.tehran98.com/img1/l2uhhwk12m2h3nmyas.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://wapka.rzb.ir/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img1/l2uhhwk12m2h3nmyas.jpg HTTP/1.1
Host: upload.tehran98.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET rozblog.com/temp/music3/MTForumBlock_row_over.png

79.127.127.68

301 Moved Permanently

139 B

URL GET
rozblog.com/temp/music3/MTForumBlock_row_over.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type

Size
139 B (139 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /temp/music3/MTForumBlock_row_over.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
location: https://www.rozblog.com/temp/music3/MTForumBlock_row_over.png
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2

GET www.rozblog.com/temp/music3/MTForumBlock_row_over.png

79.127.127.68

200 OK

139 B

URL GET
www.rozblog.com/temp/music3/MTForumBlock_row_over.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced
Size
139 B (139 bytes)
Hash
1fd885e3d0a8fc062470706ae84ea56b
f0e6c850b1794c523ca16bf087054cb843daf6fa
e0dc411ff39139fd39b2cf6d027ab2d56fbd3b51bacc0935e1ae284e65c64e40

HTTP Headers

GET /temp/music3/MTForumBlock_row_over.png HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2011 21:44:44 GMT
accept-ranges: bytes
content-length: 139
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET wapka.rzb.ir/theme/rozblog_v4/favi1.ico

178.216.251.232

200 OK

1.2 kB

URL GET
wapka.rzb.ir/theme/rozblog_v4/favi1.ico
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
129e0e4681906fae60ea32d066a7b4c5
33c024415db44baa3aba0f13df1399d9b81ac9e6
0a14eb14e53df8201b78084ab9a276a1f4ca01e55a20c3b8b0b6f3b660ee3ff0

HTTP Headers

GET /theme/rozblog_v4/favi1.ico HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=3972868469ceb12671202046941098231457
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:56 GMT
content-type: image/x-icon
last-modified: Tue, 18 Nov 2014 15:12:07 GMT
accept-ranges: bytes
content-length: 1150
date: Mon, 09 Jun 2025 08:35:56 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET wapka.rzb.ir/temp/tarahi/styles.css

178.216.251.232

200 OK

23 kB

URL GET
wapka.rzb.ir/temp/tarahi/styles.css
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
ASCII text, with CRLF line terminators
Size
23 kB (23039 bytes)
Hash
d52d78ef23e2ca640b2d9cdc8be85be2
ad6dab470d0c15dd48d0b782caf43c613af70e49
02e3d17280c575aa44146c87a52c86e1b62c0e95ee0cb5632e67369192eb35c6

HTTP Headers

GET /temp/tarahi/styles.css HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 09 Jul 2025 08:35:55 GMT
content-type: text/css
last-modified: Sat, 26 Apr 2025 17:17:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5510
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
access-control-allow-origin: *

GET wapka.rzb.ir/temp/pro/ads_468.jpg

178.216.251.232

200 OK

6.3 kB

URL GET
wapka.rzb.ir/temp/pro/ads_468.jpg
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 468x60, components 3
Size
6.3 kB (6286 bytes)
Hash
db8cac5e50e0f1be65a3ec0756ea6612
3053609e1039ab6d0d0be6adefeaf7ba7a243cf6
8f10f1e719bda34ecfc3af6b50f8273e9c9676d10612eff12aad2382d458ef1d

HTTP Headers

GET /temp/pro/ads_468.jpg HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/jpeg
last-modified: Fri, 20 Feb 2015 09:52:01 GMT
accept-ranges: bytes
content-length: 6286
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET wapka.rzb.ir/include/captcha/cap9.php

178.216.251.232

200 OK

3.3 kB

URL GET
wapka.rzb.ir/include/captcha/cap9.php
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
PNG image data, 100 x 30, 8-bit/color RGB, non-interlaced
Size
3.3 kB (3301 bytes)
Hash
9e288b3589ffb6fe732baa67ae96bbd8
c7cd1cc2192b749b06361a784f4dca58b6071d58
9e7f42cba976585c8974c89ddc80f792dc0cf3d4bdc984dc4a2bcab86efad4b8

HTTP Headers

GET /include/captcha/cap9.php HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: image/png
content-length: 3301
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET wapka.rzb.ir/images/refresh2.svg

178.216.251.232

200 OK

276 B

URL GET
wapka.rzb.ir/images/refresh2.svg
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
SVG Scalable Vector Graphics image
Size
276 B (276 bytes)
Hash
7082e86e2a3c9646fa1aa922b8e3a2d6
7f704127e872b5b94b8e2dd7959e2d5c9b9379a8
d1254b0bb9112500f8f39e1130f0a6c8dca1037d416e7f7d6524894b31b06b00

HTTP Headers

GET /images/refresh2.svg HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Mon, 16 Jun 2025 08:35:55 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Apr 2021 22:57:34 GMT
etag: "114-6089e85e-9f2e18d89b796b95;;;"
accept-ranges: bytes
content-length: 276
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET www.rozblog.com/theme/ads/Vazir.woff

79.127.127.68

200 OK

54 kB

URL GET
www.rozblog.com/theme/ads/Vazir.woff
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://www.rozblog.com/theme/ads/banner.html
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
Web Open Font Format, TrueType, length 54004, version 0.0
Size
54 kB (54004 bytes)
Hash
abdaaf2e791f4416323efffec0a85b49
a9a3ee5482b64dd5792a0845e576806c79354118
2bcfbc8d9cbea056d3c0a8e511a28ef7461748230cec56b40ac0952058725adb

HTTP Headers

GET /theme/ads/Vazir.woff HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.rozblog.com/theme/ads/style_ads.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 11 Jun 2025 08:35:56 GMT
content-type: font/woff
last-modified: Tue, 09 Jul 2024 11:20:37 GMT
etag: "d2f4-668d1d05-beec0b8c8b94f6c8;;;"
accept-ranges: bytes
content-length: 54004
date: Mon, 09 Jun 2025 08:35:56 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
access-control-allow-origin: *

GET wapka.rzb.ir/

178.216.251.232

200 OK

62 kB

URL User Request GET
wapka.rzb.ir/
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1442), with CRLF, LF line terminators
Size
62 kB (61752 bytes)
Hash
8e688e39ae4e4029f81af9dfbd5e14bb
bed6605fcaf2c5aa7cd92ecfd542d9d36bb43ca4
f0d9d2ec1ca1e68954081aef30b295b8cc04ef46119bb507b8da883d036b894d

HTTP Headers

GET / HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
set-cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; path=/; secure
id_guest=1926921383; expires=Wed, 09 Jul 2025 08:35:54 GMT; Max-Age=2592000; path=/; secure
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Mon, 09 Jun 2025 08:35:54 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET wapka.rzb.ir/images/no_image.png

178.216.251.232

200 OK

38 kB

URL GET
wapka.rzb.ir/images/no_image.png
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
PNG image data, 578 x 423, 8-bit/color RGBA, non-interlaced
Size
38 kB (38401 bytes)
Hash
480874c4d09ee78c62f3c54188da6d63
87a5d589012b6154193c9b6b2ee85270d74a5db9
1ecdb8bb333e1fd849a68901df9fc9df554838b7e76ac0b18597ea3d5b95a72a

HTTP Headers

GET /images/no_image.png HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Sat, 12 Aug 2023 16:24:04 GMT
accept-ranges: bytes
content-length: 38401
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET www.rozblog.com/temp/music3/MTForumBlock_row.png

79.127.127.68

200 OK

155 B

URL GET
www.rozblog.com/temp/music3/MTForumBlock_row.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced
Size
155 B (155 bytes)
Hash
3ae7d651d73f3b247f9737655c53e08e
476c9a585906552a1054a74f88de640142ce40f5
d5496cde5cf105a1cf8c8fe59e0efefba5859a4fbff07a4701ec4f4a7c6e5ac5

HTTP Headers

GET /temp/music3/MTForumBlock_row.png HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2011 21:45:04 GMT
accept-ranges: bytes
content-length: 155
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET www.rozblog.com/theme/ads/style_ads.css

79.127.127.68

200 OK

2.1 kB

URL GET
www.rozblog.com/theme/ads/style_ads.css
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://www.rozblog.com/theme/ads/banner.html
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
ASCII text
Size
2.1 kB (2133 bytes)
Hash
692c3a98b1967065e9adad2c348e9d08
b9558f78445af0ceb359403fc8e67ed995f3f5a7
42f4dc74e88e0c6e8e4f16e13ae40a013004a3bfa842d6210dc3dcc6ebef0e26

HTTP Headers

GET /theme/ads/style_ads.css HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rozblog.com/theme/ads/banner.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 09 Jul 2025 08:35:55 GMT
content-type: text/css
last-modified: Tue, 09 Jul 2024 13:12:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 720
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
access-control-allow-origin: *

GET wapka.rzb.ir/temp/default/script.js

178.216.251.232

200 OK

1.2 kB

URL GET
wapka.rzb.ir/temp/default/script.js
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
ASCII text
Size
1.2 kB (1197 bytes)
Hash
0f79a0db21adf42d6692070342a13c8e
bf3349841b9b81f0cb9b6694cbc5b4ebb8fe714a
c73a5c5ae7ea0f3c2f22e53038af6a95f5ceaa91abb56a7ac80f61c14745f359

HTTP Headers

GET /temp/default/script.js HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Mon, 16 Jun 2025 08:35:55 GMT
content-type: application/javascript
last-modified: Wed, 18 Jul 2018 10:51:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 231
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
access-control-allow-origin: *

GET wapka.rzb.ir/weblog/file/loading/88.gif

178.216.251.232

200 OK

6.0 kB

URL GET
wapka.rzb.ir/weblog/file/loading/88.gif
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
GIF image data, version 89a, 50 x 50
Size
6.0 kB (5972 bytes)
Hash
093445ee241c72e6dca01dc570c230dc
32adb71ec06b5d29ec62c5511328d5970228b86d
d40495f2a0e830c47fe4cd50574c68e206292f63545a0684516db0cd8716ee0e

HTTP Headers

GET /weblog/file/loading/88.gif HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/gif
last-modified: Thu, 02 Feb 2012 21:52:24 GMT
accept-ranges: bytes
content-length: 5972
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET rozblog.com/temp/nuke/FBarrow.gif

79.127.127.68

301 Moved Permanently

59 B

URL GET
rozblog.com/temp/nuke/FBarrow.gif
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type

Size
59 B (59 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /temp/nuke/FBarrow.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
location: https://www.rozblog.com/temp/nuke/FBarrow.gif
strict-transport-security: max-age=0;
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET www.rozblog.com/temp/nuke/FBarrow.gif

79.127.127.68

200 OK

59 B

URL GET
www.rozblog.com/temp/nuke/FBarrow.gif
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
GIF image data, version 89a, 9 x 9
Size
59 B (59 bytes)
Hash
08f58683f752ec50ab890d4162cf9a03
2a0e3923b77ab35c273bf5307fc980f4d4de42fe
d8359b38e288d654bf46c6c01ea58f896a998390f848ca99eb4015900f1cdb42

HTTP Headers

GET /temp/nuke/FBarrow.gif HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wapka.rzb.ir/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/gif
last-modified: Sat, 26 Nov 2011 12:58:49 GMT
accept-ranges: bytes
content-length: 59
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2

GET wapka.rzb.ir/code/popup

178.216.251.232

200 OK

3.2 kB

URL GET
wapka.rzb.ir/code/popup
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3205 bytes)
Hash
0b3df940f3d24df0ac82975a7fd6cf7d
1dd28c4ba54867d96d4a7d744aa8df584eb33fb4
e7ba457d2d9cf5b7a2965e4fd156a3278a9ef8260af3f7e46fbfc5865783c68f

HTTP Headers

GET /code/popup HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-language: fa
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 09 Jun 2025 08:35:55 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
set-cookie: c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; expires=Tue, 10 Jun 2025 08:35:55 GMT; Max-Age=86400; path=/; secure
c_t=3972868469ceb12671202046941098231457; expires=Tue, 10 Jun 2025 08:35:55 GMT; Max-Age=86400; path=/; secure
vary: Accept-Encoding,User-Agent
content-length: 1182
content-encoding: gzip
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;

GET wapka.rzb.ir/js/site.js?24.22

178.216.251.232

200 OK

74 kB

URL GET
wapka.rzb.ir/js/site.js?24.22
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2911)
Size
74 kB (73521 bytes)
Hash
e56a4c52838e03df656c48792b2a57cb
00de597702a932e67a004acc721d76e0eb8bbc99
2dd67fba4cadc0c42067bd90622e44f3b79fdf6da2277178a782fc5e040110c7

HTTP Headers

GET /js/site.js?24.22 HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Mon, 16 Jun 2025 08:35:55 GMT
content-type: application/javascript
last-modified: Sun, 25 May 2025 17:35:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16332
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
access-control-allow-origin: *

GET www.rozblog.com/theme/ads/banner.html

79.127.127.68

200 OK

1.2 kB

URL GET
www.rozblog.com/theme/ads/banner.html
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.2 kB (1166 bytes)
Hash
0377aa42bd9e5ae1f2f2ddcb3ea29535
bf289dd5d859564f1e39f5a688da73cb4e449ee2
10bffb52c4cf3d40076d6130313040979d065ac405fdb398de59495707ff6122

HTTP Headers

GET /theme/ads/banner.html HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=172800
expires: Wed, 11 Jun 2025 08:35:55 GMT
content-type: text/html
last-modified: Tue, 09 Jul 2024 13:12:26 GMT
etag: "48e-668d373a-e09a3ebd605f281b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 487
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
X-Firefox-Spdy: h2

GET rozblog.com/temp/music3/MTForumBlock_row.png

79.127.127.68

301 Moved Permanently

155 B

URL GET
rozblog.com/temp/music3/MTForumBlock_row.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type

Size
155 B (155 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /temp/music3/MTForumBlock_row.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
location: https://www.rozblog.com/temp/music3/MTForumBlock_row.png
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2

GET wapka.rzb.ir/temp/img/star.png

178.216.251.232

200 OK

3.8 kB

URL GET
wapka.rzb.ir/temp/img/star.png
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
PNG image data, 24 x 72, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3759 bytes)
Hash
63c668cb80738b769ce776aa2ee56a5c
3f9d78168365e7cfb7460e46d51da236ca3a1131
0c8cc42dc2e01368e61930e3ab9c783a0d15eecd4e546f58a0e87aaf98383add

HTTP Headers

GET /temp/img/star.png HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=3972868469ceb12671202046941098231457
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Sat, 25 Nov 2023 14:21:34 GMT
accept-ranges: bytes
content-length: 3759
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET wapka.rzb.ir/temp/tarahi/fonts/wdtv.woff

178.216.251.232

200 OK

15 kB

URL GET
wapka.rzb.ir/temp/tarahi/fonts/wdtv.woff
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
Web Open Font Format, TrueType, length 14648, version 1.0
Size
15 kB (14648 bytes)
Hash
259c4490256daceb6a5f275cee137627
5c0eae14870f1ec6527aa64f3f675cb9063034ee
bd4bdb99aa4a1cf56a05d7a913dce42b23b4cb021148b0a0f22d836105d98fc5

HTTP Headers

GET /temp/tarahi/fonts/wdtv.woff HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/temp/tarahi/styles.css
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=3972868469ceb12671202046941098231457
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 11 Jun 2025 08:35:55 GMT
content-type: font/woff
last-modified: Thu, 26 Feb 2015 19:00:22 GMT
etag: "3938-54ef6d46-daf654b8921ad10f;;;"
accept-ranges: bytes
content-length: 14648
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
access-control-allow-origin: *

GET wapka.rzb.ir/temp/tarahi/fonts/yekanregular.woff

178.216.251.232

200 OK

22 kB

URL GET
wapka.rzb.ir/temp/tarahi/fonts/yekanregular.woff
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
Web Open Font Format, CFF, length 21500, version 2.0
Size
22 kB (21500 bytes)
Hash
05727d32400b2008acbf7fc49251ede0
b6c1a82539a2531eb1aad7d1cf05554d5a999154
da78e001fab6f5d7b1c68e17d00fb1595c9b10085d6769a86aeb6a39dc7e43d6

HTTP Headers

GET /temp/tarahi/fonts/yekanregular.woff HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/temp/tarahi/styles.css
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=3972868469ceb12671202046941098231457
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 11 Jun 2025 08:35:55 GMT
content-type: font/woff
last-modified: Thu, 26 Feb 2015 19:00:25 GMT
etag: "53fc-54ef6d49-80b982f1d7ce7ee2;;;"
accept-ranges: bytes
content-length: 21500
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
access-control-allow-origin: *

GET upload.tehran98.com/img1/l2uhhwk12m2h3nmyas.jpg

0.0.0.0

0 B

URL GET
upload.tehran98.com/img1/l2uhhwk12m2h3nmyas.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://wapka.rzb.ir/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img1/l2uhhwk12m2h3nmyas.jpg HTTP/1.1
Host: upload.tehran98.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET wapka.rzb.ir/temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0

178.216.251.232

200 OK

66 kB

URL GET
wapka.rzb.ir/temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
Web Open Font Format, TrueType, length 65452, version 1.0
Size
66 kB (65452 bytes)
Hash
d95d6f5d5ab7cfefd09651800b69bd54
7d65e0227d0d7cdc1718119cd2a7dce0638f151c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

HTTP Headers

GET /temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/temp/tarahi/styles.css
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=3972868469ceb12671202046941098231457
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 11 Jun 2025 08:35:55 GMT
content-type: font/woff
last-modified: Thu, 26 Feb 2015 19:00:20 GMT
etag: "ffac-54ef6d44-11fea27943efc11b;;;"
accept-ranges: bytes
content-length: 65452
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
access-control-allow-origin: *

GET www.rozblog.com/theme/ads/ecommerce.png

79.127.127.68

200 OK

9.7 kB

URL GET
www.rozblog.com/theme/ads/ecommerce.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://www.rozblog.com/theme/ads/banner.html
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
9.7 kB (9747 bytes)
Hash
31ce9ee51ccddf63254006e1393ee127
00af5daa90da5823a622626fe4354ed2bd174237
b618833a26e46f5eb75306ff53b14894f75030eb2b996f17273fe4ebe9038d80

HTTP Headers

GET /theme/ads/ecommerce.png HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rozblog.com/theme/ads/banner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Tue, 09 Jul 2024 11:20:37 GMT
accept-ranges: bytes
content-length: 9747
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET www.rozblog.com/theme/ads/arrow-left.png

79.127.127.68

200 OK

4.2 kB

URL GET
www.rozblog.com/theme/ads/arrow-left.png
IP
79.127.127.68:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://www.rozblog.com/theme/ads/banner.html
Certificate
IssuerLet's Encrypt
Subjectrozblog.com
Fingerprint53:42:3C:97:0D:22:8D:8C:D4:E7:B1:F9:09:CE:E1:70:1B:F8:2F:83
ValiditySun, 18 May 2025 09:12:06 GMT - Sat, 16 Aug 2025 09:12:05 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4167 bytes)
Hash
46391ce1d25fa254f516224c73a046c7
95329d21a757541712e4b80a9bec8956e9b73225
786bf14fc49d5da14aa7da62d92e119c4e9c652430a071fdb77ccaf2949e640d

HTTP Headers

GET /theme/ads/arrow-left.png HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rozblog.com/theme/ads/banner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 09 Jun 2026 08:35:55 GMT
content-type: image/png
last-modified: Tue, 09 Jul 2024 11:20:37 GMT
accept-ranges: bytes
content-length: 4167
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent

GET wapka.rzb.ir/temp/site.css?38.2

178.216.251.232

200 OK

73 kB

URL GET
wapka.rzb.ir/temp/site.css?38.2
IP
178.216.251.232:443
ASN
#43754 Asiatech Data Transmission company

Requested by
https://wapka.rzb.ir/
Certificate
IssuerLet's Encrypt
Subjectrzb.ir
Fingerprint6A:3D:D3:50:10:3B:42:A5:9B:FE:53:63:76:F4:44:25:F4:84:23:F5
ValiditySat, 03 May 2025 22:57:07 GMT - Fri, 01 Aug 2025 22:57:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (7735)
Size
73 kB (73351 bytes)
Hash
f85e2413cc544c5fecccb76b39d6ad2a
5df2a4f7daee56d62e1616861857406eda9de573
1d237543785e7a94e29aaf63bf20d8bb62439be47db75aec79a9273f0a4d2cba

HTTP Headers

GET /temp/site.css?38.2 HTTP/1.1
Host: wapka.rzb.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wapka.rzb.ir/
Cookie: PHPSESSID=91ec4e949ff740c0e80480fe21fe4889; id_guest=1926921383
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 09 Jul 2025 08:35:55 GMT
content-type: text/css
last-modified: Sat, 24 May 2025 16:32:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16349
date: Mon, 09 Jun 2025 08:35:55 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET up.mspdl.ir/up/mspdl/emam_khomaini.jpg

0.0.0.0

0 B

URL GET
up.mspdl.ir/up/mspdl/emam_khomaini.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://wapka.rzb.ir/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /up/mspdl/emam_khomaini.jpg HTTP/1.1
Host: up.mspdl.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML