www.bamyk.com/post/366
301 Moved Permanently 238 B IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a815f679f595b7bfd868e6561f0d852b
6c80a245472ef2e63a917e94bd75c0eb4c865fb9
a771ed848d15cf255798c36acc7d901fa93cd7a894b5b7bb43604d7f80847f03
Analyzer Verdict Alert fortinet Malware
GET /post/366 HTTP/1.1
Host: www.bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 12 Dec 2022 22:13:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 238
Connection: keep-alive
Location: https://www.bamyk.com/post/366
Cache-Control: max-age=0
Expires: Mon, 12 Dec 2022 22:13:51 GMT
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7901
Expires: Tue, 13 Dec 2022 00:25:32 GMT
Date: Mon, 12 Dec 2022 22:13:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8fe6ec1ac390bc5b90b68b0e3005299
4ce20d527fcc93a2a6d1c5f3ab73ee8ded2a57f2
1755a645d41780a9e54ee1ad04a2b293d16d2a98e543f81835c3a66e3d58c3be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1755A645D41780A9E54EE1AD04A2B293D16D2A98E543F81835C3A66E3D58C3BE"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6404
Expires: Tue, 13 Dec 2022 00:00:35 GMT
Date: Mon, 12 Dec 2022 22:13:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:43 GMT
content-type: application/json
age: 2408
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 13 Dec 2022 00:25:08 GMT
Date: Mon, 12 Dec 2022 22:13:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FV32VnuvZNNKbi6dSSXAbyN3ilzEoc7624aObA2DmZENI8GvfmCDR9p5EnO26cNhZpIkFK64ElsRB8xR+ufmdA==
x-amz-request-id: HZ9QF63Q0DXVTTC3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 21:51:39 GMT
age: 1332
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:17 GMT
age: 2435
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32429c9c60cba8a4edeb892ef52ebd78
1d9b1e2a5607a506cc97fb372f4bc68eff586aaf
995b3944a0d5a8b44a2291bbf0050bb94e81f3066bd472b3261fef94f864384a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "995B3944A0D5A8B44A2291BBF0050BB94E81F3066BD472B3261FEF94F864384A"
Last-Modified: Mon, 12 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7265
Expires: Tue, 13 Dec 2022 00:14:57 GMT
Date: Mon, 12 Dec 2022 22:13:52 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5477
Cache-Control: max-age=131056
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:52 GMT
Etag: "6396ef2b-1d7"
Expires: Wed, 14 Dec 2022 10:38:08 GMT
Last-Modified: Mon, 12 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bhFk+HKYJMwxWNsOoVlgAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QIsqoWFznmtc+pXJYOD6iTjh3es=
www.bamyk.com/post/366
301 Moved Permanently 0 B IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /post/366 HTTP/1.1
Host: www.bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 12 Dec 2022 22:13:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://bamyk.com/post/366
vary: Accept-Encoding,User-Agent
X-Firefox-Spdy: h2
bamyk.com/post/366
404 Not Found 26 kB IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash d9b675061363250d2d2afe5b870a56ec
cbbe2407acbeb0a21da8a05fd4bd9c819444cc3c
226cf292622d95c371751640bdbcb1c783685c5f99b47ebae280b0ac1a8811d4
Analyzer Verdict Alert fortinet Malware
GET /post/366 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/html; charset=UTF-8
content-length: 25876
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bamyk.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b14162cab0131ca3a7e7c1c6d72c77f3
87a1ae365bc2a459c323770eb9632d28649b2b1b
759526e8274b5fa52e1a46496e286cc04466a27c41a8f20de6aee1b756feb87c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=fa_IR&onload=agrLoad&render=explicit&ver=1.0.12
200 OK 572 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=fa_IR&onload=agrLoad&render=explicit&ver=1.0.12
IP
File type ASCII text, with very long lines (902), with no line terminators
Hash c416d61194541a717af2c62f518d2da9
917688480acbb24d2f3f843db8e65aa684ef03a7
e63063f476093020c3fcdeea8d2badca86056f2bdfe456021ef06d0410ad469c
GET /recaptcha/api.js?hl=fa_IR&onload=agrLoad&render=explicit&ver=1.0.12 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 12 Dec 2022 22:13:53 GMT
date: Mon, 12 Dec 2022 22:13:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 572
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-168809918-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-168809918-1
IP
File type ASCII text, with very long lines (1921)
Hash 2b6b4694581eb414d69f611fe98d304a
2158b80190dad8672ed513e22ab7a44adf4a8959
9775846f2d1961d89dc462e943ad72166c6df994f7499385c17eb9c27533fed5
GET /gtag/js?id=UA-168809918-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Dec 2022 22:13:53 GMT
expires: Mon, 12 Dec 2022 22:13:53 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9837
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 22:13:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9837
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 22:13:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9837
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 22:13:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9837
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 22:13:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KkltHSO_YnfExbgR5cg199uOPnKy62zoMPwFfktRCpu03ImoFNMAIw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:37:58 GMT
age: 84955
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:42 GMT
age: 971
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: e68bff96-83e0-471c-95ed-d9773d2354a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82_MHywoAMFe_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6395052d-23c53ea949b7266822b23787;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:16:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe5TA8wzsxvsnupvCvyDKwfvJOxK3SLZsexG1tPiTWu3gVXBCXAhSw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 04:55:55 GMT
age: 62278
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2pga97qYwh0G0tlQvRwkVvA3Xm9yynDBhOATBNKLFk1IxG5PBgv4fw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:58:39 GMT
age: 914
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vPiqEPzdYtVSdb8l3Gz5f1X2tMjYuPdtLfxgiicjQRygN6SU5CrWMg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:59:56 GMT
age: 837
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UU3eyJXDqth6F65_913HL9lqA3qZHfGExAV89BRzHpQho5wZbQRTmw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:52:33 GMT
age: 1280
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bamyk.com/wp-content/uploads/2020/12/345436222.png
200 OK 2.4 kB URL HTTP/2 bamyk.com/wp-content/uploads/2020/12/345436222.png
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type PNG image data, 272 x 90, 8-bit colormap, non-interlaced\012- data
Hash 72e1499cc7ba64e92e5c57a5ff974725
de4ab399cb4fc2cb22ce9a568a175f3bdae59770
69b41394f159e7e3d665c65cfb75d11af4976baedd23059291c13d6d8dd5692b
GET /wp-content/uploads/2020/12/345436222.png HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: image/png
content-length: 2374
last-modified: Sat, 05 Dec 2020 11:05:50 GMT
etag: "5fcb698e-946"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8f8832d1cbb80f1d32588fb3cd3fb99b
f0a4c5455442c43b5acaaddae3eba312a067448d
41e47ee3998a820cf227604e0c8aed206b7752c644280efa80c683978d56ccc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41E47EE3998A820CF227604E0C8AED206B7752C644280EFA80C683978D56CCC7"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=900
Expires: Mon, 12 Dec 2022 22:28:54 GMT
Date: Mon, 12 Dec 2022 22:13:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beta.kaprila.com/a/show.js.php?ref=bamyk.com&page_title=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&page_url=https://bamyk.com/post/366
200 OK 468 B URL HTTP/1.1 beta.kaprila.com/a/show.js.php?ref=bamyk.com&page_title=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&page_url=https://bamyk.com/post/366
IP
ASN #48715 Sefroyek Pardaz Engineering Co. LTD
File type ASCII text, with very long lines (619), with no line terminators
Hash 2f1694ac392e0871fe3b8800bc70c125
6af987cd1f8584e6b6354a0c1d9b9eabebb3ee62
fab8a37795b6a4799d58a5a64b2ba4e86107539c4a1bdb7f719b6232acd04d25
GET /a/show.js.php?ref=bamyk.com&page_title=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&page_url=https://bamyk.com/post/366 HTTP/1.1
Host: beta.kaprila.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.21.3
date: Mon, 12 Dec 2022 22:13:54 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.0.11
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamyk.com/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-download.js?ver=1.7.53
200 OK 8.2 kB URL HTTP/2 bamyk.com/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-download.js?ver=1.7.53
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash ae7c000d19ccbe934f48445a5cb0a185
dbe41d08273684775e0b0d0c3dec349e67a28f33
833c622d914b8f648bb2a18cf115eb415170f372060b66dca3e4692f51fbd50d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-download.js?ver=1.7.53 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 08:23:53 GMT
vary: Accept-Encoding
etag: W/"6392f099-35b"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamyk.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8
200 OK 21 kB URL HTTP/2 bamyk.com/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash 2ececbf91a4975faceabbda36b5e3a29
fa8dce3f92d1780fb3fa22eaae8f1b02da383a57
5915ba406027a8ab402dde8cdcedb0a6dc33d10497cf925d211cefe95375c199
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
etag: W/"62551487-48b9"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7
200 OK 12 kB URL HTTP/2 bamyk.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash 73c92a85eeb6156acd1501051b7c773a
68431d9b3e93f83cb18eee607417d27e1e617dc7
2c75ba339f343ff49b9b96652319e19e8ec200524aa78f5a2702f3391724f808
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Sat, 10 Dec 2022 15:14:19 GMT
vary: Accept-Encoding
etag: W/"6394a24b-316c"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/shortcodes-ultimate/includes/css/rtl-shortcodes.css?ver=5.12.5
200 OK 16 kB URL HTTP/2 bamyk.com/wp-content/plugins/shortcodes-ultimate/includes/css/rtl-shortcodes.css?ver=5.12.5
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash 0c2ce3600e19de29f54cf21ecae3ac0a
b09eb66e3ad6e32c9f22add5c8610609da7f63a1
a3ba9ab5e68d66df7cffda5ff4182769bf5ef8efe05bedcbce02c98f2543018f
GET /wp-content/plugins/shortcodes-ultimate/includes/css/rtl-shortcodes.css?ver=5.12.5 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Wed, 23 Nov 2022 13:02:57 GMT
vary: Accept-Encoding
etag: W/"637e1a01-456"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/bs-booster-cache/b316a0c90ec73ed666ebc32033ad2d5f.js?ver=81582bdb254a94e4464424087c6479a8
200 OK 83 kB URL HTTP/2 bamyk.com/wp-content/bs-booster-cache/b316a0c90ec73ed666ebc32033ad2d5f.js?ver=81582bdb254a94e4464424087c6479a8
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash 697c39f53132c51c105876bab79d363b
86a3ecd0d1e4c17e6295020d9f4ca6e01b9212d9
fb6de778e3a5337084659a6026f553c2b199932cf960c6c6e4675e836569b38c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/bs-booster-cache/b316a0c90ec73ed666ebc32033ad2d5f.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Sat, 10 Dec 2022 17:09:44 GMT
vary: Accept-Encoding
etag: W/"6394bd58-408d9"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7
200 OK 19 kB URL HTTP/2 bamyk.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Hash ea4ea252d0e2cb8e52ad1dd6505b89d0
9a62cd4c7de2290bb79839e76273b08810686044
96694b1a0ed21be45dc5965e9090e3d9aab9309171e943042cd6d8cbc48e1743
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Sat, 10 Dec 2022 15:14:19 GMT
vary: Accept-Encoding
etag: W/"6394a24b-2945"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/themes/publisher/includes/fonts/iransans/woff2/IRANSansWeb_Medium.woff2
200 OK 27 kB URL HTTP/2 bamyk.com/wp-content/themes/publisher/includes/fonts/iransans/woff2/IRANSansWeb_Medium.woff2
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type Web Open Font Format (Version 2), TrueType, length 27008, version 1.0\012- data
Hash 9c66b762719d40d1f18e678a1405459a
75182e5ed3ce5347042cb8289740853020856d65
5e8559023c88d8bd7c7c91c55f05d89620c836c37cf7a49f33212b966efed2ff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/publisher/includes/fonts/iransans/woff2/IRANSansWeb_Medium.woff2 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bamyk.com/wp-content/bs-booster-cache/5c1dbe3b195dad5bc92b7da58544e2f4.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:54 GMT
content-type: font/woff2
content-length: 27008
last-modified: Sun, 27 Nov 2022 20:55:43 GMT
etag: "6383cecf-6980"
expires: Mon, 26 Dec 2022 22:13:54 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamyk.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 bamyk.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bamyk.com/wp-content/bs-booster-cache/c687e0520bfea088d88bd2c1589e3282.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:54 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sun, 27 Nov 2022 20:55:43 GMT
etag: "6383cecf-12d68"
expires: Mon, 26 Dec 2022 22:13:54 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
bamyk.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
200 OK 14 kB URL HTTP/2 bamyk.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type Web Open Font Format, CFF, length 13852, version 1.0\012- data
Hash 7b3b5f7ada337a9a61df97550c2d6c64
fbc1335ac8b6513f8dca47d0af28381b7d1261cd
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bamyk.com/wp-content/bs-booster-cache/c687e0520bfea088d88bd2c1589e3282.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:54 GMT
content-type: font/woff
content-length: 13852
last-modified: Sun, 27 Nov 2022 20:55:43 GMT
etag: "6383cecf-361c"
expires: Mon, 26 Dec 2022 22:13:54 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 12 Dec 2022 20:41:08 GMT
expires: Mon, 12 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 5566
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__fa.js
200 OK 167 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__fa.js
IP
File type ASCII text, with very long lines (688)
Size 167 kB (167237 bytes)
Hash 41fcacfa236f226a0a30a7a55a7d6ecb
ac8c44875a43c13ddf414b8734283658f22e0ebb
9615b1bd9a74949e98728e7ded9ac93c98217bba68559e87d014f2fb80cf8182
GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__fa.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bamyk.com
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167237
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 04:35:29 GMT
expires: Fri, 08 Dec 2023 04:35:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 409105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1168136680&t=pageview&_s=1&dl=https%3A%2F%2Fbamyk.com%2Fpost%2F366&ul=en-us&de=UTF-8&dt=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=141899819&gjid=1307785042&cid=2121592709.1670883233&tid=UA-168809918-1&_gid=218801800.1670883233&_r=1>m=2oubu0&z=1373026671
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1168136680&t=pageview&_s=1&dl=https%3A%2F%2Fbamyk.com%2Fpost%2F366&ul=en-us&de=UTF-8&dt=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=141899819&gjid=1307785042&cid=2121592709.1670883233&tid=UA-168809918-1&_gid=218801800.1670883233&_r=1>m=2oubu0&z=1373026671
IP
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1168136680&t=pageview&_s=1&dl=https%3A%2F%2Fbamyk.com%2Fpost%2F366&ul=en-us&de=UTF-8&dt=%D8%B5%D9%81%D8%AD%D9%87%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF%20%7C%20%D9%85%D8%AC%D9%84%D9%87%20%D8%A8%D8%A7%D9%85%DB%8C%DA%A9&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=141899819&gjid=1307785042&cid=2121592709.1670883233&tid=UA-168809918-1&_gid=218801800.1670883233&_r=1>m=2oubu0&z=1373026671 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://bamyk.com
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://bamyk.com
date: Mon, 12 Dec 2022 22:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168809918-1&cid=2121592709.1670883233&jid=141899819&gjid=1307785042&_gid=218801800.1670883233&_u=YEBAAUAAAAAAACAAI~&z=328682959
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168809918-1&cid=2121592709.1670883233&jid=141899819&gjid=1307785042&_gid=218801800.1670883233&_u=YEBAAUAAAAAAACAAI~&z=328682959
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168809918-1&cid=2121592709.1670883233&jid=141899819&gjid=1307785042&_gid=218801800.1670883233&_u=YEBAAUAAAAAAACAAI~&z=328682959 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://bamyk.com
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://bamyk.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 22:13:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamyk.com/wp-content/uploads/2020/07/%D9%87%D9%88%D8%B4%D9%86%DA%AF-%D8%A7%D8%A8%D8%AA%D9%87%D8%A7%D8%AC.jpg
200 OK 37 kB URL HTTP/2 bamyk.com/wp-content/uploads/2020/07/%D9%87%D9%88%D8%B4%D9%86%DA%AF-%D8%A7%D8%A8%D8%AA%D9%87%D8%A7%D8%AC.jpg
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2f4f71be9359bfa0934c550e59759715
ee82a7bd69b35e410588f18637370d3315b874f1
84873982db650b4d2c2a27e6c9d6f54639df327ea4b8a3af8c3d1c368bae1618
GET /wp-content/uploads/2020/07/%D9%87%D9%88%D8%B4%D9%86%DA%AF-%D8%A7%D8%A8%D8%AA%D9%87%D8%A7%D8%AC.jpg HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Cookie: _ga=GA1.2.2121592709.1670883233; _gid=GA1.2.218801800.1670883233; _gat_gtag_UA_168809918_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:55 GMT
content-type: image/jpeg
content-length: 37177
last-modified: Fri, 17 Jul 2020 06:42:13 GMT
etag: "5f114845-9139"
expires: Mon, 26 Dec 2022 22:13:55 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 15:56:40 GMT
vary: Accept-Encoding
etag: W/"636bcdb8-2063"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/bs-booster-cache/5c1dbe3b195dad5bc92b7da58544e2f4.css
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/bs-booster-cache/5c1dbe3b195dad5bc92b7da58544e2f4.css
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-content/bs-booster-cache/5c1dbe3b195dad5bc92b7da58544e2f4.css HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Sat, 10 Dec 2022 17:09:43 GMT
vary: Accept-Encoding
etag: W/"6394bd57-b754"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-video.js?ver=1.7.53
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-video.js?ver=1.7.53
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pwa-for-wp/assets/js/pwaforwp-video.js?ver=1.7.53 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 08:23:53 GMT
vary: Accept-Encoding
etag: W/"6392f099-3c9"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.5.0
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.5.0
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.5.0 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Wed, 23 Nov 2022 12:58:41 GMT
vary: Accept-Encoding
etag: W/"637e1901-1206"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=81582bdb254a94e4464424087c6479a8
200 OK 0 B URL HTTP/2 bamyk.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
vary: Accept-Encoding
etag: W/"636e62ad-17226"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Sat, 10 Dec 2022 15:14:19 GMT
vary: Accept-Encoding
etag: W/"6394a24b-98"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 0 B URL HTTP/2 bamyk.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
vary: Accept-Encoding
etag: W/"632879b8-15e54"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 0 B URL HTTP/2 bamyk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js?ver=1.0.12
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js?ver=1.0.12
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js?ver=1.0.12 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 13:14:48 GMT
vary: Accept-Encoding
etag: W/"637e1cc8-178"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/bs-booster-cache/c687e0520bfea088d88bd2c1589e3282.css
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/bs-booster-cache/c687e0520bfea088d88bd2c1589e3282.css
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-content/bs-booster-cache/c687e0520bfea088d88bd2c1589e3282.css HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Sat, 10 Dec 2022 17:09:43 GMT
vary: Accept-Encoding
etag: W/"6394bd57-de8c2"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:500,700,600%7CRoboto:400,700,500,400italic&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:500,700,600%7CRoboto:400,700,500,400italic&display=swap
IP
GET /css?family=Poppins:500,700,600%7CRoboto:400,700,500,400italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Dec 2022 22:13:53 GMT
date: Mon, 12 Dec 2022 22:13:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Sat, 10 Dec 2022 15:14:19 GMT
vary: Accept-Encoding
etag: W/"6394a24b-af3"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css?ver=1.0.12
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css?ver=1.0.12
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css?ver=1.0.12 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Wed, 23 Nov 2022 13:14:48 GMT
vary: Accept-Encoding
etag: W/"637e1cc8-80"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 11:14:34 GMT
vary: Accept-Encoding
etag: W/"633d671a-1f725"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 11:14:34 GMT
vary: Accept-Encoding
etag: W/"633d671a-5fa53"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Wed, 05 Oct 2022 11:14:34 GMT
vary: Accept-Encoding
etag: W/"633d671a-e8bd"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-content/plugins/structured-content/dist/app.build.js?ver=1.5.0
200 OK 0 B URL HTTP/2 bamyk.com/wp-content/plugins/structured-content/dist/app.build.js?ver=1.5.0
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /wp-content/plugins/structured-content/dist/app.build.js?ver=1.5.0 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 12:58:41 GMT
vary: Accept-Encoding
etag: W/"637e1901-838"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/favicon.ico
404 Not Found 0 B IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
GET /favicon.ico HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 12 Dec 2022 22:13:54 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bamyk.com/wp-includes/css/classic-themes.min.css?ver=1
200 OK 0 B URL HTTP/2 bamyk.com/wp-includes/css/classic-themes.min.css?ver=1
IP
ASN #48434 Tebyan-e-Noor Cultural-Artistic Institute
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: bamyk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bamyk.com/post/366
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:13:53 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
vary: Accept-Encoding
etag: W/"6357e86c-d9"
expires: Mon, 26 Dec 2022 22:13:53 GMT
cache-control: max-age=1209600
content-encoding: gzip
X-Firefox-Spdy: h2
185.78.22.73
34.117.237.239
93.184.220.29
23.36.76.226