Report - tarahbsb.rozblog.com/post/15

Report Overview

Submitted URL
tarahbsb.rozblog.com/post/15
IP
79.127.127.68
ASN
#43754 Asiatech Data Transmission company
Submitted
2023-03-21 22:13:57
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	54.71.69.209
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	56 kB	34.120.237.76
api.mediaad.org	59047	2019-07-20T22:51:35Z	2023-03-26T08:39:51Z	3.2 kB	13 kB	45.94.254.24
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
tarahbsb.rozblog.com	unknown	2015-05-08T20:27:40Z	2023-03-21T23:13:44Z	12 kB	190 kB	79.127.127.68
www.ashoora.biz	unknown	2012-05-21T15:23:35Z	2023-03-24T20:25:32Z	633 B	1.8 kB	188.253.2.26
rozup.ir	399364	2012-10-26T11:47:59Z	2023-03-25T23:34:04Z	2.5 kB	200 kB	79.127.127.67
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
rozblog.com	202745	2012-05-23T20:13:34Z	2023-03-25T07:54:18Z	1.3 kB	4.2 kB	79.127.127.68
zgig.ir	569940	2013-04-26T11:24:54Z	2023-02-05T00:53:04Z	780 B	1.3 kB	148.251.154.80
s1.mediaad.org	59344	2017-07-09T08:12:58Z	2023-03-26T08:39:49Z	381 B	316 B	45.94.254.24
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.4 kB	8.9 kB	23.36.76.226
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-26T05:32:55Z	340 B	964 B	104.18.32.68
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
tarah.zgig.ir	unknown	2015-07-24T13:17:11Z	2015-07-24T13:17:11Z	324 B	954 B	148.251.154.80
s1.picofile.com	unknown	2012-05-22T09:40:16Z	2023-03-21T23:13:45Z	716 B	2.5 kB	185.49.85.182
mediacdn.mediaad.org	53682	2019-03-16T13:40:58Z	2023-03-26T08:39:49Z	2.3 kB	46 kB	45.94.255.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-21 22:13:49	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-21 22:13:49	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	s1.mediaad.org/serve/rozblog.com/loader.js	208 kB	2023-03-26	2023-04-13
Pretty URL s1.mediaad.org/serve/rozblog.com/loader.js IP 45.94.254.24 ASN #48551 Sindad Network Technology Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 10:32:35 Last Seen2023-04-13 15:02:47 Times Seen67 Hash 0c8f0d14fe6f930b8cbe8058ec158556 cfb15ee87c31e614ad9b1253b900c2ad2008f106 12e3bd01e158608c4a9ab5da6ec11219310df369bbd68a772029a18a9918dbdd Loading...

	tarahbsb.rozblog.com/post/15	348 B	2023-03-14	2023-09-26
Pretty URL tarahbsb.rozblog.com/post/15 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 03:32:07 Last Seen2023-09-26 01:22:19 Times Seen477 Hash 6a9a5c85c5752063e7baddf699e0c288 e837cc51c978c4d16d8f670ddf60ec0aab052d43 a989398a97775787f5eaa240272172ef4a8d34f226530b46700d61352b83788c Loading...

	tarahbsb.rozblog.com/post/15	118 B	2023-03-07	2023-07-06
Pretty URL tarahbsb.rozblog.com/post/15 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2023-07-06 22:18:28 Times Seen136 Hash 0f5c6658b4320e2ecd201b9e33f993b2 b6e4cfd279265bef3d3b11e3e4b0ddc6a28a93f8 6c7540408c5787377ef0fdc5d1d275bd4abc1b9c7182558323d1c63a02d2ac3c Loading...

	tarahbsb.rozblog.com/post/15	75 B	2023-03-07	2024-01-07
Pretty URL tarahbsb.rozblog.com/post/15 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2024-01-07 15:30:02 Times Seen139 Hash 36efc9bdee798e502aa2a3162af69f95 29afc55ef5e700989e75253f94f5dcd246a99dc7 d0b5616a65637622811715940c24fa96af4c0d4de157638ca857390e2668f2ed Loading...

	tarahbsb.rozblog.com/js/site.js?7	29 kB	2023-03-07	2023-06-11
Pretty URL tarahbsb.rozblog.com/js/site.js?7 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2023-06-11 22:55:04 Times Seen299 Hash 841f1e0c31c8ece9bf965dcb86934fe6 5d6c8aeecc606336c712e7ecfa57fbf0bbbae5a3 81442f602c9baffc21e0af91756398f602a16d20cceccfb16fbc55912b273911 Loading...

	mediacdn.mediaad.org/static/fingerprint.html	3.9 kB	2023-03-07	2023-04-05
Pretty URL mediacdn.mediaad.org/static/fingerprint.html IP 45.94.255.10 ASN #48551 Sindad Network Technology Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:08 Last Seen2023-04-05 02:11:15 Times Seen61 Hash 5badf2b2e85c09eede1e703245e68b4f 390cb46827414299d1d851d931f5f8eea8e2fe11 07df6373cc45a21b571e881225faab8d92b4a19d217a974db2531be5c36d0af1 Loading...

	tarahbsb.rozblog.com/post/15	170 B	2023-03-07	2024-02-28
Pretty URL tarahbsb.rozblog.com/post/15 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2024-02-28 11:53:48 Times Seen917 Hash 901522f6c503734d3712767bb0770854 2a7760a7ee836382383dcc7902b479bd6b6facf9 1d3301f7680c4bc2b289ed57a0c583ffd1a5585f9445f655a25917eb26947902 Loading...

	tarahbsb.rozblog.com/temp/default/script.js	1.2 kB	2023-03-07	2024-02-28
Pretty URL tarahbsb.rozblog.com/temp/default/script.js IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2024-02-28 11:53:49 Times Seen1712 Hash 0f79a0db21adf42d6692070342a13c8e bf3349841b9b81f0cb9b6694cbc5b4ebb8fe714a c73a5c5ae7ea0f3c2f22e53038af6a95f5ceaa91abb56a7ac80f61c14745f359 Loading...

	tarahbsb.rozblog.com/code/popup	3.1 kB	2023-03-26	2023-03-26
Pretty URL tarahbsb.rozblog.com/code/popup IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:27:56 Last Seen2023-03-26 13:27:56 Times Seen1 Hash 61b94fb3f9465ef3c0adc6d114a9f1f9 15347f941a1e5d5a3e662ba1c837399b68f7da2b 4f04b0d76bd2bc51e5def481291c82a4f746013ad2f504fea857a6bb6213822d Loading...

	tarahbsb.rozblog.com/post/15	131 B	2023-03-07	2024-01-07
Pretty URL tarahbsb.rozblog.com/post/15 IP 79.127.127.68 ASN #43754 Asiatech Data Transmission company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:41 Last Seen2024-01-07 15:30:02 Times Seen366 Hash 032b6a6406d69ea8a57e7b70dc7e80c6 704183415d03ee8b04b595964a13649726252be7 ed5f88abaddac7a587f18071314cb02f013f0947ccb9eb1899bce57a497d06d7 Loading...

		Size	First Seen	Last Seen
	#1 Write - d5c2e90c2c1a2cee968b9d3b0ce45f6d	91 B	2023-03-07	2023-07-06
Pretty Observations First Seen2023-03-07 12:09:42 Last Seen2023-07-06 22:18:28 Times Seen136 Hash d5c2e90c2c1a2cee968b9d3b0ce45f6d c79724d27a6859afdbf0e4b8a377987e0d1c0697 8dbf5fdee875027c282cbac2051c568e78347e0f123496def6989d7947d456ca Loading...

HTTP Transactions (83)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ec332b81a27117ce9c16b67a5a8e4fac b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F" Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12150 Expires: Wed, 22 Mar 2023 01:36:14 GMT Date: Tue, 21 Mar 2023 22:13:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 28774b36cf8bb6b054329393a33f6239 728313ddff6d5ceb6db3eb8445f039779616a140 08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3755 Expires: Tue, 21 Mar 2023 23:16:19 GMT Date: Tue, 21 Mar 2023 22:13:44 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 21 Mar 2023 21:27:26 GMT content-type: application/json age: 2778 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 4e6141892ec4705c6a0134f3157b969d 4169fdea42b0fa9cb565e14b8e8fdb293575c78e 905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13537 Expires: Wed, 22 Mar 2023 01:59:21 GMT Date: Tue, 21 Mar 2023 22:13:44 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: YiwtFk9y490J29T+wgky0sZ7TDlGkKZ5F4SXHgshGU9NBGFbGIKNCHQSLgiXqMgSItEOp5eEI9U= x-amz-request-id: C31YFXBQ16V1XXDZ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 21 Mar 2023 21:53:21 GMT age: 1223 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 21 Mar 2023 22:13:44 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	tarahbsb.rozblog.com/post/15	79.127.127.68	200 OK	10 kB
URL HTTP/1.1 tarahbsb.rozblog.com/post/15 IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1212), with CRLF, LF line terminators Size 10 kB (10197 bytes) Hash c6cdfe0718723d9a332d1612e3d45c3b 73c7ccf7367a9ea4e59506e16307283638dc6b07 5c059893c57153738ed0b5b3f6c5a1680146803403a07c76aab5df7ad1328119 HTTP Headers `GET /post/15 HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache content-language: fa content-type: text/html; charset=utf-8 set-cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2; path=/ visit_tarahbsb_15=91.90.42.154; expires=Wed, 22-Mar-2023 22:13:44 GMT; Max-Age=86400 vary: Accept-Encoding,User-Agent transfer-encoding: chunked content-encoding: gzip date: Tue, 21 Mar 2023 22:13:44 GMT server: LiteSpeed strict-transport-security: max-age=0;

	tarahbsb.rozblog.com/temp/tarahi/styles.css	79.127.127.68	200 OK	6.6 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/tarahi/styles.css IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type Unicode text, UTF-8 (with BOM) text Size 6.6 kB (6617 bytes) Hash 1c2b1461ef3f45c6a5749c37853e4ed5 514b7710482ffa97b4c121390a4ded8c851a08e0 6c16f0ba3642e262f51f58894970a2ab9a3cbe043bf18285c8b4fd919a667f9f HTTP Headers `GET /temp/tarahi/styles.css HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Thu, 20 Apr 2023 22:13:45 GMT content-type: text/css last-modified: Tue, 21 Feb 2023 20:42:05 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding,User-Agent content-length: 6617 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0;`

	tarahbsb.rozblog.com/temp/site.css?22	79.127.127.68	200 OK	3.9 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/site.css?22 IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type ASCII text, with very long lines (860) Size 3.9 kB (3945 bytes) Hash 787a6674aa05de4919a7c90cdbb150c9 2159cc3ec669621f05f361bd91b956e573faef9a e234a5881c33e5ff75519381140d07f15611e92efbb0bb45ecf73437048d376c HTTP Headers `GET /temp/site.css?22 HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Thu, 20 Apr 2023 22:13:45 GMT content-type: text/css last-modified: Wed, 02 Mar 2022 08:28:27 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding,User-Agent content-length: 3945 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0;`

	tarahbsb.rozblog.com/temp/default/script.js	79.127.127.68	200 OK	302 B
URL HTTP/1.1 tarahbsb.rozblog.com/temp/default/script.js IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type ASCII text Size 302 B (302 bytes) Hash f63434fb5b29fa6044b1a1e30e6c1162 2e7ada06c79c670f0dff3bd7d0474d07c49104e0 a9396929db33b5a927292dc2e2f33891c594811b1b37dd993abbc9db9afbb7cb HTTP Headers `GET /temp/default/script.js HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Tue, 28 Mar 2023 22:13:45 GMT content-type: application/javascript last-modified: Wed, 18 Jul 2018 10:51:39 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding,User-Agent content-length: 302 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0;`

	tarahbsb.rozblog.com/code/popup	79.127.127.68	200 OK	1.2 kB
URL HTTP/1.1 tarahbsb.rozblog.com/code/popup IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type ASCII text Size 1.2 kB (1176 bytes) Hash 284b4dbf47d5a08d3712a9b484b7d666 e3dbf4f63b43bd09c235f25337d505e40131b6d8 f24e3bc658e2b84f184188aef11e026d28b38ef0e1007b3e1fb9da2f47c88679 HTTP Headers `GET /code/popup HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-language: fa content-type: text/html; charset=charset expires: Mon, 26 Jul 1997 05:00:00 GMT last-modified: Tue, 21 Mar 2023 22:13:45 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache set-cookie: pop_id=11927%2C; expires=Wed, 22-Mar-2023 10:13:45 GMT; Max-Age=43200; path=/ c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; expires=Wed, 22-Mar-2023 22:13:45 GMT; Max-Age=86400; path=/ c_t=22121641a2c194596a505169619445658874; expires=Wed, 22-Mar-2023 22:13:45 GMT; Max-Age=86400; path=/ vary: Accept-Encoding,User-Agent content-length: 1176 content-encoding: gzip date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0;

	tarahbsb.rozblog.com/js/site.js?7	79.127.127.68	200 OK	9.4 kB
URL HTTP/1.1 tarahbsb.rozblog.com/js/site.js?7 IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type Unicode text, UTF-8 (with BOM) text, with very long lines (5730) Size 9.4 kB (9422 bytes) Hash 3a9e608b97ff4d23f8a1649f24b6ed66 794e50a615ef78e2f2bd7616c7d9e033fc4bbe9d 82faf31dfa45299d23061f2c05579901ca592090ce35f1dc48a6ff61f24ac28a HTTP Headers `GET /js/site.js?7 HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Tue, 28 Mar 2023 22:13:45 GMT content-type: application/javascript last-modified: Sat, 14 May 2022 01:34:44 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding,User-Agent content-length: 9422 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0;`

	tarahbsb.rozblog.com/images/refresh2.svg	79.127.127.68	200 OK	276 B
URL HTTP/1.1 tarahbsb.rozblog.com/images/refresh2.svg IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 276 B (276 bytes) Hash 7082e86e2a3c9646fa1aa922b8e3a2d6 7f704127e872b5b94b8e2dd7959e2d5c9b9379a8 d1254b0bb9112500f8f39e1130f0a6c8dca1037d416e7f7d6524894b31b06b00 HTTP Headers `GET /images/refresh2.svg HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Tue, 28 Mar 2023 22:13:45 GMT content-type: image/svg+xml last-modified: Wed, 28 Apr 2021 22:57:34 GMT etag: "114-6089e85e-9f2e18d89b796b95;;;" accept-ranges: bytes content-length: 276 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarah.zgig.ir/Up-Gh/Download/13453793561.png	148.251.154.80	301 Moved Permanently	707 B
URL HTTP/1.1 tarah.zgig.ir/Up-Gh/Download/13453793561.png IP 148.251.154.80:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 707 B (707 bytes) Hash 1304294c0823ca486542ba408ed761e3 b2a70fb2d810ca13985882e6981f33998823e83e 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 HTTP Headers `GET /Up-Gh/Download/13453793561.png HTTP/1.1 Host: tarah.zgig.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 301 Moved Permanently Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-type: text/html content-length: 707 date: Tue, 21 Mar 2023 22:13:45 GMT location: https://zgig.ir/Up-Gh/Download/13453793561.png vary: User-Agent`

	tarahbsb.rozblog.com/temp/pro/ads_468.jpg	79.127.127.68	200 OK	6.3 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/pro/ads_468.jpg IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 468x60, components 3\012- data Size 6.3 kB (6286 bytes) Hash db8cac5e50e0f1be65a3ec0756ea6612 3053609e1039ab6d0d0be6adefeaf7ba7a243cf6 8f10f1e719bda34ecfc3af6b50f8273e9c9676d10612eff12aad2382d458ef1d HTTP Headers `GET /temp/pro/ads_468.jpg HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/jpeg last-modified: Fri, 20 Feb 2015 09:52:01 GMT accept-ranges: bytes content-length: 6286 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/weblog/file/loading/88.gif	79.127.127.68	200 OK	6.0 kB
URL HTTP/1.1 tarahbsb.rozblog.com/weblog/file/loading/88.gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 50 x 50\012- data Size 6.0 kB (5972 bytes) Hash 093445ee241c72e6dca01dc570c230dc 32adb71ec06b5d29ec62c5511328d5970228b86d d40495f2a0e830c47fe4cd50574c68e206292f63545a0684516db0cd8716ee0e HTTP Headers `GET /weblog/file/loading/88.gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Thu, 02 Feb 2012 21:52:24 GMT accept-ranges: bytes content-length: 5972 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/include/captcha/cap9.php	79.127.127.68	200 OK	2.2 kB
URL HTTP/1.1 tarahbsb.rozblog.com/include/captcha/cap9.php IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 100 x 30, 8-bit/color RGB, non-interlaced\012- data Size 2.2 kB (2194 bytes) Hash 4fcb6c3fd82b561954c96717f0373177 d7e915015f358e27a2319a1fd0a3e86434a5cfc6 c586767d38b6e36de446da7770fbe945f9ebf55cda24c332d842075e666cb239 HTTP Headers `GET /include/captcha/cap9.php HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache content-type: image/png content-length: 2194 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/temp/tarahi/fonts/yekanregular.woff	79.127.127.68	200 OK	22 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/tarahi/fonts/yekanregular.woff IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type Web Open Font Format, CFF, length 21500, version 2.0\012- data Size 22 kB (21500 bytes) Hash 05727d32400b2008acbf7fc49251ede0 b6c1a82539a2531eb1aad7d1cf05554d5a999154 da78e001fab6f5d7b1c68e17d00fb1595c9b10085d6769a86aeb6a39dc7e43d6 HTTP Headers GET /temp/tarahi/fonts/yekanregular.woff HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://tarahbsb.rozblog.com/temp/tarahi/styles.css Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2; pop_id=11927%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=22121641a2c194596a505169619445658874 `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Thu, 23 Mar 2023 22:13:45 GMT content-type: font/woff last-modified: Thu, 26 Feb 2015 19:00:25 GMT etag: "53fc-54ef6d49-80b982f1d7ce7ee2;;;" accept-ranges: bytes content-length: 21500 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	www.ashoora.biz/mazhabi-projects/yahoo/png.js	188.253.2.26	200 OK	705 B
URL HTTP/1.1 www.ashoora.biz/mazhabi-projects/yahoo/png.js IP 188.253.2.26:0 ASN #62048 Avini cultural and Art Institute File type exported SGML document, ASCII text Size 705 B (705 bytes) Hash f1c85be20cd56913548d64f2cd513ab6 4f571af2b66692b9c1a08a0cf4d1e1b44a848bb2 a2a05ec2dfd89d43444fe3b8d8887788418d9b14e63a0b603309563e30654b01 HTTP Headers `GET /mazhabi-projects/yahoo/png.js HTTP/1.1 Host: www.ashoora.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Date: Tue, 21 Mar 2023 22:45:19 GMT Server: Apache/2 Last-Modified: Sun, 25 Mar 2012 08:09:06 GMT ETag: "480120-599-4bc0cc5806c80" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 705 Keep-Alive: timeout=1, max=100 Connection: Keep-Alive Content-Type: application/javascript`

	tarahbsb.rozblog.com/images/no_image.png	79.127.127.68	200 OK	6.3 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/no_image.png IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data Size 6.3 kB (6278 bytes) Hash 5c675d607343c154f0ef074dc145988a 2f3713c21ed04a225f16439b200e2b2a6062454e 2e8f7285f7325ed8db6a0d253158db2c8962125173a1e6973e8fcb39a325a7ba HTTP Headers `GET /images/no_image.png HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/png last-modified: Sat, 12 Jan 2013 13:14:07 GMT accept-ranges: bytes content-length: 6278 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozblog.com/temp/nuke/FBarrow.gif	79.127.127.68	200 OK	59 B
URL HTTP/1.1 rozblog.com/temp/nuke/FBarrow.gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 9 x 9\012- data Size 59 B (59 bytes) Hash 08f58683f752ec50ab890d4162cf9a03 2a0e3923b77ab35c273bf5307fc980f4d4de42fe d8359b38e288d654bf46c6c01ea58f896a998390f848ca99eb4015900f1cdb42 HTTP Headers `GET /temp/nuke/FBarrow.gif HTTP/1.1 Host: rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Sat, 26 Nov 2011 12:58:49 GMT accept-ranges: bytes content-length: 59 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/besme.gif	79.127.127.67	200 OK	7.6 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/besme.gif IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 300 x 158\012- data Size 7.6 kB (7569 bytes) Hash e5c57beee77c4efe510efe75ff285c7f 125324a3bd83d5d92d18411d593ee9306b29dac3 affec61ef7d8bd232b36f9dca608bf02bc443fc9085b357524f746c39830e3bc HTTP Headers `GET /up/tarahbsb/Khadamat/besme.gif HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:45 GMT Content-Type: image/gif Content-Length: 7569 Last-Modified: Mon, 20 Aug 2012 11:44:46 GMT Connection: keep-alive ETag: "5032232e-1d91" Accept-Ranges: bytes`

	s1.picofile.com/file/7323249565/ym.gif	185.49.85.182	301 Moved Permanently	163 B
URL HTTP/1.1 s1.picofile.com/file/7323249565/ym.gif IP 185.49.85.182:0 ASN #43754 Asiatech Data Transmission company File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 163 B (163 bytes) Hash 66c69cdba56c2824475f7ac2ddac3ef4 c00b8081bfd9993724ab07d99ed3c6716e87be5a 8d34ed2f02ab463d9c358320d0c815a45e71cc85a742435d1cc596bdd971a0f0 HTTP Headers `GET /file/7323249565/ym.gif HTTP/1.1 Host: s1.picofile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://s1.picofile.com/file/7323249565/ym.gif Server: WSGIServer/0.1 Python/2.6.1 Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: , content-range, range, content-length, cache-control, content-type, x-requested-with Access-Control-Allow-Methods: Access-Control-Allow-Origin: http://tarahbsb.rozblog.com X-Powered-By: Django/1.2.1 SVN-13336 Date: Tue, 21 Mar 2023 22:13:44 GMT Content-Length: 163`

	tarahbsb.rozblog.com/images/smilies/smile%20(0).gif	79.127.127.68	200 OK	1.2 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(0).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.2 kB (1197 bytes) Hash 7acab697005b42df765344852bb92543 8ecda921e08e3da132042ad4d0d737180e2bc011 e80814ecc035b9c8d9bb98c6acdcd2b9452d99d57f57c885b7ed722cbfbe5b07 HTTP Headers `GET /images/smilies/smile%20(0).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Mon, 25 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1197 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 21 Mar 2023 21:14:33 GMT age: 3552 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3462d41d9283fedf24f278089d5d1570 b8bcea77656f775cdc34620322cc616216ed2b95 55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50" Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5437 Expires: Tue, 21 Mar 2023 23:44:22 GMT Date: Tue, 21 Mar 2023 22:13:45 GMT Connection: keep-alive`

	tarahbsb.rozblog.com/images/smilies/smile%20(2).gif	79.127.127.68	200 OK	1.0 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(2).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.0 kB (1001 bytes) Hash 4bc8e6787527cdf7bb61efc409d49168 04dce5fb45dc3945fd87984d804cd9e6fa6defea 6c799bdee0667cbaecc9db6160e76df91dd615800a797b1c63ec14c9fb013c32 HTTP Headers `GET /images/smilies/smile%20(2).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1001 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/nuke.jpg	79.127.127.67	200 OK	29 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/nuke.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:05:14 16:57:38], progressive, precision 8, 240x82, components 3\012- data Size 29 kB (29192 bytes) Hash 90461f8ede5b256db4ec2e1b8dd10915 b51115e8a6aec15c1c856a8ab1ef4664ef30382c cee4b4980e442d9b2dadf7224759463129eae5b9cfbbbec6554cce26f7569e2e HTTP Headers `GET /up/tarahbsb/Khadamat/nuke.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:45 GMT Content-Type: image/jpeg Content-Length: 29192 Last-Modified: Mon, 20 Aug 2012 11:44:49 GMT Connection: keep-alive ETag: "50322331-7208" Accept-Ranges: bytes`

	tarahbsb.rozblog.com/include/captcha/cap9.php?name_sess=5741ac298d95a232d8bd2d2bc4d67dfc	79.127.127.68	200 OK	2.4 kB
URL HTTP/1.1 tarahbsb.rozblog.com/include/captcha/cap9.php?name_sess=5741ac298d95a232d8bd2d2bc4d67dfc IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 100 x 30, 8-bit/color RGB, non-interlaced\012- data Size 2.4 kB (2356 bytes) Hash 2b96bfad234c60ee861df477d8dcfeaa 26a92e11ae47a70828f82dd325801a757417dc4c b4960daa600d1cfdc3b81f798db32175cb936b539a0e879171da6605d90e87f3 HTTP Headers `GET /include/captcha/cap9.php?name_sess=5741ac298d95a232d8bd2d2bc4d67dfc HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache content-type: image/png content-length: 2356 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/wp.jpg	79.127.127.67	200 OK	32 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/wp.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:05:14 22:25:59], progressive, precision 8, 240x82, components 3\012- data Size 32 kB (32329 bytes) Hash c676e6fa0ab46fc24b25cea1f8c99a20 375475d79e2789819e156c6be37aae2157772b4f 3a8c51d6745d096b3897f0da2ce2a426630efb6ca84472c592316ebae30eb51f HTTP Headers `GET /up/tarahbsb/Khadamat/wp.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:45 GMT Content-Type: image/jpeg Content-Length: 32329 Last-Modified: Mon, 20 Aug 2012 11:44:48 GMT Connection: keep-alive ETag: "50322330-7e49" Accept-Ranges: bytes`

	rozblog.com/temp/rang/like.png	79.127.127.68	200 OK	2.3 kB
URL HTTP/1.1 rozblog.com/temp/rang/like.png IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 22 x 42, 8-bit/color RGBA, non-interlaced\012- data Size 2.3 kB (2272 bytes) Hash dd370ffbcd679da0d5c8547f34c6e2fb 6df3b9ec0e82b1a6ef41bc83041d2b2e16200077 2f14531974b17d9fd89de532694faf69ed7aa61b04ea990108b138d772ba96f7 HTTP Headers `GET /temp/rang/like.png HTTP/1.1 Host: rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/png last-modified: Sat, 14 Feb 2015 11:52:19 GMT accept-ranges: bytes content-length: 2272 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/images/smilies/smile%20(1).gif	79.127.127.68	200 OK	1.0 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(1).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.0 kB (1001 bytes) Hash 8ff7886d573e7ce876fafe18e38256c0 69285dcb190e5d8fb419bf682cd67fea32095fbf 929f0885478c8f10c7b60e0a6f5a520f7f7055a994ab31a12cf95fd8ab8b2973 HTTP Headers `GET /images/smilies/smile%20(1).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1001 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/html.jpg	79.127.127.67	200 OK	26 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/html.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:02:15 00:03:38], baseline, precision 8, 240x82, components 3\012- data Size 26 kB (26099 bytes) Hash f68ab6aec61d7290efade2a74c797fc2 d6de5ce6255068470d3ec47496796f26f906e125 037c033dd713ec107291d658bd67419d53b1cb1faaafc75c8e4cce8892d743fa HTTP Headers `GET /up/tarahbsb/Khadamat/html.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:45 GMT Content-Type: image/jpeg Content-Length: 26099 Last-Modified: Mon, 20 Aug 2012 11:44:51 GMT Connection: keep-alive ETag: "50322333-65f3" Accept-Ranges: bytes`

	tarahbsb.rozblog.com/images/smilies/smile%20(29).gif	79.127.127.68	200 OK	3.9 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(29).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 3.9 kB (3870 bytes) Hash 20b1b66758da1d25ffc010878c85dfe9 813b390b37cd2a0eca90a481b08cee612b400147 93803a1e9f9c1fcd2835ff9da87c0d8557a50cf1fa09bb8ea5181a75b5a1649c HTTP Headers `GET /images/smilies/smile%20(29).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 3870 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozblog.com/temp/music3/MTForumBlock_row_over.png	79.127.127.68	200 OK	139 B
URL HTTP/1.1 rozblog.com/temp/music3/MTForumBlock_row_over.png IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced\012- data Size 139 B (139 bytes) Hash 1fd885e3d0a8fc062470706ae84ea56b f0e6c850b1794c523ca16bf087054cb843daf6fa e0dc411ff39139fd39b2cf6d027ab2d56fbd3b51bacc0935e1ae284e65c64e40 HTTP Headers `GET /temp/music3/MTForumBlock_row_over.png HTTP/1.1 Host: rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/png last-modified: Sun, 03 Jul 2011 21:44:44 GMT accept-ranges: bytes content-length: 139 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozblog.com/temp/music3/MTForumBlock_row.png	79.127.127.68	200 OK	155 B
URL HTTP/1.1 rozblog.com/temp/music3/MTForumBlock_row.png IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced\012- data Size 155 B (155 bytes) Hash 3ae7d651d73f3b247f9737655c53e08e 476c9a585906552a1054a74f88de640142ce40f5 d5496cde5cf105a1cf8c8fe59e0efefba5859a4fbff07a4701ec4f4a7c6e5ac5 HTTP Headers `GET /temp/music3/MTForumBlock_row.png HTTP/1.1 Host: rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/png last-modified: Sun, 03 Jul 2011 21:45:04 GMT accept-ranges: bytes content-length: 155 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 97912c3f8219fdeb0f5235475598bae4 5a8d766bc1a4a4854f17e5861f57c39fd59d3d2e ef58615925adb5ec323a7e256256e44178cec5a67d025fcd06b323fc26a2dd86 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EF58615925ADB5EC323A7E256256E44178CEC5A67D025FCD06B323FC26A2DD86" Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2382 Expires: Tue, 21 Mar 2023 22:53:27 GMT Date: Tue, 21 Mar 2023 22:13:45 GMT Connection: keep-alive`

	tarahbsb.rozblog.com/images/smilies/smile%20(3).gif	79.127.127.68	200 OK	536 B
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(3).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 536 B (536 bytes) Hash f1e05c82c7d3af8df68c934bb4ca5f37 93ee757596b622f23eda97fe2c43a038e96034e2 90444038b976c070a1e5a423a84d6c6cd8d9d08b60ec58fff377ffcd74549b92 HTTP Headers `GET /images/smilies/smile%20(3).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Mon, 25 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 536 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/temp/tarahi/fonts/wdtv.woff	79.127.127.68	200 OK	15 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/tarahi/fonts/wdtv.woff IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type Web Open Font Format, TrueType, length 14648, version 1.0\012- data Size 15 kB (14648 bytes) Hash 259c4490256daceb6a5f275cee137627 5c0eae14870f1ec6527aa64f3f675cb9063034ee bd4bdb99aa4a1cf56a05d7a913dce42b23b4cb021148b0a0f22d836105d98fc5 HTTP Headers GET /temp/tarahi/fonts/wdtv.woff HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://tarahbsb.rozblog.com/temp/tarahi/styles.css Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2; pop_id=11927%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=22121641a2c194596a505169619445658874 `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Thu, 23 Mar 2023 22:13:45 GMT content-type: font/woff last-modified: Thu, 26 Feb 2015 19:00:22 GMT etag: "3938-54ef6d46-daf654b8921ad10f;;;" accept-ranges: bytes content-length: 14648 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/images/smilies/smile%20(24).gif	79.127.127.68	200 OK	987 B
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(24).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 987 B (987 bytes) Hash da4b1372525e9bd4e81ed3083d1ade99 dfbd8b83029c88fab8bdd502e94c1e2cdb5f1e78 020b97e1fda4344e87cc91aaa96f7015d913e697a4169f066d37449e54b59633 HTTP Headers `GET /images/smilies/smile%20(24).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 987 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/banner.jpg	79.127.127.67	200 OK	25 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/banner.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:02:15 22:49:27], baseline, precision 8, 240x82, components 3\012- data Size 25 kB (25116 bytes) Hash aa45ddac7fa382e4d07ea3cb525ad351 1013903e186d5a88a2c2e4345157f6f1d4061f77 890fc8b22908d8ea400ede54124874d76895b6503aa6a9a1cc094416342dfb56 HTTP Headers `GET /up/tarahbsb/Khadamat/banner.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:46 GMT Content-Type: image/jpeg Content-Length: 25116 Last-Modified: Mon, 20 Aug 2012 11:45:37 GMT Connection: keep-alive ETag: "50322361-621c" Accept-Ranges: bytes`

	tarahbsb.rozblog.com/images/smilies/smile%20(5).gif	79.127.127.68	200 OK	2.3 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(5).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 2.3 kB (2323 bytes) Hash fa1910d94b83caa6e9a61dfe2e04103f 34c3ed6096db71d86b84b6ecaf3e444acb20ebfd 4063598ee349698a6e8ac7fcea8f46a3d949a05aa3c46033313033104dd809ed HTTP Headers `GET /images/smilies/smile%20(5).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 2323 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	push.services.mozilla.com/	54.71.69.209	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.71.69.209:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: CVcWI3iX0nAY6mTiM04G/A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 7iiqHR7IB1znwNBR+5noXlR4SSE=`

	tarahbsb.rozblog.com/images/smilies/smile%20(8).gif	79.127.127.68	200 OK	1.3 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(8).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.3 kB (1317 bytes) Hash 8fe036e92e61161e89bafcafcb07b87c dee722bfa2cf1c506114abbcee0e0a7408392cec 69408195af42830e24e6bfab42b211bee01636d6e3dc26c96e253fc8e2fe85ea HTTP Headers `GET /images/smilies/smile%20(8).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1317 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0	79.127.127.68	200 OK	66 kB
URL HTTP/1.1 tarahbsb.rozblog.com/temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0 IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type Web Open Font Format, TrueType, length 65452, version 1.0\012- data Size 66 kB (65452 bytes) Hash d95d6f5d5ab7cfefd09651800b69bd54 7d65e0227d0d7cdc1718119cd2a7dce0638f151c 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1 HTTP Headers GET /temp/tarahi/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://tarahbsb.rozblog.com/temp/tarahi/styles.css Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2; pop_id=11927%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=22121641a2c194596a505169619445658874 `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Thu, 23 Mar 2023 22:13:45 GMT content-type: font/woff last-modified: Thu, 26 Feb 2015 19:00:20 GMT etag: "ffac-54ef6d44-11fea27943efc11b;;;" accept-ranges: bytes content-length: 65452 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	zgig.ir/Up-Gh/Download/13453793561.png	148.251.154.80	302 Found	683 B
URL HTTP/2 zgig.ir/Up-Gh/Download/13453793561.png IP 148.251.154.80:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 683 B (683 bytes) Hash 6371befc85069a96b0cb3c52e754a55a de3def799f60ce2a16721687937ffb2a3f9bd3ae db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77 HTTP Headers `GET /Up-Gh/Download/13453793561.png HTTP/1.1 Host: zgig.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://tarahbsb.rozblog.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 302 Found content-type: text/html content-length: 683 date: Tue, 21 Mar 2023 22:13:45 GMT cache-control: no-cache, no-store, must-revalidate, max-age=0 location: https://zgig.ir/ vary: User-Agent alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2`

	s1.mediaad.org/serve/rozblog.com/loader.js	45.94.254.24	302 Found	138 B
URL HTTP/2 s1.mediaad.org/serve/rozblog.com/loader.js IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 138 B (138 bytes) Hash aff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 HTTP Headers `GET /serve/rozblog.com/loader.js HTTP/1.1 Host: s1.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 302 Found date: Tue, 21 Mar 2023 22:13:45 GMT content-type: text/html content-length: 138 location: https://mediacdn.mediaad.org/static/loader.js X-Firefox-Spdy: h2`

	tarahbsb.rozblog.com/images/smilies/smile%20(7).gif	79.127.127.68	200 OK	845 B
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(7).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 845 B (845 bytes) Hash 03719bd2e66d16ac9166413e9874fabc e660b1316e52d5d43e5d9d1a9cfe8ebdccfe2afb 4743fc126b332eeef5d8615a74678aae3291a8c9cc68fe7db1d09a46a7e8c243 HTTP Headers `GET /images/smilies/smile%20(7).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 845 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/images/smilies/smile%20(10).gif	79.127.127.68	200 OK	1.7 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(10).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.7 kB (1668 bytes) Hash 99f42d956240d0bbcfd3df166ba7b42d 7470e40e21b3c9e319d0ec7cc279655f63d66b0c 9589d448636d9b6ee869497ec60e3a2d60239287d1b74b5b1d0f22156e80041c HTTP Headers `GET /images/smilies/smile%20(10).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1668 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/images/smilies/smile%20(27).gif	79.127.127.68	200 OK	263 B
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(27).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 263 B (263 bytes) Hash f621e45da725a0a64059734c278af763 59350efa657a24a2657f567301de8e1fc946c74d 3e6b4357f238814c69d03ed27f302e6fbdf2df35587e93ecb9fd9576d7355972 HTTP Headers `GET /images/smilies/smile%20(27).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 263 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	tarahbsb.rozblog.com/images/smilies/smile%20(9).gif	79.127.127.68	200 OK	2.3 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(9).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 2.3 kB (2318 bytes) Hash e9dfcd8a0b7e8380af7d46101afcbb20 f85300a499338903fb81eb1b216a5828e02c2460 4e625176b1d0db2c3303c1c04dbb67ffdb1447cbc55d080bb439b2fedd8fa7ef HTTP Headers `GET /images/smilies/smile%20(9).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Mon, 25 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 2318 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/adress.jpg	79.127.127.67	200 OK	26 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/adress.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:02:15 00:45:40], baseline, precision 8, 240x82, components 3\012- data Size 26 kB (25801 bytes) Hash 3208d888f3140869305ca7e98af8aa83 e1a8258655a547cd2ee82fd776cf21dc23e0a5a6 94f4744192f7e5e3c25c81cec8571ce1e191651b084f115397ebed25f253d5d4 HTTP Headers `GET /up/tarahbsb/Khadamat/adress.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:46 GMT Content-Type: image/jpeg Content-Length: 25801 Last-Modified: Mon, 20 Aug 2012 11:45:40 GMT Connection: keep-alive ETag: "50322364-64c9" Accept-Ranges: bytes`

	tarahbsb.rozblog.com/images/smilies/smile%20(12).gif	79.127.127.68	200 OK	1.0 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(12).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.0 kB (1017 bytes) Hash 26e1a5a12b7cc8ab49ef0358618f0e6f 3a005a05a0aa8dae61d8ac9d8e114585ee797e5b 1d424977e57e0895a86a6b8368bcc5bc9acfe389a3f7708cc92997c05219ec21 HTTP Headers `GET /images/smilies/smile%20(12).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1017 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/aks.jpg	79.127.127.67	200 OK	26 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/aks.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:02:15 22:43:13], baseline, precision 8, 240x82, components 3\012- data Size 26 kB (25954 bytes) Hash d5c27e4453c85440f5a2cf03ab35c984 839e7c81b8def223d076ddef3d918d984fa1ec13 6adf5ad5aae9d9b42dc688566ebfc9089bbae0b4369977b6b56e3037e338729f HTTP Headers `GET /up/tarahbsb/Khadamat/aks.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:46 GMT Content-Type: image/jpeg Content-Length: 25954 Last-Modified: Mon, 20 Aug 2012 11:45:39 GMT Connection: keep-alive ETag: "50322363-6562" Accept-Ranges: bytes`

	tarahbsb.rozblog.com/images/smilies/smile%20(13).gif	79.127.127.68	200 OK	1.2 kB
URL HTTP/1.1 tarahbsb.rozblog.com/images/smilies/smile%20(13).gif IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 18 x 18\012- data Size 1.2 kB (1203 bytes) Hash 514e1cfa8f84c79da4d96d8cb5e93aeb 516bbc4f4ac1a1765cb45e9d67d300656ac5e0cc a06f503e9559e46ea4dea87cd1bce2854a3c2c6897f239407d774cab36f843a4 HTTP Headers `GET /images/smilies/smile%20(13).gif HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:45 GMT content-type: image/gif last-modified: Tue, 05 Jul 2005 00:00:00 GMT accept-ranges: bytes content-length: 1203 date: Tue, 21 Mar 2023 22:13:45 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	rozup.ir/up/tarahbsb/Khadamat/asp.jpg	79.127.127.67	200 OK	26 kB
URL HTTP/1.1 rozup.ir/up/tarahbsb/Khadamat/asp.jpg IP 79.127.127.67:0 ASN #43754 Asiatech Data Transmission company File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:02:15 00:34:11], baseline, precision 8, 240x82, components 3\012- data Size 26 kB (26222 bytes) Hash ec762d0ce06e9e9f58572368a3efc142 f0141b6cc5542a81a9b92450fff22b44fadde46a 5d511e5baf6ffa90ead898b03d8b96bf35b5e25c8e0416b32d73f06a05320f5d HTTP Headers `GET /up/tarahbsb/Khadamat/asp.jpg HTTP/1.1 Host: rozup.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Server: nginx/1.14.0 Date: Tue, 21 Mar 2023 22:13:46 GMT Content-Type: image/jpeg Content-Length: 26222 Last-Modified: Mon, 20 Aug 2012 11:45:41 GMT Connection: keep-alive ETag: "50322365-666e" Accept-Ranges: bytes`

	www.ashoora.biz/mazhabi-projects/yahoo/check.php?yahooid=rmombeny&img=11	188.253.2.26	200 OK	335 B
URL HTTP/1.1 www.ashoora.biz/mazhabi-projects/yahoo/check.php?yahooid=rmombeny&img=11 IP 188.253.2.26:0 ASN #62048 Avini cultural and Art Institute File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators Size 335 B (335 bytes) Hash 86fcbbe199356c67ac0ab74c7ec5793f c195a8fe9c01376a0249b4bea9756aa748345041 f44e1e02d7b49bdcbf0ed29470fb23934effb00f1b0ad4530542d5e104b60e6b HTTP Headers `GET /mazhabi-projects/yahoo/check.php?yahooid=rmombeny&img=11 HTTP/1.1 Host: www.ashoora.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/` `HTTP/1.1 200 OK Date: Tue, 21 Mar 2023 22:45:19 GMT Server: Apache/2 X-Powered-By: PHP/5.3.28 Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Last-Modified: Tue, 21 Mar 2023 22:45:19 GMT Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 335 Keep-Alive: timeout=1, max=100 Connection: Keep-Alive Content-Type: application/x-javascript`

	mediacdn.mediaad.org/static/fingerprint.html	45.94.255.10	200 OK	2.3 kB
URL HTTP/2 mediacdn.mediaad.org/static/fingerprint.html IP 45.94.255.10:0 ASN #48551 Sindad Network Technology Ltd. File type data Size 2.3 kB (2252 bytes) Hash a6e6c848c9ef37fe353b9bd9f5b172bd 2cfac0a9e4b70607662a6213e59e89d96053e31b b10f4596a3fe86f9d3796c254ced9ddb02c34bbc689509f18d8eb9cf55012546 HTTP Headers `GET /static/fingerprint.html HTTP/1.1 Host: mediacdn.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:46 GMT content-type: text/html;charset=UTF-8 vary: Accept-Encoding access-control-allow-origin: * access-control-allow-credentials: false access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains expires: Wed, 22 Mar 2023 22:13:46 GMT x-cache-status: HIT cache-control: max-age=86400, public content-encoding: gzip X-Firefox-Spdy: h2

	s1.picofile.com/file/7323249565/ym.gif	185.49.85.182	200 OK	1.3 kB
URL HTTP/2 s1.picofile.com/file/7323249565/ym.gif IP 185.49.85.182:0 ASN #43754 Asiatech Data Transmission company File type GIF image data, version 89a, 24 x 25\012- data Size 1.3 kB (1306 bytes) Hash 0a85ee03448981599b04c9f40395f5a7 a7e8e01b2f8944b3f03cb1cc2e2d40da92938fcf a5369e5f882a889aea604ed8dc7007f1f34facba7184cb172a527a6b4dca9454 HTTP Headers `GET /file/7323249565/ym.gif HTTP/1.1 Host: s1.picofile.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://tarahbsb.rozblog.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK cache-control: private content-type: image/gif last-modified: Thu, 08 Mar 2012 18:09:11 GMT accept-ranges: bytes etag: "80fd5ab26dcbce08" server: WSGIServer/0.1 Python/2.6.1 access-control-allow-credentials: true access-control-allow-headers: , content-range, range, content-length, cache-control, content-type, x-requested-with access-control-allow-methods: access-control-allow-origin: http://tarahbsb.rozblog.com x-powered-by: Django/1.2.1 SVN-13336 date: Tue, 21 Mar 2023 22:13:46 GMT content-length: 1306 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12628 Expires: Wed, 22 Mar 2023 01:44:15 GMT Date: Tue, 21 Mar 2023 22:13:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12628 Expires: Wed, 22 Mar 2023 01:44:15 GMT Date: Tue, 21 Mar 2023 22:13:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12628 Expires: Wed, 22 Mar 2023 01:44:15 GMT Date: Tue, 21 Mar 2023 22:13:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12628 Expires: Wed, 22 Mar 2023 01:44:15 GMT Date: Tue, 21 Mar 2023 22:13:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12628 Expires: Wed, 22 Mar 2023 01:44:15 GMT Date: Tue, 21 Mar 2023 22:13:47 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg	34.120.237.76	200 OK	6.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.5 kB (6511 bytes) Hash 4e5f234aedfabd736b50fef3017380f9 71672a6c3523d9999522e005091863d07ea0e94a 3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6511 x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CGWI_E_eoAMF3sA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0 x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w== via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:08:42 GMT age: 305 etag: "71672a6c3523d9999522e005091863d07ea0e94a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg	34.120.237.76	200 OK	8.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.2 kB (8195 bytes) Hash 2a940b362660fdee25faaa51e08c439b 85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c 18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8195 x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CDFESEDGoAMFQ8A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Mon, 20 Mar 2023 22:23:21 GMT age: 85826 etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg	34.120.237.76	200 OK	7.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.7 kB (7695 bytes) Hash 302595cc68fe8cf12121d0f652b3194d e5532a3fed552246e8a63ea2ba75e174273a7b9f 6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7695 x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CDETIHf8oAMFxEA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:55:32 GMT age: 1095 etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg	34.120.237.76	200 OK	5.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.5 kB (5456 bytes) Hash 59a97c7842690d7acd0ff07d949b1ef3 8719d7d6866855fdfba87e06128fb1969d857732 203b0e030b9bf84a8a2731c1b46d57e60ee50a53cc925845e7b20cbd60362136 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5456 x-amzn-requestid: 545d20a4-ed22-4be4-98aa-23383209dae2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CDDUKFC9IAMF4pw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64177f4d-3e927ea45de99d4b286fcfc8;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 21:31:57 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: qXn3EwgagFD2MH4PzDYxxVd1eXOQQxHDkNdxXGxwuS-tmPNxWXYukA== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 18:00:25 GMT age: 15202 etag: "8719d7d6866855fdfba87e06128fb1969d857732" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11336 bytes) Hash e538277f72ecedd22d24c1012250fa9e 4bd955ea3790a6926486e3d56f51c712c56997d7 5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11336 x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CGWjFEmFIAMFqhg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0 x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: ucKJdzsuQMhDuZHuaBcW8q8tDkm1tepcMkqRtTRUuzF-7CIuhAR2MQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google date: Mon, 20 Mar 2023 22:27:44 GMT age: 85563 etag: "4bd955ea3790a6926486e3d56f51c712c56997d7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10855 bytes) Hash f73dbc0fc3d196647ddc1e30450989d4 75d0a1414a5d350ba426dc37333a6ea131f66753 2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10855 x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CEZD0GCHIAMFq6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0 x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: gnFLBOJmRcgsHzy_KXjzE6LwwN4CSqz99pIhYMBx8xrHa8UO6O0kJA== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 07:30:21 GMT age: 53006 etag: "75d0a1414a5d350ba426dc37333a6ea131f66753" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	api.mediaad.org/v1/rozblog.com/serve	45.94.254.24	200 OK	0 B
URL HTTP/2 api.mediaad.org/v1/rozblog.com/serve IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /v1/rozblog.com/serve HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://tarahbsb.rozblog.com/ Origin: http://tarahbsb.rozblog.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-length: 0 access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	api.mediaad.org/v1/events/verify	45.94.254.24	200 OK	0 B
URL HTTP/2 api.mediaad.org/v1/events/verify IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /v1/events/verify HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://tarahbsb.rozblog.com/ Origin: http://tarahbsb.rozblog.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-length: 0 access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	api.mediaad.org/v1/rozblog.com/serve	45.94.254.24	200 OK	9.8 kB
URL HTTP/2 api.mediaad.org/v1/rozblog.com/serve IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type data Size 9.8 kB (9815 bytes) Hash 9c3ad2c996fe7112279bacbc47977eb7 874d54a93c6005b9c0c6ba059e6c7b86e1f29b2e e1e18239c8ff3bd460824913fdb5823c879babd85b6ef17ab6cc34fc12e9c03e HTTP Headers POST /v1/rozblog.com/serve HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json; charset=utf-8 Content-Length: 110 Origin: http://tarahbsb.rozblog.com Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-type: application/json vary: Accept-Encoding access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with cache-control: no-cache, no-store, must-revalidate set-cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135; Path=/; Domain=.mediaad.org; Max-Age=86313600; Expires=Sun, 14 Dec 2025 22:13:47 GMT; Secure; SameSite=None strict-transport-security: max-age=15724800; includeSubDomains content-encoding: gzip X-Firefox-Spdy: h2

	mediacdn.mediaad.org/static/mediaad_banner_logo_expanded.jpg	45.94.255.10	200 OK	4.9 kB
URL HTTP/2 mediacdn.mediaad.org/static/mediaad_banner_logo_expanded.jpg IP 45.94.255.10:0 ASN #48551 Sindad Network Technology Ltd. File type PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced\012- data Size 4.9 kB (4872 bytes) Hash 165393f7a7d68de07b3c713cfdfd70e0 56a7da9c6710b413a7b986617bf8496a46552aed d125eaf1978d6083b41a0c38692d59efebfa5b5b979c729e349f7f6a1639404f HTTP Headers `GET /static/mediaad_banner_logo_expanded.jpg HTTP/1.1 Host: mediacdn.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-type: image/jpeg content-length: 4872 last-modified: Wed, 27 Apr 2022 12:15:25 GMT etag: "626933dd-1308" access-control-allow-origin: * expires: Wed, 22 Mar 2023 22:13:47 GMT x-cache-status: HIT cache-control: max-age=86400, public accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	mediacdn.mediaad.org/3/11/creatives/46bdc6bb/1678531445423.gif	45.94.255.10	200 OK	35 kB
URL HTTP/2 mediacdn.mediaad.org/3/11/creatives/46bdc6bb/1678531445423.gif IP 45.94.255.10:0 ASN #48551 Sindad Network Technology Ltd. File type GIF image data, version 89a, 468 x 60\012- data Size 35 kB (35408 bytes) Hash 444d4cfb1ad14603593370997b9a90ae b76ba16bb27e7dfd8f581d42d1f4df4e5f041790 67524b5c3405d6388fe62567e9b4fb6b7a72b9305d78545c6a3507222e33bb66 HTTP Headers `GET /3/11/creatives/46bdc6bb/1678531445423.gif HTTP/1.1 Host: mediacdn.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-type: image/gif content-length: 35408 last-modified: Sat, 11 Mar 2023 10:44:05 GMT etag: "640c5b75-8a50" access-control-allow-origin: * expires: Wed, 22 Mar 2023 22:13:47 GMT x-cache-status: HIT cache-control: max-age=86400, public accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	mediacdn.mediaad.org/static/close-bnr.jpg	45.94.255.10	200 OK	1.3 kB
URL HTTP/2 mediacdn.mediaad.org/static/close-bnr.jpg IP 45.94.255.10:0 ASN #48551 Sindad Network Technology Ltd. File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 30x30, components 3\012- data Size 1.3 kB (1347 bytes) Hash ddd7f1766743e1cdb3d58f59f44c997d 464a2a008d3dcd17dc7c67410060a68686970fd1 09c1c51a018f3b19f206ac632338024369519bea045884fa17f86fa6127610c7 HTTP Headers `GET /static/close-bnr.jpg HTTP/1.1 Host: mediacdn.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:47 GMT content-type: image/jpeg content-length: 1347 last-modified: Tue, 23 Feb 2021 11:47:47 GMT etag: "6034eb63-543" access-control-allow-origin: * expires: Wed, 22 Mar 2023 22:13:47 GMT x-cache-status: HIT cache-control: max-age=86400, public accept-ranges: bytes strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	api.mediaad.org/v1/events/verify	45.94.254.24	200 OK	0 B
URL HTTP/2 api.mediaad.org/v1/events/verify IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /v1/events/verify HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://tarahbsb.rozblog.com/ Origin: http://tarahbsb.rozblog.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:48 GMT content-length: 0 access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	api.mediaad.org/v1/events/verify	45.94.254.24	200 OK	0 B
URL HTTP/2 api.mediaad.org/v1/events/verify IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /v1/events/verify HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json; charset=utf-8 Content-Length: 40 Origin: http://tarahbsb.rozblog.com Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:48 GMT content-length: 0 access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	api.mediaad.org/v1/events/verify	45.94.254.24	200 OK	0 B
URL HTTP/2 api.mediaad.org/v1/events/verify IP 45.94.254.24:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /v1/events/verify HTTP/1.1 Host: api.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json; charset=utf-8 Content-Length: 40 Origin: http://tarahbsb.rozblog.com Connection: keep-alive Referer: http://tarahbsb.rozblog.com/ Cookie: USER_ID=494b920d-9c93-4f76-a760-339c93080135 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:48 GMT content-length: 0 access-control-allow-origin: http://tarahbsb.rozblog.com access-control-allow-credentials: true access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token access-control-expose-headers: x-requested-with strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	tarahbsb.rozblog.com/theme/rozblog_v4/favi1.ico	79.127.127.68	200 OK	1.2 kB
URL HTTP/1.1 tarahbsb.rozblog.com/theme/rozblog_v4/favi1.ico IP 79.127.127.68:0 ASN #43754 Asiatech Data Transmission company File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 129e0e4681906fae60ea32d066a7b4c5 33c024415db44baa3aba0f13df1399d9b81ac9e6 0a14eb14e53df8201b78084ab9a276a1f4ca01e55a20c3b8b0b6f3b660ee3ff0 HTTP Headers `GET /theme/rozblog_v4/favi1.ico HTTP/1.1 Host: tarahbsb.rozblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://tarahbsb.rozblog.com/post/15 Cookie: PHPSESSID=34c9413d23ebf6daddef00e16ce39ec2; pop_id=11927%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=22121641a2c194596a505169619445658874` `HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=31536000, no-transform expires: Wed, 20 Mar 2024 22:13:50 GMT content-type: image/x-icon last-modified: Tue, 18 Nov 2014 15:12:07 GMT accept-ranges: bytes content-length: 1150 date: Tue, 21 Mar 2023 22:13:50 GMT server: LiteSpeed strict-transport-security: max-age=0; vary: User-Agent`

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 1434b70e4860f75f825d8b86e06eb72a 618739b6b0358f4cac397fb7a9aacbc27e5dd848 3f68c204d90baab485e0f0e571ba361a76ede2a21a5ba037c27301ff4e27c348 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 21 Mar 2023 22:13:53 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 21 Mar 2023 14:53:53 GMT Expires: Tue, 28 Mar 2023 14:53:52 GMT Etag: "618739b6b0358f4cac397fb7a9aacbc27e5dd848" Cache-Control: max-age=577798,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7ab98b423d96b509-OSL`

	mediacdn.mediaad.org/static/loader.js	45.94.255.10	200 OK	0 B
URL HTTP/2 mediacdn.mediaad.org/static/loader.js IP 45.94.255.10:0 ASN #48551 Sindad Network Technology Ltd. File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/loader.js HTTP/1.1 Host: mediacdn.mediaad.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://tarahbsb.rozblog.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Tue, 21 Mar 2023 22:13:46 GMT content-type: application/javascript last-modified: Sun, 19 Mar 2023 09:28:11 GMT etag: W/"6416d5ab-32c72" access-control-allow-origin: * expires: Wed, 22 Mar 2023 22:13:46 GMT x-cache-status: HIT cache-control: max-age=86400, public content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	zgig.ir/	148.251.154.80	200 OK	0 B
URL HTTP/2 zgig.ir/ IP 148.251.154.80:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: zgig.ir User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://tarahbsb.rozblog.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK x-powered-by: PHP/4.4.9 content-type: text/html cache-control: public, max-age=0 expires: Tue, 21 Mar 2023 22:13:45 GMT content-encoding: br vary: Accept-Encoding,User-Agent date: Tue, 21 Mar 2023 22:13:45 GMT X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML