Overview

URLclarotm.ir/
IP 194.87.23.55 (Iran)
ASN#212607 Saeid Shahrokhi
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 10:28:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert55
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
maps.google.com (1) 1899 2016-05-21 18:40:38 UTC 2022-12-01 18:38:11 UTC 142.250.74.46
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-12-01 22:08:56 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-12-01 18:17:59 UTC 142.250.74.132
r3.o.lencr.org (7) 344 No data No data 95.101.11.115
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 17:28:41 UTC 142.250.74.106
clarotm.ir (86) 559603 2019-12-13 19:38:17 UTC 2022-12-02 10:28:00 UTC 194.87.23.55
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-01 18:13:33 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
waregint.sirv.com (1) 0 2022-10-24 15:40:29 UTC 2022-10-24 21:15:43 UTC 162.55.133.142 Domain (sirv.com) ranked at: 48754
maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-12-01 18:12:40 UTC 142.250.74.3 Domain (gstatic.com) ranked at: 540
logo.samandehi.ir (1) 57597 2015-10-08 04:20:17 UTC 2022-12-01 21:32:19 UTC 78.157.43.149
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.208.31.97

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 clarotm.ir/ Malware
2022-12-02 2 clarotm.ir/ Malware
2022-12-02 2 clarotm.ir/wp-includes/css/dist/block-library/style-rtl.min.css?ver=01948f0 (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/css/woocommerce-layout-rtl (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/css/woocommerce-rtl.css?ve (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.cs (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-ico (...) Malware
2022-12-02 2 clarotm.ir/wp-content/uploads/elementor/css/post-4714.css?ver=1654069180 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shim (...) Malware
2022-12-02 2 clarotm.ir/wp-content/uploads/elementor/css/global.css?ver=1654069280 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/header-footer-elementor/inc/widgets-css/front (...) Malware
2022-12-02 2 clarotm.ir/wp-content/uploads/elementor/css/post-1317.css?ver=1654084531 Malware
2022-12-02 2 clarotm.ir/wp-content/themes/hello-elementor/style.min.css?ver=2.5.0 Malware
2022-12-02 2 clarotm.ir/wp-content/uploads/elementor/css/post-1478.css?ver=1654083985 Malware
2022-12-02 2 clarotm.ir/wp-content/uploads/elementor/css/post-1520.css?ver=1654077624 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce-builder-elementor/assets/vendor/s (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce-builder-elementor/assets/vendor/v (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawe (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands. (...) Malware
2022-12-02 2 clarotm.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-12-02 2 clarotm.ir/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims (...) Malware
2022-12-02 2 clarotm.ir/wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.b (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.mi (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.mi (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.m (...) Malware
2022-12-02 2 clarotm.ir/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.j (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce-builder-elementor/assets/vendor/v (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.sm (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?v (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ve (...) Malware
2022-12-02 2 clarotm.ir/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 Malware
2022-12-02 2 clarotm.ir/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 Malware
2022-12-02 2 clarotm.ir/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.0 Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky (...) Malware
2022-12-02 2 clarotm.ir/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Malware
2022-12-02 2 clarotm.ir/wp-includes/js/wp-emoji-release.min.js?ver=01948f06bd6073c353ad3 (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscree (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/lazy-loading-images-speed-page//js/jquery.min (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/nav-menu.4432c50d0d1f (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/search-form.bb4995a71 (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/woocommerce-menu-cart (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/load-more.382e5f9900b (...) Malware
2022-12-02 2 clarotm.ir/wp-content/plugins/elementor-pro/assets/js/posts.ec5203e2235ef58 (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 194.87.23.55
Date UQ / IDS / BL URL IP
2022-12-02 10:28:15 +0000 0 - 0 - 55 clarotm.ir/ 194.87.23.55
2022-10-25 16:29:06 +0000 0 - 0 - 6 iseokar.ir/tuoo/contractbrian 194.87.23.55


Last 5 reports on ASN: Saeid Shahrokhi
Date UQ / IDS / BL URL IP
2022-12-02 10:28:15 +0000 0 - 0 - 55 clarotm.ir/ 194.87.23.55
2022-12-01 22:15:44 +0000 0 - 0 - 33 imenkv.ir/?ss 194.87.23.15
2022-12-01 22:03:41 +0000 0 - 0 - 35 imenkv.ir/?2222 194.87.23.15
2022-10-25 16:29:06 +0000 0 - 0 - 6 iseokar.ir/tuoo/contractbrian 194.87.23.55
2022-10-23 15:31:28 +0000 0 - 0 - 2 imenkv.ir/wp-login.php 194.87.23.15


Last 1 reports on domain: clarotm.ir
Date UQ / IDS / BL URL IP
2022-12-02 10:28:15 +0000 0 - 0 - 55 clarotm.ir/ 194.87.23.55


No other reports with similar screenshot

JavaScript

Executed Scripts (58)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (125)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         194.87.23.55
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:03 GMT
Content-Length: 227
Connection: keep-alive
Location: https://clarotm.ir/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   227
Md5:    f750e0145ed3dfecadc3e15f5b088903
Sha1:   f9b8d9d2d7102d69d3756cf56b991c0911be12d2
Sha256: 29d8c7636c4cd933c0acccc34bdfda4b78b37de503a529467bbba69e32e635be

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4626
Expires: Fri, 02 Dec 2022 11:45:09 GMT
Date: Fri, 02 Dec 2022 10:28:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3365
Cache-Control: max-age=89954
Date: Fri, 02 Dec 2022 10:28:03 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:27:17 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9703
Expires: Fri, 02 Dec 2022 13:09:46 GMT
Date: Fri, 02 Dec 2022 10:28:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 10:19:55 GMT
cache-control: public,max-age=3600
age: 488
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: cM47jJGH2MnIM+9hQdCTye+2FaeuLmLbEaZIJIlzghQs3FMg5An+AA2YktG4S9DkboiUKIK6kBw=
x-amz-request-id: SCYK4QPNEKDDJVX9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 09:46:39 GMT
age: 2484
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 10:28:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C8BC515E7BAF4AFFC7562B5F5CC6DF9A465CA3171B58ED2B2C680B333222CB79"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Fri, 02 Dec 2022 16:27:09 GMT
Date: Fri, 02 Dec 2022 10:28:04 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 10:08:57 GMT
cache-control: public,max-age=3600
age: 1147
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://clarotm.ir/wp-json/>; rel="https://api.w.org/", <https://clarotm.ir/wp-json/wp/v2/pages/1317>; rel="alternate"; type="application/json", <https://clarotm.ir/>; rel=shortlink
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Size:   28629
Md5:    bdc055b9d5c4866c9cdb25783bad4200
Sha1:   dba9cb759f8efc2b6ee7ae32f0ad06e01eee0061
Sha256: 77fdaceba7e86900c9e8eebee689d3e85792661d487f73ed53b90872a0180a4e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3375
Cache-Control: max-age=171305
Date: Fri, 02 Dec 2022 10:28:04 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:03:09 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Jul 2022 14:27:36 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   12003
Md5:    9eef717aa091236360df703e73ba6a57
Sha1:   ddd2c70e8c8d0559178d33c4e42b2447dbe2e052
Sha256: 4417b82cab3ce9376676d8c0d927f0994423f5f1270ddc277b64cb9c09441b08

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   323
Md5:    b24c24b7da3ffeed6ae8ade102a4d317
Sha1:   c4445b3977ce704b927508108e100213eea67a3c
Sha256: 5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4933), with no line terminators
Size:   1288
Md5:    f6324b88fd5016f53e946eddb82829c4
Sha1:   0e8532aab6935b2d34f9a1ad6da1153d21d85188
Sha256: 025907c353e06cc02dc059a5530504c6814c38008dc9a479511083c56169e493

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h0a60SsCVFhtfb+B2/ZXEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.208.31.97
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wVgfSDW97ymt3fmfSnAt4LGQHSI=

                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout-rtl.css?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (17812), with no line terminators
Size:   2574
Md5:    2cef7411c3c794db25a729f7e5b1e77a
Sha1:   f70e5b25a5126d9741346e5dd0163403a50d8112
Sha256: bd2b03ecc05f159c2b2934d710b1c9926b3f3c20fcf1940ed351f1b7f9e29da2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-rtl.css?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62799), with no line terminators
Size:   9089
Md5:    0cb01641b02baea7ada6134312a60e7b
Sha1:   b83dd4c8990bd26de7bb516fcfc11f6f31c2a9fd
Sha256: b8b019c45a9fba18a2ff9abdf5ba2b5f11448147737e5ebceaa1dc0d1502675e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   12840
Md5:    5d16f3a0c9241427c8d9846b0893df91
Sha1:   37f4fafa6d1e7f7c6b356c5c06742234ff8de3e2
Sha256: 3c54827816cbe6b788eeea9af9c6489dfdf6ab5afcc5d274be6aa77abd80c69b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (19004)
Size:   3934
Md5:    1a30ec6b759c352aed6d84e42e9312cd
Sha1:   e72d9ae275c3363b95ef394f2b877c0cdad1037c
Sha256: a9e0bcb333e06b60c6d5a2acfd5c157a9770433ee54e0f196b315e7e2bfff91c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-4714.css?ver=1654069180 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 07:39:40 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1277), with no line terminators
Size:   456
Md5:    84d6719ce3f821a3c02ac13874c11a45
Sha1:   bb1aeccc582536ff33b9f57bf612fc26abf237ba
Sha256: 6c5e19b37e1c1655e9dbc58e8f97e6589c834ded0e101c91ecc28f0e467b3ce6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-rtl.css?ver=8.0.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   23134
Md5:    7525068ff8fb0c4977a5641ab7245e83
Sha1:   138a81be8992002e8079d1a51f0ae370a0ca625f
Sha256: 42b0f384497f0fbd75a375267d552163037ef0f0fd2461bfd0da5d7c4388c85d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite-rtl.min.css?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (11361)
Size:   1675
Md5:    f121a24d00376e5d39c2ec3aa929a55b
Sha1:   a39bdad25dd5a70127dccb53e3f0a166b095a769
Sha256: 63cf32d2c7f2c841ba2b4cd0b5b7e42cda5f22c4f44debba6d88519778bd29c2
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12898
Md5:    15f654c4aff00b5e1e5c547242050a93
Sha1:   81bcb3f52469eae64ad9493fd9bb499506797325
Sha256: 4329f344a3a01e60369de829d257efd941d0acec24ded4b24e00d80d2ea151cb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (26516)
Size:   4263
Md5:    b4703b6e3e66c5345a657deaee014d2e
Sha1:   00057b66a50d858589d0a25b271e9d52dd3e2fbf
Sha256: 525945317ce584b4a811462e9f9597b4932cdc7b0bf90e284167150eebac9cdd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1654069280 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 07:41:20 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (34121)
Size:   2383
Md5:    ac0697ecb0c73afeccad1c11ceb4b947
Sha1:   c9bdc097fb43ae6d69854daa6b58ef9ac8d5787c
Sha256: f45899210d4e2b994588afcd53e54d4b49f4fab99f92a9d3225b2b0bca4a4f8b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1646)
Size:   8169
Md5:    5058ccb01a644fb33d719d80cb3ac27a
Sha1:   75ef60a4c0a3ffc703d21e8076802f4f0aac901a
Sha256: 3613bbc6fab4340d6db077b6ac33e135efef86fcaaab646ec903476ec24c2493

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-1317.css?ver=1654084531 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 11:55:31 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (51784)
Size:   4701
Md5:    499cf1ca3015474f206236a89663a93b
Sha1:   f04abdaaa519bb4c2a5a668653484f8ab6a581d7
Sha256: e476b1c6305a9cb0ac7d26bfdade6ace739a7eef865eac30dbac105b42f62da9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/hello-elementor/style.min.css?ver=2.5.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5839), with no line terminators
Size:   1867
Md5:    b2c7457f2b3e397b008c7f0f2185e214
Sha1:   f1240a82934dbcf4e303da9f6467d07e5158e631
Sha256: 620618670584dfc69fd28dcb83f30c3e5bbbcc3dec76f7827464a4329af2aab8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-1478.css?ver=1654083985 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 11:46:25 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7328)
Size:   2722
Md5:    0d67f85f0d877b82be606d96d91717aa
Sha1:   511302b9f799a8ee3b793aafe01f10d68bb9aab7
Sha256: dae0042dbc7d220fedebbfb2c6238a3b98fb71cf426f89e6285bb813f6b6d46e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-1520.css?ver=1654077624 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 10:00:24 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (18009)
Size:   3185
Md5:    139bb00b044d4599f6f1f4c762223dc7
Sha1:   76668adb9d062c8672396ced8407303a64efe867
Sha256: b7bb0d98d17607ec8595b42b6fc2ebd0fc434f3bfc6d3c94e9296d825b302003

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/vendor/slick/slick.min.css?ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1276), with no line terminators
Size:   480
Md5:    583786ba2058de39e3be7aab35d92a6a
Sha1:   8f42f3471138c137cd17460fd2fe0d96a6946fe4
Sha256: 868b8b7aa0660faf7014cbfb5b97ec9f038fcf7a537fe4f0edebd5e878df90f9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/vendor/venobox/venobox.css?ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15397)
Size:   3092
Md5:    2f6803262d022fc706c3b57593b23e27
Sha1:   bc0c46c3648b66977eca4b7f18835474e6c03bb0
Sha256: 5ffe28a0fe8c8594b0794e52bc3578cc7e9329e9668a80041033b7e3e48c69e3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/css/style.css?ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (22927)
Size:   3184
Md5:    bc5a5e5d40dd122b5c162ae82096ae83
Sha1:   b4f2c3b64bcad852d5b27db22de0f2d5f315cde8
Sha256: fe92f0c05b7869ed92c55ef503eedd00e41194ac9e81682894fde25441e1626e
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12610
Md5:    61f0b6f2f488aab66af028aedbb7b530
Sha1:   4c07551e0d95f16b38e03c2de75e1bc3fc19fbda
Sha256: 24c98c285ef755ef963e14b235f2d9594a3da50689a5150e9984c75a0ed01b21

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (489)
Size:   308
Md5:    0a08469d24387f830bbaaa00b3c228ae
Sha1:   01f5dfeb8f93a32c9a8f66fe5940758109771fcd
Sha256: 3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4176
Md5:    5f0c7c68ce291948081d8bc40b311a4d
Sha1:   52e9e66db13df06a18cb59905195d45ee80e466a
Sha256: d0f639afed36e6a912a17a467beb71c7f3976cc9cfba3d105a76e985c487e62f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu-rtl.min.css HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (29128)
Size:   3537
Md5:    f4d6b6f5a80bf01e17927999ac2058e6
Sha1:   a51b499c8e3af76fce6dbbfaed8c72e7f085336a
Sha256: 87a5999244b3b9a5296c0b21ee4ebf4412e37df8357e5aac80330a46e0bcfad8
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31148
Md5:    0e12e8ad50f470e9a500e00b739965c2
Sha1:   505d806a166278dd2e066b5e00952dd4dfc9605f
Sha256: 6d3c4243e698d8bf64940fa1295d60edc1add8c7b733048b1ff7cea9b98380d8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-theme-elements-rtl.min.css HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (11953)
Size:   2111
Md5:    5a4e7011a00aac70c5d159e0409b4211
Sha1:   b8e32a713503b599eb65e6a50ffb0d19e57db01b
Sha256: f6cd1ad8dcf7ad79a24ba0cd2ae5713545ce4b53f447fb02049877bb5d0169f7
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (14869)
Size:   4229
Md5:    a24d7b070b835904a63304fbdc815e94
Sha1:   fed10b0d944f3a7679429ba89de24206d37dd162
Sha256: 1b83b1c27e48de701457142bfa4aa8fc7102bd18a98e5eaff570cc52c0b78e18

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 10:28:05 GMT
date: Fri, 02 Dec 2022 10:28:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2015
Md5:    1937d834f653e039d729ff4985a24ea7
Sha1:   1e73326f229953b1fe71b191b9261d82bb28b86a
Sha256: bd65d47bbf0f48016555a1ad85b755bc1d0527d51f68fa79b28dfab20fdd0023
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-posts-rtl.min.css HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16025)
Size:   2593
Md5:    ce5d1f47f4d8943a8c2ad370c12c5e4e
Sha1:   f6db18a05ba74894679c54d669de48304aa1acba
Sha256: 41a0579af23ffad248ad394ef95370f14e4d2b6410623900be1335c0857d77a7
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-woocommerce-rtl.min.css HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   15749
Md5:    7e66379447194ce1ccacbb8ad35a8d06
Sha1:   a1b950a871d51af046ae5f4f582822b286fec757
Sha256: 0ea559efdcfd0584b987bb4c127aa82addf2fd3323b2e8c62c8c688afc2e3d83
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2631
Md5:    c42d43078a3ff558042b6ec80c66a086
Sha1:   fd8951772644a8b4c30111eb74f33fff40d4e095
Sha256: 050daa68d90726ceafd44b1eb12565fea6845bb17cce63464effd28199a0df61
                                        
                                            GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.5.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15346), with no line terminators
Size:   2626
Md5:    2db508458d3bd60167fcead60712a56b
Sha1:   dfbda9e82d04d8ae14a7750e4f2344aed856f949
Sha256: 1824b17e576f445c43e5f00fa38d62bb673e019002a324a3d3d93cd6c0813115

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9115)
Size:   3510
Md5:    727f1e2c0929710d36f7b3d245e403ad
Sha1:   c5eff16ede303e476bcc2608f27c56e73e501a1c
Sha256: ee715e11307f669dbea289101ffe3771f0338aa73dde595a26dd1d1eff04b3db

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (3037), with no line terminators
Size:   1088
Md5:    72b7b609806447158b2ed1d2fbe95030
Sha1:   de7f3144b6fbaf1adb8b85cc1bda524d410f27be
Sha256: ae0a40e9b87c57cfb1d95284d1e3ee07e261dcfd3fe3d0ba6998e05efafa8d53

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   982
Md5:    e66463f2023b738680c9bdefece69a37
Sha1:   315dc8e6ebdfb18c662851244ee33e2758ad3c83
Sha256: fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   794
Md5:    50a068dd64a5c9f112e56850b52aaf21
Sha1:   8bc6cf0acbabf47f01cd2e256284bba23eb532fc
Sha256: 0f1570edcf461c1413534c142a5e7fef16d87701ae798c91da0e27b7796c3a26

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   1042
Md5:    4e34cbd897375ae38364102a460bffb9
Sha1:   717333b42169a087e13d69a4e3ee169ed493ebfe
Sha256: 6fbd7f385cd635ee6652fd28b762c68f698f6e82f28ee38d8eab88c82ac90a38

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   309
Md5:    0ea43e394ddaae5fdb710dbbc8869e58
Sha1:   3b0c93adc80720236096201db5cc2751e703996d
Sha256: 85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3113), with no line terminators
Size:   1010
Md5:    a491b2ebcf30fc12bf807b3f1f569c7d
Sha1:   8d37ed2443f2db4271c05858a70c451cf5af543e
Sha256: cfd1e69a7a80c9c84342eaf8ae3b6d6d199d217ae5110b3231cec9098a9cba21

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/vendor/venobox/venobox.min.js?ver=1.8.6 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (11070)
Size:   3681
Md5:    51c7cff2832f51989d1d1956547648a8
Sha1:   171724193587a26362068c98fed54839aeba0afd
Sha256: aa3402bf325af4ca3f1ada3df0cb3a7e5321e0abe3689721714f3f5e3bedef0d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/js/script.min.js?ver=1.1.6.6.1 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3276), with no line terminators
Size:   1065
Md5:    9a79d74c17871f91cd63fdad8ab717df
Sha1:   a059b9d1ce7724bc05ba037ee44432178178ef44
Sha256: 0058e3641f05672c0c66c4124c226cddcada4a5fb38026642fc9585bdc71083f
                                        
                                            GET /wp-content/plugins/woocommerce-builder-elementor/assets/vendor/slick/slick.min.js?ver=1.8.6 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:59 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   9865
Md5:    222e8ad0ac0f8e5419048a407714b9be
Sha1:   baaaa008572500286b7b58db30951b8c4fed4902
Sha256: 8ec1f2d5c362f696e3b6ad9c6604521dc2b1c0ca0aa33915dcd6b6d654b0e130
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps?q=%D8%B4%D9%80%D9%87%D9%80%D8%B1%DA%A9%20%D9%88%D9%84%D9%80%DB%8C%D9%80%D8%B9%D9%80%D8%B5%D9%80%D8%B1%D8%8C%20%D9%85%D9%86%D8%B7%D9%82%D9%87%20%DB%B1%DB%B8%D8%8C%20%D8%AA%D9%87%D8%B1%D8%A7%D9%86%D8%8C%20%D8%A7%D8%B3%D8%AA%D8%A7%D9%86%20%D8%AA%D9%87%D8%B1%D8%A7%D9%86%D8%8C&t=m&z=10&output=embed&iwloc=near HTTP/1.1 
Host: maps.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Fri, 02 Dec 2022 10:28:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1z2LTZgNmH2YDYsdqpINmI2YTZgNuM2YDYudmA2LXZgNix2Iwg2YXZhti32YLZhyDbsdu42Iwg2KrZh9ix2KfZhtiMINin2LPYqtin2YYg2KrZh9ix2KfZhtiM!5e0!6i10
server: mafe
content-length: 389
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   389
Md5:    7933d2c4469c08f1f74cd0b994625623
Sha1:   41f380f5065eacc35367cee7aa8817ad8f6b9986
Sha256: f63dbdff8b0e85fcbe883f10522898fd76f70f8c529b1744d8508d8c6dd75a69
                                        
                                            GET /wp-content/plugins/lazy-loading-images-speed-page//js/instant.page.js?ver=5.1.1 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:57:43 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2783)
Size:   1176
Md5:    2d1cbfce471115bb56975781218816ab
Sha1:   b089b18726b0798584a25b4cae971b72e3c5f1a3
Sha256: ebe2313813239ce4ee51fc7665a328c5e039daa2082f3628e5d9da2c0a1c6797
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (25115)
Size:   7238
Md5:    480b1f84b050f680672b0d8aecaef109
Sha1:   9887a605aa9c322a4592d91901e7dddb8237fb4b
Sha256: 4b3804273ceef5dc8b16258a4838d9b9ad2723e9d9bbac323fcd48a67dbd48fe

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5059)
Size:   2328
Md5:    a0abcdaeae888ed7c077907ef8e31527
Sha1:   6e3d200a327214b5cea63c83dc76b69fdaa2872b
Sha256: 8d1c0f694a8563f2e8d1269ddeee6042ba9fba97b65f9081837a20693661aaeb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clarotm.ir
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:53:49 GMT
expires: Thu, 30 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 142456
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (14196)
Size:   4643
Md5:    4c3b58330d0bde25b0c04fb26a053a83
Sha1:   3679625cc632f45af09f0fca4b1e432f0b882249
Sha256: bfc54114330d3569c4310ef6d1370ba8647c7a26ff09db44ccac41cc8164c817

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4866)
Size:   2166
Md5:    2e9f4e67148f4b729cf5c0ff08bbc07c
Sha1:   ae7b26fabe939afc5a6b3dd0affadd7b1aaa5320
Sha256: f6a4ecc1e920b0cdfc85e517680fdd063ea464a524b5e10c474067fb8ad8aedb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2458
Md5:    9334d4eb7bb2e5e06eb0d25ae44e4d56
Sha1:   65429a16fb638254327e8ddbe6c8d17ca8792dbd
Sha256: b570a6cd7931c189303d8c9f06c1fad60df6de317e1731ace9bdd8e8368c3987

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 10:28:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /iseokar.ir/fonts/Dana-Regular.woff2 HTTP/1.1 
Host: waregint.sirv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clarotm.ir
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.55.133.142
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Fri, 02 Dec 2022 10:28:05 GMT
content-length: 27488
last-modified: Sat, 12 Mar 2022 09:52:28 GMT
etag: "622c6d5c-6b60"
server: Sirv.Imagination
x-sirv-server: c1-extra2-fireball-12
x-sirv-cache: HIT
access-control-allow-origin: *
access-control-allow-headers: *
expires: Fri, 09 Dec 2022 10:43:05 GMT
cache-control: max-age=605700
x-sirv-shard: c1-riak5
x-account-id: 4zwxbi8cpgt09cw3xgjla01klu8v9o8e
x-file-versionid: 9rCGMK58DsZvnFIiK5abw86Vu0LC4bUa:0
x-account-serial: 2022-03-01T16:36:58.720Z
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27488, version 1.0\012- data
Size:   27488
Md5:    f647057258ebbb40518a622f46917cfb
Sha1:   e4a5df5914dfb3194d09a833c2bafc563b804390
Sha256: 43506011403b3580fa54098d0f4ae416e8ea1696f0cf929671a4e27fca0d835b
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7150
Md5:    fa8d1e7c141c0f31aabb13355408b855
Sha1:   377e36134062b656dded9aef080ccb5a8fce5f96
Sha256: 1f5ccb57cd7fb1253645b4294b7b5e1269bb463bd8dc9d589773fe7b95d4a3af
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2022 15:12:47 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   3866
Md5:    8e8c4bb3226726116fca650b69913948
Sha1:   19f45c48d05365ad540152d0aab443918cf6b7b5
Sha256: f3c4e66e2c23a28ecd4a9bd12d2f33b7bbc309568bcc3aff7a68634e7fbf5041

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1664
Md5:    ef00261f40b321b8b213fe7e9ad99fbe
Sha1:   95819f46d10b56eb485a69508c7189bcc1a16a09
Sha256: 54c9e2f156a47c0d7a8ee04b8881ab32db64820dc7077b1788f530645ee19bde

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (20468)
Size:   5449
Md5:    0e992684a12ff6ec919adcea13c72933
Sha1:   361ded275fb17a9771bc01f15a33ac5b0951ba45
Sha256: 52605c8a3c419719d0e56878bbe75308973b890740c9d31e24b66745bde5a0d0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   3015
Md5:    e65ea0438473fb6374955fee1f3eba50
Sha1:   b9dba5f666e935feb1f8d2ef7603498c4fc41084
Sha256: 6d9426074ca65faa87b9b2a31d90558edd3f2e99bd1395be93386e2365c07a42
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6934
Md5:    9c593d755dbdf3a431384342bc3518b4
Sha1:   daf916d960acc3b6bed753e3efb10089e60644da
Sha256: aeebc17c48898a6d5355cba8d1bde529a0abb970449ac1590636c0d592ecabca
                                        
                                            GET /maps/embed?origin=mfe&pb=!1m4!2m1!1z2LTZgNmH2YDYsdqpINmI2YTZgNuM2YDYudmA2LXZgNix2Iwg2YXZhti32YLZhyDbsdu42Iwg2KrZh9ix2KfZhtiMINin2LPYqtin2YYg2KrZh9ix2KfZhtiM!5e0!6i10 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clarotm.ir/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 02 Dec 2022 10:28:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PYv8IQ7TX5LZKngp_5nT2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 979
x-xss-protection: 0
server-timing: gfet4t7; dur=248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1620)
Size:   979
Md5:    ebcc99ce040a6006bc9bbaeb6f8216bf
Sha1:   a19420e9ef792ecf66cf16c77df8738b6ca8cb52
Sha256: b82cfa15200c93db502d43008760806edc503c9b89300453a08f532b52682790
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.5 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (36850)
Size:   10874
Md5:    10b9d0830b30f2d41ecd348dcee699d4
Sha1:   912f7a3b4dba7df35be682e7265b9265210c9804
Sha256: 28baae5c5cd37b4ec296f81c918da21ce07ea950485519039605dd6540a48c01
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3235)
Size:   1361
Md5:    77aeaf36d7f484bfe0e93cc63a2376aa
Sha1:   ff5f153c9258a13aad0bfa24b56bb2435d92011b
Sha256: c41264b58d773a7dfc3e60ebc92f300771c2ea8c05e33f394102ab1192019fe7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 10:28:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 10:28:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 10:28:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 46398
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11087
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 10:28:05 GMT
Connection: keep-alive

                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1839
Md5:    e1fdb3ba093840a443bf861b156cafa8
Sha1:   e9d396924b7f3abc4d8cba96b43c13cf59026f54
Sha256: 38d85e0599d5111f613c959029f36e1c8d4f24325dff99a9fcf075ac9c516469

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/lazy-loading-images-speed-page//js/lozad.min.js?ver=1.16.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:57:43 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1499)
Size:   1257
Md5:    f97ba71c71552e775cd41f5e63b75a26
Sha1:   a1dd1958a3f35908b30b6d49670eafe99c3eb7e4
Sha256: 9d176528bc52dce280506af30e61d45a6ee0bc2aecfa2e939090b8b3de8bce1f
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=01948f06bd6073c353ad330799f739a4 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5083
Md5:    8592048ec656e41d4797240e7df5ac38
Sha1:   5ed5d9f50f67b9283dc78d0f0ad9e4ab53af595b
Sha256: 0865155ebddd7c505b677182ab113cc5f1ba66ccc7bd085c3aa8f94403fdc6cd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 42895
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7334
Md5:    498ab4412ed5cf977bc23e4e870894b0
Sha1:   23753fe8af09ec8ffa10eed4d201a71833885c99
Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 43679
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15495
Md5:    82ea44d6cb116fb1f5752ce9bb87e345
Sha1:   f799dfd89a4f5a452dc837b8616549f578fb4184
Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 34391
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 45609
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6882
Md5:    25c68d8b1fae82820f93efca500fd848
Sha1:   45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
Sha256: f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 75457
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8863
Md5:    156e9ea97b774cbd8361072e4041b6c8
Sha1:   fc71ae3cae92ed6011904bb2367f23bf4e69fab4
Sha256: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
                                        
                                            POST /g/collect?v=2&tid=G-PXT4W1F88K&gtm=2oebu0&_p=1318411214&cid=490344127.1669976884&ul=en-us&sr=1280x1024&_s=1&sid=1669976883&sct=1&seg=0&dl=https%3A%2F%2Fclarotm.ir%2F&dt=%D8%AA%DB%8C%D9%85%20%DA%A9%D9%84%D8%A7%D8%B1%D9%88%20%7C%20%D8%B7%D8%B1%D8%A7%D8%AD%DB%8C%20%D9%88%D8%A8%D8%B3%D8%A7%DB%8C%D8%AA%D8%8C%20%D8%B3%D8%A6%D9%88%20%D9%88%D8%A8%D8%B3%D8%A7%DB%8C%D8%AA%D8%8C%20%D9%BE%D8%B4%D8%AA%DB%8C%D8%A8%D8%A7%D9%86%DB%8C%20%D9%88%D8%A8%D8%B3%D8%A7%DB%8C%D8%AA%D8%8C%20%D8%AE%D8%AF%D9%85%D8%A7%D8%AA%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://clarotm.ir
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://clarotm.ir
date: Fri, 02 Dec 2022 10:28:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /maps-api-v3/embed/js/51/2/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:46:01 GMT
expires: Thu, 30 Nov 2023 21:46:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
age: 132125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   69315
Md5:    ed2723b79bc5eab77a130d1494114fc3
Sha1:   868e33258f37face8b5d0fe4420632505c1d25be
Sha256: 4707d296c9f44bffe17c3b0a98ea5ce6f0e83cf700ba691ede674daf6f6b4443
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Content-Length: 78196
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size:   78196
Md5:    e8a427e15cc502bef99cfd722b37ea98
Sha1:   a9922842a120a7f1eaced667480c5e185a106d69
Sha256: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clarotm.ir/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:05 GMT
Content-Length: 76764
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size:   76764
Md5:    f7307680c7fe85959f3ecf122493ea7d
Sha1:   fce0da592a3e536d6d5df5b50cb513398d8c5161
Sha256: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen-rtl.css?ver=6.8.2 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Sep 2022 09:55:18 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (7046), with no line terminators
Size:   1178
Md5:    0063b740349a1dfd304959023cefde6d
Sha1:   1a26afde03701bfb728c8b5cd3001cca804b3e12
Sha256: a5573ed4101f750eaa00a1eb81f63164cc989fbf96193f448f748307bf897ac6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/05/logo.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 12328
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 535 x 490, 8-bit colormap, non-interlaced\012- data
Size:   12328
Md5:    0e390f2b73e14e3248e8a091fd0a9ca2
Sha1:   1076f3722ffb9301a5b3dd3ce4d7e8c8fade5274
Sha256: d145cd231d318cebda017395450ec65d0ea2c9d88b33be09dde3efc42fc5104e
                                        
                                            GET /wp-content/uploads/2022/06/image-1.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 96816
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 729 x 729, 8-bit colormap, non-interlaced\012- data
Size:   96816
Md5:    c9689c8b5e64207a2dbfdce0987f081c
Sha1:   f1232f4fb0bf41563ffa31ddca5a311dfb061502
Sha256: 0000ccf0f35f4c2a8eef8628c0a937f3a2ecc11617e73c00b81ff57bdaa8e74c
                                        
                                            GET /wp-content/uploads/2022/06/undraw_Security_on_re_e491.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 40283
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 596 x 419, 8-bit/color RGBA, non-interlaced\012- data
Size:   40283
Md5:    abb9eeb90e5f2161249d7a1865cb9122
Sha1:   5c9f2944bfdd27a949182fd6fff3440bda185401
Sha256: c87c3848d3b06b591ed522f31cfe48ab521d9275478d2871cba3d875a973ad39
                                        
                                            GET /wp-content/uploads/2022/06/felix-mittermeier-ihbqhutI9x4-unsplash.jpg HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/wp-content/uploads/elementor/css/post-1317.css?ver=1654084531
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 346449
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size:   346449
Md5:    ce8ac2f2b1efe98b0f212d60c4ca6515
Sha1:   1d6a10ca76291a2a0850507c80ec4ee5ca31d099
Sha256: 96be95741dec136f4171f7242e0c183ce67a1c21e200f757e63e583976784d63
                                        
                                            GET /wp-content/uploads/2022/06/undraw_appreciated_xcjn.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 41607
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 504 x 495, 8-bit/color RGBA, non-interlaced\012- data
Size:   41607
Md5:    61c328e75da3d919d251a88b614e444a
Sha1:   1fdce28b96ce606adb70142990b3510237772d61
Sha256: e401cfb4cbc2b577d36a9465ff5f6536dcc341cdb7944d9f099cb8bec93703f5
                                        
                                            GET /logo.aspx?id=224820&p=odrfodrfshwlaqgwodrflyma HTTP/1.1 
Host: logo.samandehi.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         78.157.43.149
HTTP/1.1 200 OK
Content-Type: image/png; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: PID_=1703245797847785043886035837; expires=Thu, 02-Dec-2032 10:21:54 GMT; path=/
X-Powered-By: ASP.NET
Date: Fri, 02 Dec 2022 10:21:54 GMT
Content-Length: 18156


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   18156
Md5:    74dcd956387c2981d84539dc03e36c99
Sha1:   435976122a88b022854dbdd4eca2914189fd85a7
Sha256: 503ac4097f3381f74c31fa5b6d05638943d97de46442372e4a74463630252c1c
                                        
                                            GET /wp-content/uploads/2022/06/graham-holtshausen-fUnfEz3VLv4-unsplash.jpg HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/wp-content/uploads/elementor/css/post-1317.css?ver=1654084531
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 544989
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1282, components 3\012- data
Size:   544989
Md5:    79a51231c665320a37ec874cfb070ad3
Sha1:   db6948c7d858416d724db64ec1d0909404bbce15
Sha256: e876c5581df1d56931b1a071e44266fa3878f0c11de3ccff8d7bf02a8e918205
                                        
                                            GET /wp-content/uploads/2022/06/01.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 60562
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 595 x 419, 8-bit/color RGBA, non-interlaced\012- data
Size:   60562
Md5:    b359f99941648dacaffba3be54c6d0c5
Sha1:   0afcff5a1adda1efd5e16a6408b52949e5e4c3a5
Sha256: 50bd924b8a56ffdacc43c35c05f4f568b641bee5e582c0f23ec9fc05bcc1d489
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clarotm.ir/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:06 GMT
Content-Length: 92216
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 92216, version 1.0\012- data
Size:   92216
Md5:    70ffaa0b941707c09d1cbf69280d1424
Sha1:   fc3d9db08411484861c93dfe7c257bff8fe13b74
Sha256: 41e3c2c7e1af8d05bd4195d6241a16334583d6280f4ab41209aa3880bea50994

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/lazy-loading-images-speed-page//js/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://clarotm.ir/wp-content/plugins/lazy-loading-images-speed-page/js/jquery.min.js?ver=3.6.0
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 140040
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:07:32 GMT
expires: Thu, 30 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 159636
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   16178
Md5:    2853325373e1c020f4defa29faf36e77
Sha1:   ebeb0f817eb4b20f8730fbd68b922d50744ca982
Sha256: 733602161913dbe8187e7b17d111400018ee91d756fede5e16eb881973513fc5
                                        
                                            GET /wp-content/uploads/2022/05/cropped-logo-32x32.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Content-Length: 1814
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1814
Md5:    74cbe45067ca9c9143b8636f3e686233
Sha1:   ff4040f3ba65a59d6f07f1ef443fbabfb0728dda
Sha256: 7ca09e113690421ec8885310c40167e9d14fae252e955642a548c5709bea245b
                                        
                                            GET /wp-content/uploads/2022/05/cropped-logo-192x192.png HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:08 GMT
Content-Length: 16623
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 01:18:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   16623
Md5:    8d096884b7ca908646e03799943a86cf
Sha1:   ad129505b5f513131493e84eb66cad4e135573aa
Sha256: 7be69c0daf78d2f296b13cdebde418a01b18f7ab44d4e615d80dce9b5a5f517a
                                        
                                            GET /wp-content/plugins/lazy-loading-images-speed-page/js/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clarotm.ir/
Connection: keep-alive
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://clarotm.ir/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Size:   18552
Md5:    164b42e7a450fef9ad88a983c07b502c
Sha1:   6d56581c8d910bdcaf1862c380f2ab9e5e82b91e
Sha256: b4cabd7a0d74bfddc34a8a4690f1fabe72ece5bad7267b31a0bd36e99e77edea
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.4432c50d0d1f64da9d7c.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3201)
Size:   1260
Md5:    6cf0174d73112227a19be775ecd042b8
Sha1:   2083a6942f343b41850fe8ecb4e1f62d2b19986c
Sha256: 6a806124a7231316a60a445cd9e29c56d5d8920d7f8ab5d02376211108859537

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/search-form.bb4995a71b0601723450.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1869)
Size:   734
Md5:    cd0b1a089b31d31ddae5d4bd20405f06
Sha1:   d2c526ea16690b9550947519380b86a2453f10c7
Sha256: 862f9f0e88e3aa3d406983eb88cc2edfce93a65d61ef58f054ddc90aeaf005f6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/woocommerce-menu-cart.afc0d0048e5096712e69.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3909)
Size:   1291
Md5:    45fe1160cab72f09a084a28bb8f1122c
Sha1:   eb66f9ee39eafd715d96bd2dca42c83546f858ba
Sha256: dcc574ca0b72a02ffb1828541bed6e3a3fe5b9c8d6cd3081d2783d04bb8addc2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:18:00 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1316)
Size:   660
Md5:    2ea7da28e4cb8b4583c695e29adbbe13
Sha1:   3661204874da32f76a44058d10d79c4c4bf3b474
Sha256: 58fc430620895a08a3e2ea26add9fbd2329de60d6593f8ef26b4f6a9a70960e6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/load-more.382e5f9900b20456ebc1.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4301)
Size:   1305
Md5:    2e10fbdc76066007df7ac8c7c8907d4f
Sha1:   1ff4e9fdcb8818af54adddcc008e8b025f7a57e8
Sha256: 11201fd61c7ca765e694358a0c374787bea2c91e9542d448c57320716e0bb026

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/posts.ec5203e2235ef585d19c.bundle.min.js HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 01:17:54 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3088)
Size:   1233
Md5:    ea7901b257e6e74abe0a8299383224bc
Sha1:   d0c51297ba432cb6b2fcb3c75e6af3d02a10d91e
Sha256: 11d4a67346e593238312ea0629e99b7dc6649193b0c4f34a1986289cd77ef2a7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/08/%D8%A2%D9%85%D9%88%D8%B2%D8%B4-%D8%B3%D8%A7%D8%AE%D8%AA-%D8%A8%D8%A7%DA%A9%D8%B3-%D8%AA%D8%B5%D9%88%DB%8C%D8%B1%DB%8C-%D8%A8%D8%A7-%D8%A7%D9%84%D9%85%D9%86%D8%AA%D9%88%D8%B1-300x300.jpg HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Content-Length: 10403
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 12:21:46 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Size:   10403
Md5:    e6a734be036af0c9dec2693e8bbb0d50
Sha1:   992bc4ba5f6d6240836497b25dc7a60a3684961d
Sha256: 48f8b8901e0eab25a68bb580a11e0e74e26fae60f2ffa6ab6c26f1fda20be2e6
                                        
                                            GET /wp-content/uploads/2022/08/%D8%B7%D8%B1%D8%A7%D8%AD%DB%8C-%D8%B3%D8%A7%DB%8C%D8%AA-%D8%A8%D8%A7-%D8%A8%D9%88%D8%AF%D8%AC%D9%87-%DA%A9%D9%85-300x300.jpg HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Content-Length: 14638
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 12:27:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Size:   14638
Md5:    d9a20d7a8d53b60e0e22d7087c3d14dd
Sha1:   94a3a5116e559eaf32ef8e05cfb67d2d66e98e28
Sha256: f96fdd90e03648fa7d209eaa83a649416309e2140a0ba0b69e529c47017c71e3
                                        
                                            GET /wp-content/uploads/2022/08/%D8%AC%D9%84%D9%88%DA%AF%DB%8C%D8%B1%DB%8C-%D8%A7%D8%B2-%D8%AD%D9%85%D9%84%D8%A7%D8%AA-%D8%A8%D8%B1%D9%88%D8%AA-%D9%81%D9%88%D8%B1%D8%B3-%D8%A8%D9%87-%D8%B3%D8%A7%DB%8C%D8%AA-300x300.jpg HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:09 GMT
Content-Length: 21253
Connection: keep-alive
Last-Modified: Mon, 08 Aug 2022 12:24:16 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Size:   21253
Md5:    d634c2eca0420d25c988f15be3a33ce2
Sha1:   42a1c7606af023af06801edb5139b51e7fd1214c
Sha256: 9f5ed157ea7a4ec814df94217a2ca5ed96cc11bf82cbefc747c96ab81352005a
                                        
                                            POST /?wc-ajax=get_refreshed_fragments HTTP/1.1 
Host: clarotm.ir
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://clarotm.ir
Connection: keep-alive
Referer: https://clarotm.ir/
Cookie: _ga_PXT4W1F88K=GS1.1.1669976883.1.0.1669976883.0.0.0; _ga=GA1.1.490344127.1669976884
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.23.55
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 10:28:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://clarotm.ir
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1516), with no line terminators
Size:   477
Md5:    eef11ad4ef2674bb08cc32844d684a47
Sha1:   f6924ae65845d8737063052dcfd84fd815e2ec97
Sha256: 4310fab31fe465576b05f02370f3aa89844bec856fa4d6a8dec2beb2070e6d3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 45483
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10270
Md5:    4c7113338bc3310b13d23ca415c177e2
Sha1:   2cb4edc6b161c6d2d5b47aa498ae54e677966466
Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9