td98.ir/xrr
79.127.127.68301 Moved Permanently 20 B IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Malware
GET /xrr HTTP/1.1
Host: td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=abaea2152b14777a7ca254282cf90bee; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
location: http://www.td98.ir/xrr
vary: Accept-Encoding,User-Agent
content-length: 20
content-encoding: gzip
date: Mon, 06 Feb 2023 03:49:18 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8963
Expires: Mon, 06 Feb 2023 06:18:41 GMT
Date: Mon, 06 Feb 2023 03:49:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12164
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 03:49:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19804
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 03:49:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 03:36:27 GMT
content-type: application/json
age: 771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SSjBEB6bvbPvDP9oWoJBmch5uyO+9kOty1aM56/2DdtKTdJJRs2IHLLi2Ue+5NYuyFXqlDn0EzY=
x-amz-request-id: GNP1TGG4R38DH9BY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 02:53:32 GMT
age: 3346
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 03:49:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 03:07:20 GMT
age: 2519
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.td98.ir/xrr
79.127.127.68200 OK 22 kB IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (757), with CRLF, CR, LF line terminators
Hash 2983b7013be8c1a7e5220599680c9715
68389a0fcf23380e6e63021df7624a0d4b5cb4f0
6d38188f26ca6689054959de2e793f714ec9373a1b457f5d14a01ce78ce99487
Analyzer Verdict Alert fortinet Malware
GET /xrr HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
transfer-encoding: chunked
content-encoding: gzip
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2788
Expires: Mon, 06 Feb 2023 04:35:47 GMT
Date: Mon, 06 Feb 2023 03:49:19 GMT
Connection: keep-alive
www.td98.ir/js/site.js?7
79.127.127.68200 OK 9.4 kB IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Unicode text, UTF-8 (with BOM) text, with very long lines (5730)
Hash 3a9e608b97ff4d23f8a1649f24b6ed66
794e50a615ef78e2f2bd7616c7d9e033fc4bbe9d
82faf31dfa45299d23061f2c05579901ca592090ce35f1dc48a6ff61f24ac28a
Analyzer Verdict Alert fortinet Malware
GET /js/site.js?7 HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Mon, 13 Feb 2023 03:49:19 GMT
content-type: application/javascript
last-modified: Sat, 14 May 2022 01:34:44 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 9422
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.td98.ir/temp/site.css?22
79.127.127.68200 OK 3.9 kB URL HTTP/1.1 www.td98.ir/temp/site.css?22
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (860)
Hash 787a6674aa05de4919a7c90cdbb150c9
2159cc3ec669621f05f361bd91b956e573faef9a
e234a5881c33e5ff75519381140d07f15611e92efbb0bb45ecf73437048d376c
Analyzer Verdict Alert fortinet Malware
GET /temp/site.css?22 HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Wed, 08 Mar 2023 03:49:19 GMT
content-type: text/css
last-modified: Wed, 02 Mar 2022 08:28:27 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3945
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.td98.ir/code/popup
79.127.127.68200 OK 1.2 kB IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash 2d0b6ba1de9daeb5b82d33de74e06f6c
db2653c6d636862585c22d8ac938d628015db9e9
c120e34d6ea0b80a02b50a988b5ba138dc1ff5b36353c211b3039c13e75a951b
Analyzer Verdict Alert fortinet Malware
GET /code/popup HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-language: fa
content-type: text/html; charset=charset
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 06 Feb 2023 03:49:19 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: pop_id=11717%2C; expires=Mon, 06-Feb-2023 15:49:19 GMT; Max-Age=43200; path=/
c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; expires=Tue, 07-Feb-2023 03:49:19 GMT; Max-Age=86400; path=/
c_t=9558263e078bf970b4992951802991927020; expires=Tue, 07-Feb-2023 03:49:19 GMT; Max-Age=86400; path=/
vary: Accept-Encoding,User-Agent
content-length: 1174
content-encoding: gzip
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
rozblog.com/temp/theme-d/2/jquery.min.js
79.127.127.68404 Not Found 241 B URL HTTP/1.1 rozblog.com/temp/theme-d/2/jquery.min.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 557cfb44da87712c888b585120334c23
9c936d69c4b093af25bc5601a26151a487207cba
27f9b7150e29adcc64f6510d94f4e8d4948047271db94557118c7a1659fc0149
GET /temp/theme-d/2/jquery.min.js HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 241
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
rozblog.com/temp/theme-d/2/scrolltopcontrol.js
79.127.127.68200 OK 1.5 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/scrolltopcontrol.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash a437d9b39ea87241e43f212d0f08a812
0a2a8ef0dfe1de0303779d7db40ebe73605fc181
6570876b55322980581d9b3d4cc4b0a44c4b039778894a6109ad3367ae4fd273
GET /temp/theme-d/2/scrolltopcontrol.js HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Mon, 13 Feb 2023 03:49:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Apr 2012 21:12:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1492
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
rozblog.com/js/rozblog_ajax.js
79.127.127.68200 OK 736 B URL HTTP/1.1 rozblog.com/js/rozblog_ajax.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Unicode text, UTF-8 (with BOM) text, with very long lines (352)
Hash cab52c33eb089ba33337cd2c66a07d94
0a2646206be6b6417e16cd3a579b493bb1435fec
1f9884e5d3bd9497f9d49d4ff47b00b08ce10a1824f7f8575dd0d72f298864a8
GET /js/rozblog_ajax.js HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Mon, 13 Feb 2023 03:49:19 GMT
content-type: application/javascript
last-modified: Thu, 14 Feb 2013 18:03:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 736
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
rozblog.com/images/rozblog_ajax.css
79.127.127.68200 OK 632 B URL HTTP/1.1 rozblog.com/images/rozblog_ajax.css
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash c832c4bce19c9d79d530439df290dd3b
8a7e167f5faad8c539dc91accc0278a11a582508
fe76a27846102cee717276659e581ebd087be972da44ff952c2a716dfd9ab269
GET /images/rozblog_ajax.css HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Wed, 08 Mar 2023 03:49:19 GMT
content-type: text/css
last-modified: Thu, 14 Feb 2013 18:03:57 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 632
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
push.services.mozilla.com/
35.160.120.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.120.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8CoEw3w3TEZYNr6oNQNYCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P48PJ2YZ7DzV3qW+gdEQf2axSGU=
rozblog.com/temp/theme-d/2/c.css
79.127.127.68200 OK 1.8 kB URL HTTP/2 rozblog.com/temp/theme-d/2/c.css
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type assembler source, ASCII text
Hash c467a6b9067d1eb23a0417eef3d0a74d
06a89a4e03ddaf746cb9fee0394d6aa87f7857fa
73c072ad648801f2770278dc065468704fef53e0129fa49c16536989f5db4523
GET /temp/theme-d/2/c.css HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Wed, 08 Mar 2023 03:49:19 GMT
content-type: text/css
last-modified: Fri, 06 Apr 2012 21:21:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1818
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/13.gif
79.127.127.68200 OK 1.1 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/13.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 4 x 4\012- data
Hash 707bc9596cae372a055cbbd7aaa7e4cd
5eafc03540db28df3ed06e9b65243db13356f368
d28b1e9551b45e5444684fece7d4fa93fb365a2d1aef5fff60ba0a2691b3a256
GET /temp/theme-d/2/13.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:10:52 GMT
accept-ranges: bytes
content-length: 1095
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/38.jpg
79.127.127.68200 OK 2.7 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/38.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 84x20, components 3\012- data
Hash 0d7c2e9271e8a5878e9cca9a9667cbda
a539e74b9251b282ea500653b2a82bc958882420
10d5b2e922e18a94b6f679e0feff1fb3b6be3c5952735e44ed859348f8238b18
GET /temp/theme-d/2/38.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:52 GMT
accept-ranges: bytes
content-length: 2720
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/weblog/file/loading/88.gif
79.127.127.68200 OK 6.0 kB URL HTTP/1.1 www.td98.ir/weblog/file/loading/88.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 50 x 50\012- data
Hash 093445ee241c72e6dca01dc570c230dc
32adb71ec06b5d29ec62c5511328d5970228b86d
d40495f2a0e830c47fe4cd50574c68e206292f63545a0684516db0cd8716ee0e
GET /weblog/file/loading/88.gif HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Thu, 02 Feb 2012 21:52:24 GMT
accept-ranges: bytes
content-length: 5972
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/m98/li.gif
79.127.127.68200 OK 821 B URL HTTP/1.1 rozblog.com/temp/m98/li.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 5 x 6\012- data
Hash 0f3007ea49354827841e676f995ba0f7
8f021b947e71af11a219ef6ee60ab41483f1de96
d9c113febcd8207d985d85d992989027e16888866154ac49a08923e4f2f18db7
GET /temp/m98/li.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2011 08:34:28 GMT
accept-ranges: bytes
content-length: 821
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/include/captcha/cap9.php
79.127.127.68200 OK 3.2 kB URL HTTP/1.1 www.td98.ir/include/captcha/cap9.php
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 100 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash fbb6d2c128efca93e43a65cd03a8f702
c43bcb089d74e6ca61d09bcb7de91da6b05d9a58
b795e264fbb461b0f22484c7b6e6aeddd15f2809c8603501bc582dbd03456f5e
Analyzer Verdict Alert fortinet Malware
GET /include/captcha/cap9.php HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: image/png
content-length: 3245
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/mbaran/user1.gif
79.127.127.68200 OK 1.1 kB URL HTTP/1.1 rozblog.com/temp/mbaran/user1.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 18 x 20\012- data
Hash 51456b26d061f37e88f865b773920641
b6bba9a60c52d4e1ad43007703fdbc7b162a37d7
c24fadba27aac509ee3ebfbed4803ccba7750fb76c8497e69a7711b7b9850ac7
GET /temp/mbaran/user1.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Tue, 08 Nov 2011 16:03:13 GMT
accept-ranges: bytes
content-length: 1136
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/weblog/file/forum/images/Farrow.gif
79.127.127.68200 OK 59 B URL HTTP/1.1 www.td98.ir/weblog/file/forum/images/Farrow.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 9 x 9\012- data
Hash 08f58683f752ec50ab890d4162cf9a03
2a0e3923b77ab35c273bf5307fc980f4d4de42fe
d8359b38e288d654bf46c6c01ea58f896a998390f848ca99eb4015900f1cdb42
GET /weblog/file/forum/images/Farrow.gif HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Sun, 05 Jun 2011 12:00:11 GMT
accept-ranges: bytes
content-length: 59
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/3.gif
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/3.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 1 x 50\012- data
Hash 7762375b6209e0f60ef0ae95bb44918b
7cbe4d5290b1857b04b1dfcb53233ab49696b21c
ad6d1b1d18e760314cdd8823bc68c49685ad760464efce5c7c197c7cae1faa17
GET /temp/theme-d/2/3.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:36 GMT
accept-ranges: bytes
content-length: 1284
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/4.jpg
79.127.127.68200 OK 3.0 kB URL HTTP/2 rozblog.com/temp/theme-d/2/4.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 498x24, components 3\012- data
Hash 5044bcbb24ebbe0fbc20e38230e0e88f
152931661e6fd7ac2b1cd18c4d25c4b103a16aa5
1068839888b3d26396e492ace4331399ffcea8803d23bef58ad63de74e39abfa
GET /temp/theme-d/2/4.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:54 GMT
accept-ranges: bytes
content-length: 3024
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/8.gif
79.127.127.68200 OK 4.5 kB URL HTTP/2 rozblog.com/temp/theme-d/2/8.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 997 x 21\012- data
Hash 24c695a998656173cecf14f730e65b80
0e608a5cbf97b7ef821dc070484c912592439b17
b5bb8bca88c6d796b6ff4499ff64cb3c71b8e81b9d8996e7e5338908d69849b6
GET /temp/theme-d/2/8.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:12:04 GMT
accept-ranges: bytes
content-length: 4531
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/9.gif
79.127.127.68200 OK 1.4 kB URL HTTP/2 rozblog.com/temp/theme-d/2/9.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 1 x 39\012- data
Hash 0147ab860f55aeb025b5e163ca050a6e
4ff5e372a60e885f9c7d90ac727321ce5264857e
5d54c410c0b0310a596524a375ef24843ad57ab557d559d61f0d41740ddbdf7d
GET /temp/theme-d/2/9.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:12:02 GMT
accept-ranges: bytes
content-length: 1381
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/tehm/online.gif
79.127.127.68200 OK 1.6 kB URL HTTP/1.1 rozblog.com/temp/tehm/online.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 20 x 20\012- data
Hash 476b15a1c547af8451ac1a19f6e40133
dd1004cc81101b820ac8bbaa4288991c6ee11821
5885249d4c3b0ea5ed7ab492a0a41fe1e876fc63b8f9aa258019dfdc73cde81c
GET /temp/tehm/online.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2011 13:38:49 GMT
accept-ranges: bytes
content-length: 1649
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/m98/icon_servertime.png
79.127.127.68200 OK 1.3 kB URL HTTP/1.1 rozblog.com/temp/m98/icon_servertime.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash a3a11cfba9d468c08df7fcf5be0f04cf
71a00c1e3fdf517a4d9f4af7027dafd7cbb8328b
b05ca60fea8df8e92bc6d845ce99fb6e94a5c0b363b8cb5db2f2f4a5e4d8856c
GET /temp/m98/icon_servertime.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/png
last-modified: Thu, 03 Nov 2011 08:34:28 GMT
accept-ranges: bytes
content-length: 1281
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/images/refresh2.svg
79.127.127.68200 OK 276 B URL HTTP/1.1 www.td98.ir/images/refresh2.svg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 7082e86e2a3c9646fa1aa922b8e3a2d6
7f704127e872b5b94b8e2dd7959e2d5c9b9379a8
d1254b0bb9112500f8f39e1130f0a6c8dca1037d416e7f7d6524894b31b06b00
Analyzer Verdict Alert fortinet Malware
GET /images/refresh2.svg HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Mon, 13 Feb 2023 03:49:19 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Apr 2021 22:57:34 GMT
etag: "114-6089e85e-9f2e18d89b796b95;;;"
accept-ranges: bytes
content-length: 276
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/images/loading_.gif
79.127.127.68200 OK 771 B URL HTTP/1.1 www.td98.ir/images/loading_.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 16 x 16\012- data
Hash 00ef871b291bc03a497d608a5bd8ec99
942d8fe092c1c473af19906751c2bee5322a9b55
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
GET /images/loading_.gif HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Sun, 04 Mar 2012 18:03:23 GMT
accept-ranges: bytes
content-length: 771
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9862859ee0f8df2a924fd40b14d90c9
e71de0463f8c9a6d269cbce0195a8f0fa261aaf7
4a7439b7a7ce3513ee4ca1c1ebd0a8fdf0b84263417e86435d3f28710df79183
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4A7439B7A7CE3513EE4CA1C1EBD0A8FDF0B84263417E86435D3F28710DF79183"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19806
Expires: Mon, 06 Feb 2023 09:19:26 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
rozblog.com/temp/theme-d/2/10.gif
79.127.127.68200 OK 3.4 kB URL HTTP/2 rozblog.com/temp/theme-d/2/10.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 100 x 39\012- data
Hash 7b5526173b4957eed19a2800565fb2ae
30b1fd628a287f887162ceaa28aca3ae39284e18
15ac4299adffc746755db4fc9a60eacd435b6579a09f6ae7c3966a84c0d568c2
GET /temp/theme-d/2/10.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:10:51 GMT
accept-ranges: bytes
content-length: 3415
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/12.gif
79.127.127.68200 OK 2.0 kB URL HTTP/2 rozblog.com/temp/theme-d/2/12.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 15 x 78\012- data
Hash 5ca57bcb92c5b1c0eed9774993c4b36a
61b363dc81df3153e44ca0e3dac880db2a17e0c2
3a85c8aab9f8bf43028997403e9e01051b48691969ec4cdbe9e6c96e2ea15cf8
GET /temp/theme-d/2/12.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:10:52 GMT
accept-ranges: bytes
content-length: 1956
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/11.gif
79.127.127.68200 OK 2.7 kB URL HTTP/2 rozblog.com/temp/theme-d/2/11.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 198 x 78\012- data
Hash 332356e549258551a65732ab01d7b28d
721dfeabd9dcab0667f89486dbb6820140940f0b
8d124e49bad0fa842d362d94ef9b29ad4fb8515443879e3221c14646a857ce92
GET /temp/theme-d/2/11.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:10:57 GMT
accept-ranges: bytes
content-length: 2707
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/18.gif
79.127.127.68200 OK 1.6 kB URL HTTP/2 rozblog.com/temp/theme-d/2/18.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 780 x 10\012- data
Hash 4a7419814c0a1b33c3b90c4f525d08f3
8ef7614288e309c772c5aee99dbac2871e087a4d
83692d38ae9ff5220e616f5cd46d8539ff2f9fe4ab0eca4c3432c6060cbf2dd1
GET /temp/theme-d/2/18.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:09 GMT
accept-ranges: bytes
content-length: 1552
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/m98/easymoblog.png
79.127.127.68200 OK 3.4 kB URL HTTP/1.1 rozblog.com/temp/m98/easymoblog.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 90a007983386128c3e7936c770870987
d50657f6c68e223014580c7309bc63aa5584de19
807d48b68d6328a1e78f576987719624619973f33ef32b97e623d48a2ef7d709
GET /temp/m98/easymoblog.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/png
last-modified: Thu, 03 Nov 2011 08:34:23 GMT
accept-ranges: bytes
content-length: 3424
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/19.gif
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/19.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 220 x 9\012- data
Hash f52ebc95fb9154b6c037c78d73b0eda9
672db4c705878fd622d23351396711bac9837137
fa6017f8680756edd7df7d5a2f2fe173ad694a354d9022d3de3aa2aa71b9fbaf
GET /temp/theme-d/2/19.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:10 GMT
accept-ranges: bytes
content-length: 1346
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/20.gif
79.127.127.68200 OK 1.2 kB URL HTTP/2 rozblog.com/temp/theme-d/2/20.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 220 x 7\012- data
Hash 2b1c285614db527a7630b54e0ff1a923
7110d2781ac6139793012c875924b7639939f89f
0ae0001ff9c31b9fc2ccd5a8ab134192e3e0f137d2db545b89cb68d69a129ac4
GET /temp/theme-d/2/20.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:18 GMT
accept-ranges: bytes
content-length: 1207
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/22.jpg
79.127.127.68200 OK 3.7 kB URL HTTP/2 rozblog.com/temp/theme-d/2/22.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x51, components 3\012- data
Hash 99877c0f76457cd82ea91efd359bf18f
ae51a7d02dfaba5112beb64a29f1fc47523b7cb0
c128549fde4660764f44c5758e2ed693f01a1d06c2233900a7b32173548d2921
GET /temp/theme-d/2/22.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:22 GMT
accept-ranges: bytes
content-length: 3682
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/23.jpg
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/23.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x3, components 3\012- data
Hash d8ff71354a9e547fb7469c12f3d03d65
b6740294e950cffa82ad3c3cc73fd764f49bdc49
4f8963d187c9bf9fb40f61febfe2a139363a30e9caa2ab0a4962e0f76eb7e10c
GET /temp/theme-d/2/23.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:27 GMT
accept-ranges: bytes
content-length: 1299
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/24.jpg
79.127.127.68200 OK 2.4 kB URL HTTP/2 rozblog.com/temp/theme-d/2/24.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x19, components 3\012- data
Hash cff5faaa38fdcc7bce03c323b18e0556
f19d7e145564a19650bd20fb16ea7a749a9cbde8
8667fad9fd10a339206f6a6e6e9593926ba70c561f060a19f3eff4e508c2adaf
GET /temp/theme-d/2/24.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:29 GMT
accept-ranges: bytes
content-length: 2365
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/14.jpg
79.127.127.68200 OK 3.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/14.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x38, components 3\012- data
Hash c97b3fa1bdbf368d7375f0ac922fbb4e
4b9570424c450cf9778832e2be2e85541fa2beb4
9d2003b511708945a4cdbad1723fdc10d43a8621b263711db0ade73493aefd49
GET /temp/theme-d/2/14.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:00 GMT
accept-ranges: bytes
content-length: 3304
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/15.jpg
79.127.127.68200 OK 1.2 kB URL HTTP/2 rozblog.com/temp/theme-d/2/15.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x2, components 3\012- data
Hash 72cc6840cdb76d6f6d8c776b2cdbceb4
cc619b85300ef72e708f43c9e77992ce98de5443
60e2ed12eca400997dc39f42e81864ca24e8b2a3049a8fe67dd0716b2a641842
GET /temp/theme-d/2/15.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:01 GMT
accept-ranges: bytes
content-length: 1249
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/14.gif
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/14.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 4 x 6\012- data
Hash bb1fc35fd03871caebeb10d54349e74f
1060076ae62bcf69fb84b5f95eb942a152a28d9a
923032e89584592638ebd69e60fdb71618c868fa338ac9a3c078d6b25283f673
GET /temp/theme-d/2/14.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:10:59 GMT
accept-ranges: bytes
content-length: 1269
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
up.td98.ir/view/3075847/AgahLogo.png
79.127.127.67200 OK 13 kB URL HTTP/1.1 up.td98.ir/view/3075847/AgahLogo.png
IP 79.127.127.67:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 1000 x 517, 8-bit colormap, non-interlaced\012- data
Hash 208d18c493bd7cca9a86b0d044e1c73a
f04197efc549c7ab6bff508986d5a95031e6676f
6a27e1f3df42e8d57bf3e160c4f39778c3452e75b81baa45cd0754b332234f09
GET /view/3075847/AgahLogo.png HTTP/1.1
Host: up.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 06 Feb 2023 03:49:19 GMT
Content-Type: image/png
Content-Length: 13048
Last-Modified: Sun, 09 Feb 2020 21:00:54 GMT
Connection: keep-alive
ETag: "5e407306-32f8"
Expires: Tue, 06 Feb 2024 03:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
rozblog.com/temp/theme-d/2/7.gif
79.127.127.68200 OK 1.5 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/7.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 10 x 50\012- data
Hash cb142df65f7df06ada384662a5c05d04
3ba7c482b9bdafbb9fd1de4867c0f7a91f4c7031
343bce42a046c32bd72af844d72348ce6eb8cad3e6a2832e9445f594aefc5e36
GET /temp/theme-d/2/7.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:12:00 GMT
accept-ranges: bytes
content-length: 1451
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/6.gif
79.127.127.68200 OK 2.7 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/6.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 34 x 31\012- data
Hash a3eec8c3e047d3a6e9f2518df384e089
52d767121435c6b2667aa6c589f8ac282333d6cd
f814c6d938647eb9df02f3aedff7f9b87f737127bd4164b58b0d72a2c67ba562
GET /temp/theme-d/2/6.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:56 GMT
accept-ranges: bytes
content-length: 2696
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/16.jpg
79.127.127.68200 OK 1.7 kB URL HTTP/2 rozblog.com/temp/theme-d/2/16.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x14, components 3\012- data
Hash 43566c0f8a39cef351aadaaf4690f518
741973eac9df3ef14330ca48af8b029c4fb0cf68
2424c980633824675436c7fec9c96b7976edafcc5bc2dc81727064416b1faef7
GET /temp/theme-d/2/16.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:06 GMT
accept-ranges: bytes
content-length: 1720
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/21.gif
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/21.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 220 x 17\012- data
Hash a473b68f031738a0529963481bb76bb2
4666ae8dc996ee7b0944be0441a858ecbbc8ffb0
2a9c68ea206fab83836cabd7051d51a927e8b193b6e50c0bcf622bce149ad627
GET /temp/theme-d/2/21.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:20 GMT
accept-ranges: bytes
content-length: 1310
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/28.jpg
79.127.127.68200 OK 1.3 kB URL HTTP/2 rozblog.com/temp/theme-d/2/28.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 560x2, components 3\012- data
Hash 9a5687ea8e505bdf0efe1c289d2c613d
527c608c549e72072abd22435adf7547aba02605
f1739244f9442fc666915c383a46f33b475d8782d4817c9a52f951828ff629d0
GET /temp/theme-d/2/28.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:29 GMT
accept-ranges: bytes
content-length: 1262
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/29.jpg
79.127.127.68200 OK 4.8 kB URL HTTP/2 rozblog.com/temp/theme-d/2/29.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x36, components 3\012- data
Hash 6b6e62e6d550aae769885bc6eaf80001
d6a695f21b3c57dff2ae48dd32f3672f03b19b92
f9e10e4c2e99d1d9482f4df367b776f13df3f6dc4b283f3103d6f977494658b7
GET /temp/theme-d/2/29.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:30 GMT
accept-ranges: bytes
content-length: 4835
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/30.jpg
79.127.127.68200 OK 1.2 kB URL HTTP/2 rozblog.com/temp/theme-d/2/30.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3x21, components 3\012- data
Hash 5e585edaf8ec1f15b37b7908a76deff9
1b6ef8a0b1035a0b559a7b6c666f31147b281f0e
7aa1c4108fd34795bf72abbfe8806ac6410c2534818804375712cf75e5ef1cf8
GET /temp/theme-d/2/30.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:36 GMT
accept-ranges: bytes
content-length: 1247
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/31.jpg
79.127.127.68200 OK 2.2 kB URL HTTP/2 rozblog.com/temp/theme-d/2/31.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x30, components 3\012- data
Hash d7ca15a5a4c0d5e7cca199cdeebca9b8
0f4b2dbe5d77ab09adcb9f236c1417b02829f764
e680b84f28ed4502eb913af831599a6fbc1ae75c8d3603d655db9ea65a10afa6
GET /temp/theme-d/2/31.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:37 GMT
accept-ranges: bytes
content-length: 2224
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/34.jpg
79.127.127.68200 OK 2.5 kB URL HTTP/2 rozblog.com/temp/theme-d/2/34.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 92x44, components 3\012- data
Hash 6f60289afe97a5d6e35c31710ccf0506
183408abdd20247e0114495d358bf08c7af8af81
1adec92e387b0c11d5e9de93cf4673056961bac0dd986241343e695100eb78a4
GET /temp/theme-d/2/34.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:44 GMT
accept-ranges: bytes
content-length: 2476
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/35.jpg
79.127.127.68200 OK 2.2 kB URL HTTP/2 rozblog.com/temp/theme-d/2/35.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x12, components 3\012- data
Hash 5fd99ff94ed30c44333326df1be3d823
5af0af765cad08ac86ae33ca29432ac4816fb248
ad3a93b08eb5cdb4e56097757b8dd2c2208befd5cbdf058bb0f95a0c42059069
GET /temp/theme-d/2/35.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:45 GMT
accept-ranges: bytes
content-length: 2181
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/17.jpg
79.127.127.68200 OK 1.9 kB URL HTTP/2 rozblog.com/temp/theme-d/2/17.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 202x31, components 3\012- data
Hash 69e23d5f59871f21f4053a9d21f9fd50
1c9225d18224fd326210c61c6a9fd3d771cf0241
3cae4d7ffb17bcf1a88c848bf2baa541d06bc81996fb477f9ce2df73d510a90d
GET /temp/theme-d/2/17.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:07 GMT
accept-ranges: bytes
content-length: 1867
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/36.gif
79.127.127.68200 OK 1.8 kB URL HTTP/2 rozblog.com/temp/theme-d/2/36.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 4 x 80\012- data
Hash d6525fc4b13b2e941b882961b679d04c
833babd363c7e26be8d2ef50e2bec0d3e334daea
f81b3081765d32c7d972f6ae9071b60e7bc4c71a9b20047f05090853d115744d
GET /temp/theme-d/2/36.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:47 GMT
accept-ranges: bytes
content-length: 1791
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/37.jpg
79.127.127.68200 OK 4.5 kB URL HTTP/2 rozblog.com/temp/theme-d/2/37.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 997x20, components 3\012- data
Hash d717dc29b7e609b464ccb8da7f5dd78f
ad9e3d179e9a0f1378357973d6676aeb88c98216
441ba9b8d2452c204e94edfcb97e7a918ee26d0ea803ac19e0556fcd16093090
GET /temp/theme-d/2/37.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rozblog.com/temp/theme-d/2/c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:19 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:50 GMT
accept-ranges: bytes
content-length: 4504
date: Mon, 06 Feb 2023 03:49:19 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
X-Firefox-Spdy: h2
rozblog.com/temp/theme-d/2/5.gif
79.127.127.68200 OK 2.8 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/5.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 34 x 32\012- data
Hash c34c0c0c970d2762514135353beb9da9
e55118b0d210b3f6e623341e968dd76ba4747d36
9ede73e0c56d0cd259e7ab8ccf15974105cc97ab061ac5c2f4c1e7abc7a7c8e9
GET /temp/theme-d/2/5.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/gif
last-modified: Fri, 06 Apr 2012 21:11:55 GMT
accept-ranges: bytes
content-length: 2790
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afbf2e25c7ae16d1339cbd3616a3fe78
e47ee4ee6bd91f409cfd31b2b12d3b8358115449
404641656ed9c997e12715777e4ced76e309f5a6ae4ba7983cdbcb536e24edbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "404641656ED9C997E12715777E4CED76E309F5A6AE4BA7983CDBCB536E24EDBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9018
Expires: Mon, 06 Feb 2023 06:19:38 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
cdn.arzdigital.com/uploads/assets/coins/icons/bitcoin.png
172.67.73.174200 OK 2.7 kB URL HTTP/2 cdn.arzdigital.com/uploads/assets/coins/icons/bitcoin.png
IP 172.67.73.174:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 2edf1ef8b333c40979976d1a49bc234c
d75ac12795b4a9575c874e1b190712cd62a87afc
50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9
GET /uploads/assets/coins/icons/bitcoin.png HTTP/1.1
Host: cdn.arzdigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: image/png
content-length: 2691
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,PUT,POST,DELETE
expires: Mon, 13 Feb 2023 03:49:20 GMT
last-modified: Mon, 06 Feb 2023 01:59:19 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpYpt93EZHcNix1Puj5VK9XpX3JFtNsQ%2Bka%2BjxzRKeUEfmOPiqgfpdCZDY1sIZnppw%2BGSYHQapTZF5qqX%2BOwVUR989FtsIZairhUZpO7oGUYhx45xfmgerUODatUZXJAneGOSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7950ea504d19b518-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9862859ee0f8df2a924fd40b14d90c9
e71de0463f8c9a6d269cbce0195a8f0fa261aaf7
4a7439b7a7ce3513ee4ca1c1ebd0a8fdf0b84263417e86435d3f28710df79183
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4A7439B7A7CE3513EE4CA1C1EBD0A8FDF0B84263417E86435D3F28710DF79183"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Mon, 06 Feb 2023 09:48:22 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
up.td98.ir/view/3058087/103103.jpg
79.127.127.67200 OK 34 kB URL HTTP/1.1 up.td98.ir/view/3058087/103103.jpg
IP 79.127.127.67:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, JFIF standard 1.02, resolution (DPCM), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS4 Windows, datetime=2020:01:12 00:52:37], baseline, precision 8, 468x60, components 3\012- data
Hash 806c41c7453390f3095f086bd827afee
6bc8285924b930ca13998ab9c65a2998aee80340
f148a12d256aab512e055cc20ff93dda26dfb7f89612f91974581a7fcc8f554c
GET /view/3058087/103103.jpg HTTP/1.1
Host: up.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 06 Feb 2023 03:49:19 GMT
Content-Type: image/jpeg
Content-Length: 33691
Last-Modified: Sat, 11 Jan 2020 21:33:56 GMT
Connection: keep-alive
ETag: "5e1a3f44-839b"
Expires: Tue, 06 Feb 2024 03:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
rozblog.com/temp/music3/MTForumBlock_row.png
79.127.127.68200 OK 155 B URL HTTP/1.1 rozblog.com/temp/music3/MTForumBlock_row.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 3ae7d651d73f3b247f9737655c53e08e
476c9a585906552a1054a74f88de640142ce40f5
d5496cde5cf105a1cf8c8fe59e0efefba5859a4fbff07a4701ec4f4a7c6e5ac5
GET /temp/music3/MTForumBlock_row.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2011 21:45:04 GMT
accept-ranges: bytes
content-length: 155
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/theme-d/2/28.jpg
79.127.127.68200 OK 1.3 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/28.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 560x2, components 3\012- data
Hash 9a5687ea8e505bdf0efe1c289d2c613d
527c608c549e72072abd22435adf7547aba02605
f1739244f9442fc666915c383a46f33b475d8782d4817c9a52f951828ff629d0
GET /temp/theme-d/2/28.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:11:29 GMT
accept-ranges: bytes
content-length: 1262
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.td98.ir/theme/star1.gif
79.127.127.68200 OK 1.5 kB URL HTTP/1.1 www.td98.ir/theme/star1.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 16 x 48\012- data
Hash 62be78d36d7b1042487762dc40371326
acff3b81632a02f71e311534880ec040b9967326
7e2288943729ad5d7465835f6647bff0553d8f48b16693642207c7d49d7c6f4f
GET /theme/star1.gif HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9; pop_id=11717%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=9558263e078bf970b4992951802991927020
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/gif
last-modified: Thu, 27 Oct 2011 18:36:22 GMT
accept-ranges: bytes
content-length: 1450
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
rozblog.com/temp/music3/MTForumBlock_row_over.png
79.127.127.68200 OK 139 B URL HTTP/1.1 rozblog.com/temp/music3/MTForumBlock_row_over.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 1 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 1fd885e3d0a8fc062470706ae84ea56b
f0e6c850b1794c523ca16bf087054cb843daf6fa
e0dc411ff39139fd39b2cf6d027ab2d56fbd3b51bacc0935e1ae284e65c64e40
GET /temp/music3/MTForumBlock_row_over.png HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/png
last-modified: Sun, 03 Jul 2011 21:44:44 GMT
accept-ranges: bytes
content-length: 139
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
themeupload.theme-designer.com/45/image/32.gif
185.142.159.194200 OK 1.6 kB URL HTTP/1.1 themeupload.theme-designer.com/45/image/32.gif
IP 185.142.159.194:0
ASN #48147 Asre Pardazeshe Ettelaate Amin Institute
File type GIF image data, version 89a, 13 x 13\012- data
Hash b6416fed62e4f6cab25701e6354c5e51
0c3c8d652b5d5506e693fb1ff7e8fbc2dad425d2
096ce35d3eb908b26569918669a0c088e405cf1316fd0634e32e760318f0b916
GET /45/image/32.gif HTTP/1.1
Host: themeupload.theme-designer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 03:46:54 GMT
etag: "655-57d6af3a-3a1355e39;;;"
last-modified: Mon, 12 Sep 2016 13:35:54 GMT
content-type: image/gif
content-length: 1621
accept-ranges: bytes
date: Mon, 06 Feb 2023 03:46:54 GMT
server: LiteSpeed
connection: Keep-Alive
themeupload.theme-designer.com/45/image/33.gif
185.142.159.194200 OK 1.4 kB URL HTTP/1.1 themeupload.theme-designer.com/45/image/33.gif
IP 185.142.159.194:0
ASN #48147 Asre Pardazeshe Ettelaate Amin Institute
File type GIF image data, version 89a, 13 x 13\012- data
Hash e2ea7ede50a38666c6bb530479f3a774
3e2f3a1f254e1afcb0c2f2d4285cad89586e0b0f
56bbcbe8dcfa48e06c4a2ba8961ad311c6836062722adb78e1dced9a41bee5f6
GET /45/image/33.gif HTTP/1.1
Host: themeupload.theme-designer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 03:46:54 GMT
etag: "574-57d6af38-3a1355e3a;;;"
last-modified: Mon, 12 Sep 2016 13:35:52 GMT
content-type: image/gif
content-length: 1396
accept-ranges: bytes
date: Mon, 06 Feb 2023 03:46:54 GMT
server: LiteSpeed
connection: Keep-Alive
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 57f1a2c42727f9ed3de5a7cb2097393a
3b7cc51b8fe288c4fb851aff27d88e452160aa49
dfb7c1afa2e570b08e0cab69d8ab505fc8ca0c3104466c393f5bc24467b8661c
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
X-N: S
rozblog.com/temp/theme-d/2/1.jpg
79.127.127.68200 OK 21 kB URL HTTP/1.1 rozblog.com/temp/theme-d/2/1.jpg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 997x100, components 3\012- data
Hash b202b6f58a5e2484e125817b24b97612
7f455792ebbcf8a24c46a432a5886aed72d318e7
c32b14b618e6337b598c586bd156d661c3e99731e72fd60fcb7bdc07d50004d2
GET /temp/theme-d/2/1.jpg HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/jpeg
last-modified: Fri, 06 Apr 2012 21:10:46 GMT
accept-ranges: bytes
content-length: 20762
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3a67745ab0eb3ad37f51acb541f8722
119c3c7a8001696223edea494436432a6e017aaf
cac9eaf4df2fa47c25d95270039ac84e046f576a8a5497868a5ebb22b863a2a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAC9EAF4DF2FA47C25D95270039AC84E046F576A8A5497868A5EBB22B863A2A9"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 06 Feb 2023 09:49:20 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
rozblog.com/temp/m98/stats.gif
79.127.127.68200 OK 556 B URL HTTP/1.1 rozblog.com/temp/m98/stats.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 15 x 15\012- data
Hash 4c3f4452e679cc7545966013f353272f
bca7d3ae8fa7bda9c8e2a7e525902f84a9809139
dbd5baa30baba95d47a6fa9416157aa39b2c4ca0782ae01145e0c4b4ad29bd39
GET /temp/m98/stats.gif HTTP/1.1
Host: rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Tue, 06 Feb 2024 03:49:20 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2011 08:34:35 GMT
accept-ranges: bytes
content-length: 556
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2eac0be37bca7af52eaf2c8923b3356
f0cb4ea644e65f2275daffa97d0d3e1531715f69
b5f04d3d554471ba7511652f040cb148321ec34fb474fefe71abe9ee19679541
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F04D3D554471BA7511652F040CB148321EC34FB474FEFE71ABE9EE19679541"
Last-Modified: Sat, 04 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1447
Expires: Mon, 06 Feb 2023 04:13:27 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
up.td98.ir/view/3058088/hostfree1.jpg
79.127.127.67200 OK 189 kB URL HTTP/1.1 up.td98.ir/view/3058088/hostfree1.jpg
IP 79.127.127.67:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2020:01:12 01:02:05], baseline, precision 8, 980x300, components 3\012- data
Size 189 kB (188740 bytes)
Hash 1e55a56b7a8141e3bc969259e49f239d
9da71afa1d210fb9e290afaada0d977f20672514
2939f71968d2759b6d474dffa631ee458af9e1884f5c04fd37b4e3ae712e099c
GET /view/3058088/hostfree1.jpg HTTP/1.1
Host: up.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 06 Feb 2023 03:49:19 GMT
Content-Type: image/jpeg
Content-Length: 188740
Last-Modified: Sat, 11 Jan 2020 21:33:56 GMT
Connection: keep-alive
ETag: "5e1a3f44-2e144"
Expires: Tue, 06 Feb 2024 03:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cdn.arzdigital.com/uploads/2020/11/okex_1280x90.gif
172.67.73.174200 OK 203 kB URL HTTP/2 cdn.arzdigital.com/uploads/2020/11/okex_1280x90.gif
IP 172.67.73.174:0
File type GIF image data, version 89a, 1280 x 90\012- data
Size 203 kB (203230 bytes)
Hash ff4e4ab4fffdb145a1dc463823d9fcb4
d73069c2d11eb6747eed488c25f9e5131a8a0d66
6699f8c6509a9d4422fe9901ae947affa1606e222e7759f4e740c75411376075
GET /uploads/2020/11/okex_1280x90.gif HTTP/1.1
Host: cdn.arzdigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: image/gif
content-length: 203230
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 03:49:20 GMT
last-modified: Wed, 04 Nov 2020 09:35:23 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: *
access-control-allow-credentials: true
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53Xc989yC45GDHU9qSyT3WiBCbdAzSLz1xYYzYyWxBasEi2AYdMLNPDRXKqV2XpzKqVSVkYi%2FKfij2%2BbsPmcxwnfEkNJ3Z%2B68pPW2KSDozt1fYh7s095snUE4HAjuK8aYNwBgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7950ea50fd66b518-OSL
X-Firefox-Spdy: h2
up.td98.ir/view/3573613/faraLogo.png
79.127.127.67200 OK 66 kB URL HTTP/1.1 up.td98.ir/view/3573613/faraLogo.png
IP 79.127.127.67:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 666 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 80b1ae4206615bcd469bd7d25b6bec41
9f7c72830ac952ed50761cc34a14f91bcb732494
360b211a901fe7d457e3315abb5ae6c83a8b4a39cb96f2cc8f151454da77306f
GET /view/3573613/faraLogo.png HTTP/1.1
Host: up.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 06 Feb 2023 03:49:19 GMT
Content-Type: image/png
Content-Length: 66456
Last-Modified: Mon, 19 Dec 2022 21:14:53 GMT
Connection: keep-alive
ETag: "63a0d44d-10398"
Expires: Tue, 06 Feb 2024 03:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
up.td98.ir/view/3409130/Video-Maker-Video-Editor-Clipvue-Cut-Photos-217x217-www.td98.ir.png
79.127.127.67200 OK 59 kB URL HTTP/1.1 up.td98.ir/view/3409130/Video-Maker-Video-Editor-Clipvue-Cut-Photos-217x217-www.td98.ir.png
IP 79.127.127.67:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 217 x 217, 8-bit/color RGBA, non-interlaced\012- data
Hash a8510ffc2e32bdf72ed4c9f8c8a0fda5
d00bc4fdfd733087b4941156ce2d7dad8a98232a
95a209b99e09917bfa870c8d1a7b19da985f3a35abd2a07d2137f16afee67664
GET /view/3409130/Video-Maker-Video-Editor-Clipvue-Cut-Photos-217x217-www.td98.ir.png HTTP/1.1
Host: up.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 06 Feb 2023 03:49:19 GMT
Content-Type: image/png
Content-Length: 58569
Last-Modified: Fri, 17 Sep 2021 19:40:12 GMT
Connection: keep-alive
ETag: "6144ef1c-e4c9"
Expires: Tue, 06 Feb 2024 03:49:19 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
cdn.soft98.ir/Autodesk%20AutoCAD.jpg
185.112.33.122200 OK 8.8 kB URL HTTP/1.1 cdn.soft98.ir/Autodesk%20AutoCAD.jpg
IP 185.112.33.122:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 5d7bd4db9304d0b556edf2d558af2405
63a1d3d7d01636a4a3defa86f50fd58707474795
89b0c2bf7d45fc3984efb6921aaf99eb8438e99e7f569d4f8d5c4f3cd671a0ed
GET /Autodesk%20AutoCAD.jpg HTTP/1.1
Host: cdn.soft98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 03:49:20 GMT
Content-Type: image/jpeg
Content-Length: 8825
Last-Modified: Thu, 07 Nov 2019 17:49:14 GMT
Connection: keep-alive
ETag: "5dc4591a-2279"
Server: Hosted by hostdl.com
Expires: Wed, 08 Mar 2023 03:49:20 GMT
Pragma: public
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe617dc8b7631348645314717da42bba
d9218b62c36ab0f9d33a012b6da69f133093c548
a99d4f125b5b7f9976e959fe165862a3634300349f952b078b1a821dda4829dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99D4F125B5B7F9976E959FE165862A3634300349F952B078B1A821DDA4829DC"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2151
Expires: Mon, 06 Feb 2023 04:25:11 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
digiato.com/wp-content/uploads/2022/03/openpublicdocument.5.jpeg
194.147.142.68200 OK 67 kB URL HTTP/2 digiato.com/wp-content/uploads/2022/03/openpublicdocument.5.jpeg
IP 194.147.142.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash 1b807592eaa2b3fa6bd7595c1b8de269
194ee431ee9186200940c195569744d875841469
8d211311dbda323940162d5a52e2b0ca4240384d59bc6022d16b4f943b7e2bf1
GET /wp-content/uploads/2022/03/openpublicdocument.5.jpeg HTTP/1.1
Host: digiato.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: image/jpeg
content-length: 66786
last-modified: Thu, 31 Mar 2022 10:04:22 GMT
etag: "62457ca6-104e2"
expires: Sun, 07 May 2023 03:49:20 GMT
cache-control: max-age=7776000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play-lh.googleusercontent.com/mjmbWruxfo8oYHsBNI7b76KLj1AEJQo7hXwlmi05EvfFwubOjo8nQJrVEHRe4Vbgpo8=s120-rw
142.250.74.118200 OK 5.3 kB URL HTTP/2 play-lh.googleusercontent.com/mjmbWruxfo8oYHsBNI7b76KLj1AEJQo7hXwlmi05EvfFwubOjo8nQJrVEHRe4Vbgpo8=s120-rw
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ea35bee402d267ea1beeba004e343740
0ab4251a3d5ae5b7f9b985b087da77cd2a75a2dc
22993c2aaf1280cc7d2604dcf79b16ce97fba48feb029947e6a04bcedfa35447
GET /mjmbWruxfo8oYHsBNI7b76KLj1AEJQo7hXwlmi05EvfFwubOjo8nQJrVEHRe4Vbgpo8=s120-rw HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.webp"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5342
x-xss-protection: 0
date: Mon, 06 Feb 2023 03:49:20 GMT
expires: Tue, 31 Jan 2023 23:35:19 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3512
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
native-removal.triboon.net/?hash=343247648,816485612,311168932,516873674,619680755
185.143.234.122200 OK 522 B URL HTTP/2 native-removal.triboon.net/?hash=343247648,816485612,311168932,516873674,619680755
IP 185.143.234.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type JSON data\012- , ASCII text
Hash feb5f9198bc326c121833b1e89f2c918
ce4f80fc0f47d27d4102cbf2f82bc76b412bdc2d
a3522e42107b8025d08da824bf7bd36ec43b140777cec4a9986f550a0dc543a6
OPTIONS /?hash=343247648,816485612,311168932,516873674,619680755 HTTP/1.1
Host: native-removal.triboon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: href
Referer: http://www.td98.ir/
Origin: http://www.td98.ir
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://www.td98.ir
access-control-allow-headers: *
cache-control: public, max-age=14400, s-maxage=14400, stale-while-revalidate=3600, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
ar-sid: 2025
ar-atime: 0.184
ar-request-id: 8d75133eb07169421d6db7216a257ced
content-encoding: br
X-Firefox-Spdy: h2
www.td98.ir/favicon.ico
79.127.127.68404 Not Found 224 B IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dee0dc78439da1341c64fcc0dee29262
9ff788249562bbd3127d189295e7899eded8ce62
32a5f22ef8bd46a382546428ea9f01354d57aa17724f5c0313db1de1c941c6be
GET /favicon.ico HTTP/1.1
Host: www.td98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.td98.ir/xrr
Cookie: PHPSESSID=735f78db72ce37b50be69d85f89171b9; pop_id=11717%2C; c_ref=9ab68fd6d6d09f35ca12c9a76bf3c880; c_t=9558263e078bf970b4992951802991927020
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 224
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Mon, 06 Feb 2023 03:49:20 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3512
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3512
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3512
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 03:49:20 GMT
Connection: keep-alive
xzn.ir/wp-content/uploads/2014/07/1.gif
185.143.233.122200 OK 84 kB URL HTTP/2 xzn.ir/wp-content/uploads/2014/07/1.gif
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type GIF image data, version 89a, 468 x 60\012- data
Hash ca18317755279cd4595e20187095bf9c
096c1069c7779f1eb4eed6d5b25b3bd07d55df7d
675a85020e8e9d00f90daacc2975ae8fd3fbc2d03427c8491cfa7541c3bcfa62
GET /wp-content/uploads/2014/07/1.gif HTTP/1.1
Host: xzn.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: image/gif
content-length: 84161
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 03:49:20 GMT
last-modified: Sun, 31 Jan 2016 22:03:58 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
ar-sid: 2583
ar-atime: 0.346
ar-cache: BYPASS
ar-request-id: 707ab7675785db709c51b0d4c97c1d8b
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6107217bc206ebf204dfcf832cffc04
4f370e81106ef09ce9294eaa074ff6922197ded0
2cc25b8ddf56ceb274bd147d4e54f3fc386a97f984aa3a7bcc19f083fe68b94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3943
x-amzn-requestid: 918fd8d6-0118-4548-9380-e3078577a876
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzWBtEdKoAMFwnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de03a4-6d8ffde860d89fbc513a20f9;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:05:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZRVPNp0hKlSBXYjgbVfF8MGqNMHCKF2T4fAqflvZz8z-Uy9bKR9HhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:17:18 GMT
age: 73922
etag: "4f370e81106ef09ce9294eaa074ff6922197ded0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 21558
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb0dab387816c4b691190ec83c2f0f06
9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358
6655307747227d7905f0eca1aaefda6147e4ae443fb9fb20cdb6a336aaab5b67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8528
x-amzn-requestid: b799da5b-d52a-4d83-bdd4-9582d39d6c5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwCmAFYgIAMFjvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb159-77235f642e8a0bdb07414dcb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:01:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EN4Mi_2U_eISge5bd6JQgkg6rGJcB2cQAyhKHOZO-g_Arj6kofRo6g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:26:08 GMT
age: 73393
etag: "9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 32977
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 21325
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27b516a4bb5fa5512a31aa8de5f9706e
03aeba4fafc64130967d3645081426f81b5f7dd1
7e5d809bf4e1b6f7f25bf604c1e5efcaf2a442ebfb53397d65820ebb1eaf754a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d63833d-c4af-4746-a163-2d9da6b2bf67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 4cae7b8e-f650-4d61-9f3d-8cce7410ba1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pOKFamIAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0225a-51cd8f5b2d810ad94f52a5e3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:40:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WhhBAtYjlLj3PcIM5a-OwGIDFLeHYNF5Tg99rpTFMa326gTFJ56zBA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:21 GMT
age: 21480
etag: "03aeba4fafc64130967d3645081426f81b5f7dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17f83c823a1789ea21760ac0ff91efd1
0a3c92a9639ce39aaab0e8b0d5b7ab512cc91e69
9cc7f497eb8e32d058f70339ff3cbee6d1d21c070242c490987b733b7420a62c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 03:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 506e075a4a52479152e5734060ba675c
3cedd00b18eea28f7c22a027873b1791cc7c7e15
8df6fd5ffb19dd5e1d954e1138a709349ecbb4dfd4c2fd6c5663a316aeb0a6e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DF6FD5FFB19DD5E1D954E1138A709349ECBB4DFD4C2FD6C5663A316AEB0A6E3"
Last-Modified: Sat, 04 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13740
Expires: Mon, 06 Feb 2023 07:38:21 GMT
Date: Mon, 06 Feb 2023 03:49:21 GMT
Connection: keep-alive
nfetch.yektanet.com/api/v2/load
87.107.144.247204 No Content 0 B URL HTTP/2 nfetch.yektanet.com/api/v2/load
IP 87.107.144.247:0
ASN #204544 Dade Pardazi Mobinhost Co LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/load HTTP/1.1
Host: nfetch.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.td98.ir/
Origin: http://www.td98.ir
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 03:49:21 GMT
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: http://www.td98.ir
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=9ccd67bd-7f56-4395-bca2-12bdaf14464f&abj=1&aed=pub&sv=3&st=publisher.js&ac=http%3A%2F%2Fwww.td98.ir%2Fxrr&ae=%7B%7D&ad=td98.ir&as=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86&aef=xywHAyqU&aec=156927&ai=02123e90-fea6-e330-8951-afacde2d89fa&abw=1268&abb=939&aby=1280&abz=1024&al=1280&am=939&abk=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86
185.143.233.122200 OK 42 B URL HTTP/2 ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=9ccd67bd-7f56-4395-bca2-12bdaf14464f&abj=1&aed=pub&sv=3&st=publisher.js&ac=http%3A%2F%2Fwww.td98.ir%2Fxrr&ae=%7B%7D&ad=td98.ir&as=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86&aef=xywHAyqU&aec=156927&ai=02123e90-fea6-e330-8951-afacde2d89fa&abw=1268&abb=939&aby=1280&abz=1024&al=1280&am=939&abk=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /__fake.gif?aa=event&abe=L&abf=9ccd67bd-7f56-4395-bca2-12bdaf14464f&abj=1&aed=pub&sv=3&st=publisher.js&ac=http%3A%2F%2Fwww.td98.ir%2Fxrr&ae=%7B%7D&ad=td98.ir&as=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86&aef=xywHAyqU&aec=156927&ai=02123e90-fea6-e330-8951-afacde2d89fa&abw=1268&abb=939&aby=1280&abz=1024&al=1280&am=939&abk=%D9%81%DB%8C%D8%AA%DA%A9%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%B1%D8%A7%D9%8A%DA%AF%D8%A7%D9%86 HTTP/1.1
Host: ua.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: image/gif
content-length: 42
set-cookie: gearbox_ad_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443; Path=/; Domain=.yektanet.com; SameSite=None; Secure; HttpOnly; Max-Age=315360000; Expires=Thu, 03-Feb-33 03:49:21 GMT
analytics_global_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443; Path=/; Domain=.yektanet.com; SameSite=None; Secure; HttpOnly; Max-Age=315360000; Expires=Thu, 03-Feb-33 03:49:21 GMT
last-modified: Monday, 06-Feb-2023 03:49:21 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.021
ar-cache: BYPASS
ar-request-id: 2513681d5824990134709be914ef488b
accept-ranges: bytes
X-Firefox-Spdy: h2
nfetch.yektanet.com/api/v2/load
87.107.144.247200 OK 864 B URL HTTP/2 nfetch.yektanet.com/api/v2/load
IP 87.107.144.247:0
ASN #204544 Dade Pardazi Mobinhost Co LTD
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (803), with no line terminators
Hash 3c03187ad2c26d7f29be91ef6fdf0537
61181ce67f5891ca5c1c4640360cd0bafa63b884
507bef9bc5c53adde44da63127fe10e8309e906878e6f8458aed5b9dcfd1450a
POST /api/v2/load HTTP/1.1
Host: nfetch.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 477
Origin: http://www.td98.ir
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: application/json; charset=utf-8
content-length: 864
vary: Origin
access-control-allow-origin: http://www.td98.ir
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
audience-staging.yektanet.com/api/v1/scripts/preview/validate/?app_id=xywHAyqU
185.143.233.122200 OK 5 B URL HTTP/2 audience-staging.yektanet.com/api/v1/scripts/preview/validate/?app_id=xywHAyqU
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /api/v1/scripts/preview/validate/?app_id=xywHAyqU HTTP/1.1
Host: audience-staging.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.td98.ir
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: application/json
content-length: 5
access-control-allow-origin: http://www.td98.ir
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.230
ar-cache: BYPASS
ar-request-id: 5a65571216bfec3885ccee3eb646031c
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 89d62dba5b1ca5423ada8caf316b633f
330983ce692c7b52a7ed1302c5a640b605ea0ad4
efde590b0b75ac3fcdf4c290c18b301c32b3bf04caab59a172d115a1310ef46b
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=462
Date: Mon, 06 Feb 2023 03:49:21 GMT
Connection: keep-alive
X-N: S
tasvir.yektanet.com/media/CACHE/images/ads/image_527a285b-cbca-4999-8ec4-462693446ed6__1eztHiqY7m/90/150x100.jpeg
185.143.233.122200 OK 6.6 kB URL HTTP/2 tasvir.yektanet.com/media/CACHE/images/ads/image_527a285b-cbca-4999-8ec4-462693446ed6__1eztHiqY7m/90/150x100.jpeg
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x100, components 3\012- data
Hash 5f5abca8a99e9e71d672b564e3f6aaca
d2c60e00c39edfeeed8012190cd69c258dedd90b
9caf260e6258a85153c704496b256e80a53f6d2ff8383e37d52c9189d98c588c
GET /media/CACHE/images/ads/image_527a285b-cbca-4999-8ec4-462693446ed6__1eztHiqY7m/90/150x100.jpeg HTTP/1.1
Host: tasvir.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Cookie: gearbox_ad_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443; analytics_global_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: image/jpeg
content-length: 6555
last-modified: Wed, 01 Feb 2023 00:35:12 GMT
x-rgw-object-type: Normal
etag: "5f5abca8a99e9e71d672b564e3f6aaca"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cache-control: max-age=3600
x-cache-status: MISS
expires: Mon, 06 Feb 2023 04:49:21 GMT
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.000
ar-cache: HIT
ar-request-id: eb3722c0fc840ac65521e8824d0d8dcc
accept-ranges: bytes
X-Firefox-Spdy: h2
plus.sabavision.com/csync/3P/pixel?id=yektanet
185.147.178.24200 OK 597 B URL HTTP/2 plus.sabavision.com/csync/3P/pixel?id=yektanet
IP 185.147.178.24:0
ASN #44932 Fannavaran-e Idea Pardaz-e Saba PJSC
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash 91c97a3dd65bdf0bcd2fa45d5b1c1b86
68cf099726f6e1cc8f3b31ff481a1d2479fc682d
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
GET /csync/3P/pixel?id=yektanet HTTP/1.1
Host: plus.sabavision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: image/jpeg
content-length: 597
cache-control: no-cache
cache-directive: no-cache
expires: 0
pragma: no-cache
pragma-directive: no-cache
server: nginx
x-upstream-ct: 0.001
x-upstream-ht: 0.249
x-upstream: 0
X-Firefox-Spdy: h2
cdn.yektanet.com/js/rozblog.com/native-rozblog.com-23662.js?v=2023010603
185.143.233.122200 OK 0 B URL HTTP/2 cdn.yektanet.com/js/rozblog.com/native-rozblog.com-23662.js?v=2023010603
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /js/rozblog.com/native-rozblog.com-23662.js?v=2023010603 HTTP/1.1
Host: cdn.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 30 Jan 2023 13:25:42 GMT
x-rgw-object-type: Normal
etag: W/"e0e93b637f04b4611e8832270ea3609d"
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cache-control: max-age=31536000
x-cache-status: HIT
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.000
ar-cache: HIT
ar-request-id: c0a2e393a75e9ed0f63131c1325fac3d
X-Firefox-Spdy: h2
cdn.yektanet.com/rg_woebegone/scripts_v3/D138M2Bm/publisher.js?v=2023010603
185.143.233.122200 OK 0 B URL HTTP/2 cdn.yektanet.com/rg_woebegone/scripts_v3/D138M2Bm/publisher.js?v=2023010603
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /rg_woebegone/scripts_v3/D138M2Bm/publisher.js?v=2023010603 HTTP/1.1
Host: cdn.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:20 GMT
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=31536000
last-modified: Sun, 05 Feb 2023 20:47:22 GMT
x-rgw-object-type: Normal
etag: W/"3163215f2891a149e4de3b97bdc38f2d"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.000
ar-cache: HIT
ar-request-id: 32e55249df22d11f7c164fe624b90f28
X-Firefox-Spdy: h2
cdn.yektanet.com/fp/fingerprint.js?v=umd
185.143.233.122200 OK 0 B URL HTTP/2 cdn.yektanet.com/fp/fingerprint.js?v=umd
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /fp/fingerprint.js?v=umd HTTP/1.1
Host: cdn.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Jan 2023 07:33:52 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
etag: W/"63d8c460-7c6a"
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.000
ar-cache: HIT
ar-request-id: 0d1d7388219b78ecd320552df24a4a9b
X-Firefox-Spdy: h2
native-removal.triboon.net/?hash=343247648,816485612,311168932,516873674,619680755
185.143.234.122200 OK 0 B URL HTTP/2 native-removal.triboon.net/?hash=343247648,816485612,311168932,516873674,619680755
IP 185.143.234.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /?hash=343247648,816485612,311168932,516873674,619680755 HTTP/1.1
Host: native-removal.triboon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
href: http://www.td98.ir/xrr
Origin: http://www.td98.ir
Connection: keep-alive
Referer: http://www.td98.ir/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: http://www.td98.ir
access-control-allow-headers: *
cache-control: public, max-age=14400, s-maxage=14400, stale-while-revalidate=3600, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
ar-sid: 2025
ar-atime: 0.186
ar-cache: BYPASS
ar-request-id: 7804cdce58c8084abf14c3a5ea3339c7
content-encoding: br
X-Firefox-Spdy: h2
ua.yektanet.com/cookie/iframe/
185.143.233.122200 OK 0 B URL HTTP/2 ua.yektanet.com/cookie/iframe/
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /cookie/iframe/ HTTP/1.1
Host: ua.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 03:49:21 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pragma: no-cache
expires: 0
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.023
ar-cache: BYPASS
ar-request-id: 318397d2cb03c7f71be007a522013991
content-encoding: br
X-Firefox-Spdy: h2
native-scripts.yektanet.com/public/chunk/minified/929.23872a583b9486f5dd1a.js
185.143.233.122200 OK 0 B URL HTTP/2 native-scripts.yektanet.com/public/chunk/minified/929.23872a583b9486f5dd1a.js
IP 185.143.233.122:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
GET /public/chunk/minified/929.23872a583b9486f5dd1a.js HTTP/1.1
Host: native-scripts.yektanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.td98.ir/
Cookie: gearbox_ad_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443; analytics_global_token=083c0b41-1ee34-495e1-1a9e1-11b694564d443
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ArvanCloud
date: Mon, 06 Feb 2023 03:49:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 29 Jan 2023 15:29:22 GMT
x-rgw-object-type: Normal
etag: W/"90dd3fd68df9a5519678206c5b18e391"
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cache-control: max-age=3600
x-cache-status: MISS
expires: Mon, 06 Feb 2023 04:49:21 GMT
x-xss-protection: 1; mode=block
ar-sid: 2582
ar-atime: 0.000
ar-cache: HIT
ar-request-id: d35121ee867a522c6f0745614a07b1d1
content-encoding: br
X-Firefox-Spdy: h2