urlscan.io logo urlscan.io
SecurityTrails logo

download-book-ketab2.fire-blog.ir Open in urlscan Pro
85.10.210.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://download-book-ketab2.fire-blog.ir/
Submission: On March 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 35 HTTP transactions. The main IP is 85.10.210.80, located in Igersheim, Germany and belongs to HETZNER-AS, DE. The main domain is download-book-ketab2.fire-blog.ir.
TLS certificate: Issued by R3 on February 13th 2024. Valid for: 3 months.
This is the only time download-book-ketab2.fire-blog.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 85.10.210.80 24940 (HETZNER-AS)
3 172.240.253.132 7979 (SERVERS-COM)
2 185.49.85.27 43754 (ASIATECH)
5 45.133.44.53 39572 (ADVANCEDH...)
1 45.133.44.52 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 157.90.84.242 24940 (HETZNER-AS)
4 65.21.26.20 24940 (HETZNER-AS)
2 3 2607:f8b0:400... 15169 (GOOGLE)
1 94.130.198.6 24940 (HETZNER-AS)
4 2a01:4f8:252:... 24940 (HETZNER-AS)
4 2a02:b48:8300... 39572 (ADVANCEDH...)
35 13
6    85.10.210.80 (Igersheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server17.dn-server.com
download-book-ketab2.fire-blog.ir
fire-blog.ir
3    172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)
investigationsuperbprone.com
2    185.49.85.27 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
www.zarpop.ir
zarpop.com
5    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
c365b42d0b.50005582df.com
0729a1e027.84284a87a4.com
1    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.capndr.com
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
2    157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
4    65.21.26.20 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server22.dn-server.com
zarad.net
3    2607:f8b0:4004:c19::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    94.130.198.6 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.198.130.94.clients.your-server.de
nereserv.com
4    2a01:4f8:252:561a::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
b2d6e0ee6d.bf25322e4f.com
4    2a02:b48:8300::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
Apex Domain
Subdomains		 Transfer
6 fire-blog.ir
download-book-ketab2.fire-blog.ir
fire-blog.ir
155 KB
4 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 55592
4 KB
4 bf25322e4f.com
b2d6e0ee6d.bf25322e4f.com
4 KB
4 zarad.net
zarad.net — Cisco Umbrella Rank: 202691
9 KB
4 50005582df.com
c365b42d0b.50005582df.com
189 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 26
2 KB
3 investigationsuperbprone.com
investigationsuperbprone.com — Cisco Umbrella Rank: 957891
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 54052
452 B
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 52854
201 B
1 84284a87a4.com
0729a1e027.84284a87a4.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 46621
905 B
1 capndr.com
js.capndr.com — Cisco Umbrella Rank: 57097
238 B
1 zarpop.com
zarpop.com
1 KB
1 zarpop.ir
www.zarpop.ir — Cisco Umbrella Rank: 791438
1 KB
35 14
Domain Requested by
4 static.bookmsg.com c365b42d0b.50005582df.com
4 b2d6e0ee6d.bf25322e4f.com c365b42d0b.50005582df.com
4 zarad.net zarpop.com
zarad.net
4 c365b42d0b.50005582df.com download-book-ketab2.fire-blog.ir
c365b42d0b.50005582df.com
3 accounts.google.com 2 redirects download-book-ketab2.fire-blog.ir
3 investigationsuperbprone.com download-book-ketab2.fire-blog.ir
3 fire-blog.ir download-book-ketab2.fire-blog.ir
3 download-book-ketab2.fire-blog.ir download-book-ketab2.fire-blog.ir
2 fp.metricswpsh.com c365b42d0b.50005582df.com
1 nereserv.com c365b42d0b.50005582df.com
1 0729a1e027.84284a87a4.com c365b42d0b.50005582df.com
1 storage.multstorage.com c365b42d0b.50005582df.com
1 js.capndr.com c365b42d0b.50005582df.com
1 zarpop.com www.zarpop.ir
1 www.zarpop.ir download-book-ketab2.fire-blog.ir
35 15
Subject Issuer Validity Valid
*.fire-blog.ir
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
investigationsuperbprone.com
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
zarpop.ir
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
c365b42d0b.50005582df.com
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
zarpop.com
R3		 2024-02-15 -
2024-05-15		 3 months crt.sh
js.capndr.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh
0729a1e027.84284a87a4.com
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
notification.tubecup.net
R3		 2024-02-09 -
2024-05-09		 3 months crt.sh
webmail.zarad.net
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
bf25322e4f.com
R3		 2024-03-12 -
2024-06-10		 3 months crt.sh
static.bookmsg.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://download-book-ketab2.fire-blog.ir/
Frame ID: BE34E7A8FB4467CAC3778C902E2D3DD7
Requests: 28 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: C4BB28E5A0F1BB363570ED7F58135E27
Requests: 1 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Frame ID: CD9C2A5ECFF57F9333B59D9455C903B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

دانلود کتاب

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

35
Requests

94 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

365 kB
Transfer

1347 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjzFvJnvzZVji31an-NmBWU3C2x1hw-8zkE38FHjO0HQALHPjUv6luMsiNMaFH26qU8lzzUOFQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjz79yugLcKTkRXBARrUik_RDKdM7KiZxmm8hSOX01TPsNbhMa8fkpWlwXC4NPIqO_3ghwr9AQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1912648251%3A1710623033751870&theme=mn&ddm=0

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
download-book-ketab2.fire-blog.ir/ 		326 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
208d6df04e1338c7c824f044a11796dfd9d03e13af90de8f65e4993ecd081cab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 21:03:51 GMT
etag
"39745484-1710623031;br"
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
x-litespeed-cache
miss
style.css
download-book-ketab2.fire-blog.ir/theme/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-book-ketab2.fire-blog.ir/theme/style.css
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
a12d7ad6c8d6156ba9dcb9a7005c237836ae878235616f57b66677af9575f6ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 21:03:51 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 20:51:37 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
8274
expires
Mon, 15 Apr 2024 21:03:51 GMT
bootstrap.rtl.min.css
download-book-ketab2.fire-blog.ir/theme/css/ 		98 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-book-ketab2.fire-blog.ir/theme/css/bootstrap.rtl.min.css
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
eb77efb492ae476335aebca2224520389013538896fe5404470de08f48f7f266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 21:03:51 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 20:51:37 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15712
expires
Mon, 15 Apr 2024 21:03:51 GMT
3.jpg
fire-blog.ir/theme/img/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fire-blog.ir/theme/img/3.jpg
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
79e8d96b1093a2523ba9b5fa09a02bedc64aec6ecad2e767562d630d32145a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/jpeg
date
Sat, 16 Mar 2024 21:03:52 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 13 Dec 2022 20:51:37 GMT
accept-ranges
bytes
content-length
57581
expires
Sun, 16 Mar 2025 21:03:52 GMT
Ads_x.gif
fire-blog.ir/theme/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fire-blog.ir/theme/img/Ads_x.gif
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
ec67771808d4eeed145c81211b354be6aaa9d71c21a37692e632424844fa3f03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 16 Mar 2024 21:03:52 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 13 Dec 2022 20:51:37 GMT
accept-ranges
bytes
content-length
18092
expires
Sun, 16 Mar 2025 21:03:52 GMT
unnamed.gif
fire-blog.ir/theme/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fire-blog.ir/theme/unnamed.gif
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.10.210.80 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server17.dn-server.com
Software
/
Resource Hash
7d7c677ff265c965bb061064f78b105762d6a355e48bc85adb5dc32d25ff97df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 16 Mar 2024 21:03:52 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 13 Dec 2022 20:51:37 GMT
accept-ranges
bytes
content-length
3904
expires
Sun, 16 Mar 2025 21:03:52 GMT
1c6fdfe4b09d23ddef600cc7300d371b.js
investigationsuperbprone.com/1c/6f/df/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://investigationsuperbprone.com/1c/6f/df/1c6fdfe4b09d23ddef600cc7300d371b.js
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 21:03:52 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
investigationsuperbprone.com/65384cdda923dc10a61f7eb4085210f5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://investigationsuperbprone.com/65384cdda923dc10a61f7eb4085210f5/invoke.js
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 21:03:52 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js
www.zarpop.ir/website/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zarpop.ir/website/js
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.49.85.27 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
6c526bf2446e55b0464a9bd6fe5639a1a3b61467cd9da5de60d4a53972af02ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:52 GMT
content-encoding
br
last-modified
Sat, 16 Mar 2024 21:03:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0,pre-check=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
711
expires
Mon, 26 Jul 1997 05:00:00 GMT
invoke.js
investigationsuperbprone.com/563e95a62505233795c0c429fcb39c82/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://investigationsuperbprone.com/563e95a62505233795c0c429fcb39c82/invoke.js
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 16 Mar 2024 21:03:52 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
ca79cc9ae5ac58a640bc7dd36fd2d268.js
c365b42d0b.50005582df.com/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
Origin
https://download-book-ketab2.fire-blog.ir
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 21:08:52 GMT
date
Sat, 16 Mar 2024 21:03:52 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 14:52:22 GMT
server
nginx/1.18.0
etag
W/"65e731a6-1a102"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
/
zarpop.com/website/pp/null/1226/download-book-ketab2.fire-blog.ir/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarpop.com/website/pp/null/1226/download-book-ketab2.fire-blog.ir/?8944570
Requested by
Host: www.zarpop.ir
URL: https://www.zarpop.ir/website/js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.49.85.27 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
1ea428e3380a3c6691276c91d5aea168b3411f6591a2939c8b57e81f568ccf58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:53 GMT
content-encoding
br
last-modified
Sat, 16 Mar 2024 21:03:53 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0,pre-check=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1034
expires
Mon, 26 Jul 1997 05:00:00 GMT
151413
c365b42d0b.50005582df.com/ec9418677217c2b305864dc67aa5272d/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c365b42d0b.50005582df.com/ec9418677217c2b305864dc67aa5272d/151413?version_name=d
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8692393f0b49ed49b4bc09e39f902d3c7f77e60dd4138b794a3b82553d9f015b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 21:08:53 GMT
date
Sat, 16 Mar 2024 21:03:53 GMT
server
nginx/1.18.0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
content-length
1291
x-proxy-cache
MISS
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 21:08:53 GMT
date
Sat, 16 Mar 2024 21:03:53 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
count.html
storage.multstorage.com/log/ Frame C4BB 		882 B
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8657b147cf4e4bd3-BUF
content-encoding
br
content-type
text/html
date
Sat, 16 Mar 2024 21:03:53 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HUUyVB5ZUxmL3mQ966EyEzhsIlKwDvjSTiWnUJXALi840d%2FMHMP9pA2yaMwoZXdka9wP8D6Tu8BbRyODIR3mt0%2BVv5AxROxebQeq%2F3KJjQPyhcH9bbMN0L31Z3Z%2Bo0dXRQaRu2AGE7pne6p%2FMPc3BrZ9VbVTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
91ddecb500cd5cd8f2ad06aee10af4e8
track
0729a1e027.84284a87a4.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0729a1e027.84284a87a4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjY5MzQ2MzI2Mjg4NDkyNTAwMCIsInRpbWV6b25lIjotMTAsInZlciI6IjMuMTEwLjAiLCJ0YWdfaWQiOjE1MTQxMywic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlBhY2lmaWMvSG9ub2x1bHUiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiJUQ4JUFGJUQ4JUE3JUQ5JTg2JUQ5JTg0JUQ5JTg4JUQ4JUFGJTJDJURBJUE5JUQ4JUFBJUQ4JUE3JUQ4JUE4In0=
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:53 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
7d8b23152cdcf9380b1d331cef2978f5.js
c365b42d0b.50005582df.com/ 		162 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c365b42d0b.50005582df.com/7d8b23152cdcf9380b1d331cef2978f5.js
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
766788bd06cb520d6b730cea6c33c3cea8891b6576a4bcfd826dc6d4101c264f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 21:08:53 GMT
date
Sat, 16 Mar 2024 21:03:53 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 09:49:30 GMT
server
nginx/1.18.0
etag
W/"65f419aa-28742"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		58 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=151413
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/ca79cc9ae5ac58a640bc7dd36fd2d268.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
265dc6a41e9f0c8bb0ddc64442e6d8e49d2dc2540d22d0a059b8af4bb7de6f33

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 16 Mar 2024 21:03:53 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://download-book-ketab2.fire-blog.ir
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=151413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://download-book-ketab2.fire-blog.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://download-book-ketab2.fire-blog.ir
Connection
keep-alive
Date
Sat, 16 Mar 2024 21:03:53 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fire-blog.ir.js
zarad.net/sdk/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zarad.net/sdk/fire-blog.ir.js?t=202421611
Requested by
Host: zarpop.com
URL: https://zarpop.com/website/pp/null/1226/download-book-ketab2.fire-blog.ir/?8944570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.26.20 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server22.dn-server.com
Software
/
Resource Hash
4d5fe9f53ec9b4b21463dc8826fbe3f349f30974c8f6855f9bbb237719df6d9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 21:03:53 GMT
content-encoding
br
last-modified
Sun, 02 Jul 2023 17:35:08 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8178
expires
Sun, 16 Mar 2025 21:03:53 GMT
85d6c444037b0d20e886d9b1407c9474.js
c365b42d0b.50005582df.com/ 		459 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c365b42d0b.50005582df.com/85d6c444037b0d20e886d9b1407c9474.js
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/7d8b23152cdcf9380b1d331cef2978f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4e246d032003ca1d6aaaaea55653f5b9ea39b84449aed6932ad2acbf8b81b364

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 21:08:53 GMT
date
Sat, 16 Mar 2024 21:03:53 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2024 12:47:16 GMT
server
nginx/1.18.0
etag
W/"65f2f1d4-72c3e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjzFvJnvzZVji31an-NmBWU3C2x1hw-8zkE38FHjO0HQALHPjUv6luMsi...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjz79yugLcKTkRXBARrUik_RDKdM7KiZxmm8hSOX01TPsNbhMa8fkpWlwXC4NPIqO_3ghwr9AQ&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjz79yugLcKTkRXBARrUik_RDKdM7KiZxmm8hSOX01TPsNbhMa8fkpWlwXC4NPIqO_3ghwr9AQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1912648251%3A1710623033751870&theme=mn&ddm=0
Requested by
Host: download-book-ketab2.fire-blog.ir
URL: https://download-book-ketab2.fire-blog.ir/
Protocol
H3
Server
2607:f8b0:4004:c19::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date
Sat, 16 Mar 2024 21:03:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gwA_Ff-_n743QnlhYHfE1w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
430
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjz79yugLcKTkRXBARrUik_RDKdM7KiZxmm8hSOX01TPsNbhMa8fkpWlwXC4NPIqO_3ghwr9AQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1912648251%3A1710623033751870&theme=mn&ddm=0
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=0&event_id=6d8afdbb-b846-4f7b-a0ba-2d8840c9d9a5&subid=775266969&sid=4257072034&spot_id=513108&created_at=2024-03-16&timezone=-10&ver=8.153.0&is_native=1
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/7d8b23152cdcf9380b1d331cef2978f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.198.6 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:53 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
b2d6e0ee6d.bf25322e4f.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b2d6e0ee6d.bf25322e4f.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://download-book-ketab2.fire-blog.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Sat, 16 Mar 2024 21:03:54 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
multy
b2d6e0ee6d.bf25322e4f.com/in/ 		40 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2d6e0ee6d.bf25322e4f.com/in/multy
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/7d8b23152cdcf9380b1d331cef2978f5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b9779f5ae10477c910d51ff73dcfba49bb4cf184264e7c11d26801dc33c1d178

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:54 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3606
savvy.json
zarad.net/jsons/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zarad.net/jsons/savvy.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.21.26.20 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server22.dn-server.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://download-book-ketab2.fire-blog.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, *
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET,POST
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
date
Sat, 16 Mar 2024 21:03:54 GMT
vary
User-Agent
savvy.json
zarad.net/jsons/ 		883 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zarad.net/jsons/savvy.json
Requested by
Host: zarad.net
URL: https://zarad.net/sdk/fire-blog.ir.js?t=202421611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.21.26.20 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server22.dn-server.com
Software
/
Resource Hash
a0eb3e6ec1755efa3c91151d2a4da09a252638989f4e42607750f3bac262c2bc

Request headers

Referer
https://download-book-ketab2.fire-blog.ir/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Mar 2024 21:03:54 GMT
content-encoding
br
last-modified
Sat, 16 Mar 2024 21:00:06 GMT
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
access-control-allow-headers
Content-Type, *
content-length
116
expires
Wed, 15 May 2024 21:03:54 GMT
load.php
zarad.net/v1/ 		0
0
load.php
zarad.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zarad.net/v1/load.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.21.26.20 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server22.dn-server.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://download-book-ketab2.fire-blog.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://download-book-ketab2.fire-blog.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 21:03:56 GMT
vary
User-Agent
SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 		486 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=c0059e04-63eb-4c8a-9157-83df7647a92f&prev_step_diff=1074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sun, 16 Mar 2025 21:03:54 GMT
date
Sat, 16 Mar 2024 21:03:54 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-1e6"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
486
x-proxy-cache
HIT
SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sun, 16 Mar 2025 21:03:54 GMT
date
Sat, 16 Mar 2024 21:03:54 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-42a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1066
x-proxy-cache
HIT
/
b2d6e0ee6d.bf25322e4f.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2d6e0ee6d.bf25322e4f.com/in/show/?tag_ab=d&site_id=31513108&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdownload-book-ketab2.fire-blog.ir%2F&refdom=download-book-ketab2.fire-blog.ir&auction_time=1710623034&subid=775266969&sid=4257072034&tcid=0&ver=8.153.0&ver_c=&spot_id=513108&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-16&iabcat=IAB24-24&keywords=&user_fp=11097298076035533131&score=56.13234272136896&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D775266969%26spot_id%3D513108%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fdownload-book-ketab2.fire-blog.ir%252F%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.viirkagt.com%2Fh%2F745%2Fm3nesqogxr7fvzhyqx4yzlgjwktuk57p364nttogzn5hqut2nj7gieduafrcpv6ysd4u4kq7zm32ixpmk2pi44wsgoh6c6xiohfo5rxmscxjzweansbesleqiodghvsmkkwfn5eewmame46frwlbfstmq6uzoigzmn24osckamn7e4l3rzhvvckvinyxkxpcobzyqutrwjwe53ctv275m5pfjh3nl4kawniml2vy4fpyw4twwayxg65akpe2hdp4mcyer3ddt5xexocvjhbhp2nesx3uf5khnncfka2cirfggqdzljzf4y32pvjuawlypzsxs42anmap2xcfqvdwpitj3n2zo4hrpkowjjlhwrak62m7mwrubmkatb3vlm2m6jcvmu4tofruzatwpguhiqxoinw5qtsn6fzgz2sn2hp5kicbzjhvbi7p3vzgllh2lfvhs4cyajvb4zrqrjaascoijnefmsd53nji7bcr6rlj5dtsriz4xo3rvjywsdjidjux27ifcyex6kjxpysbo2qgpbvhozd3ciivoasaibetkrjibbyf3ucjjduxlcxs2zk5sqdtkm3e2wcew56os53wr5yglt4bjchwyhwbfnzicy4ungpuuqp7snf3mnf6b4ggzm3tvct3xzx5vw7m353purx3gsrbcubr2olspfts6ct5iu4tsmbenycqoa2rdfobmniemvlhcwdeoj6ver2afb7wo6lpi5sqe7lvpq2smesykbiemqkpm5ehuwd7b5uhipyaavoho6tbnyyruj2teq6hsztqizgvmaslizagart5lv3fu2dnfiaagud3pjqg4jiwhqfrqc3chyyacsbmk4fbofz6kapawjiehysckdqqaqxtw4blempcgc32nf3w642hkmbvmt2ej5uua6c2offcaojaaijfa7toguttcb3oazrwq5dfo5aukuykijav4my4emgs2bjuoyva6akupr6dekjgiyzfo6z6ebxhgrchkeauuei4mvahqxdxbfsssl2xi3wu4vg6jrfws3r4i5whmytuifbfaasbizulxfo5ztdzzsuwqnqc73pw47uueiuw2djn7if3vc6i45akgmbpf6gy6dfjp6pnoyz4tu55ywh3zxjtmbofwscxoewcgnybj5gr2fq5b47byjipejatejbgbjnamlz4g4vhaxjvl47t22jvf4pbetc3abguqlsyjbppz7ui4rhvwqtfjnio7aklkohmsstvdqnv5ssa4crx6skbkbyeu3wnyuz7icdbcwba46heff6twr3gleyfajsdof2wfkhlzndq%3D%3D%3D%3D%3Fu%3D&icons=yHdQ3h01-mU1y9Ot195BahFY--IpnJ77w20SZdqKGDuXzcMSxEtBhMT27t0cv3mPYLBLtgvdG7kR8mZtNp2_RXlqPLQclryLdKMueFXgkcd2-XkV-3WDuNVTfrDg6Bj0ZceTueLN0Pgm3U6Y4NbqNTEybYijnyruPo7e7cZnvAdAElYxOQ&ext_cid=713806&px_id=31513108&min_cpm=0.011232208795797201&out_id=1&campaign_type=lq-pop&aid=412&cid=2724&uniq=&mid=76855247235988885&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.10277394138452199&cpm=0&verify_hash=1aa663483dd07607ae1421077649b1a3&is_native=2&real_bid=0.002002910861445908&original_bid_usd=0.002117241970241281&original_bid=0.002117241970241281&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2602:ffc8:2:104::15&geo=US&carrier=-&label_ids=89,20,27,108,0,83&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1710709434&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.002117241970241281&hostname=auc-inpage-hz-0-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Pacific/Honolulu&topics=&historical_keywords=&pop_cpc=0.000002117241970241281&ext_campaign_id_str=713806&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=28db067d-b26e-456b-9392-c6378a9fe5ba&prev_step_diff=1074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:55 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ Frame CD9C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by
Host: c365b42d0b.50005582df.com
URL: https://c365b42d0b.50005582df.com/7d8b23152cdcf9380b1d331cef2978f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sun, 16 Mar 2025 21:03:54 GMT
date
Sat, 16 Mar 2024 21:03:54 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-42a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1066
x-proxy-cache
HIT
truncated
/ Frame CD9C 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
b2d6e0ee6d.bf25322e4f.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2d6e0ee6d.bf25322e4f.com/in/show/?tag_ab=d&site_id=31513108&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdownload-book-ketab2.fire-blog.ir%2F&refdom=download-book-ketab2.fire-blog.ir&auction_time=1710623034&subid=775266969&sid=4257072034&tcid=0&ver=8.153.0&ver_c=&spot_id=513108&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-16&iabcat=IAB24-24&keywords=&user_fp=11097298076035533131&score=56.13234272136896&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D775266969%26spot_id%3D513108%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fdownload-book-ketab2.fire-blog.ir%252F%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.viirkagt.com%2Fh%2F745%2Fm3nesqogxr7fvzhyqx4yzlgjwktuk57p364nttogzn5hqut2nj7gieduafrcpv6ysd4u4kq7zm32ixpmk2pi44wsgoh6c6xiohfo5rxmscxjzweansbesleqiodghvsmkkwfn5eewmame46frwlbfstmq6uzoigzmn24osckamn7e4l3rzhvvckvinyxkxpcobzyqutrwjwe53ctv275m5pfjh3nl4kawniml2vy4fpyw4twwayxg65akpe2hdp4mcyer3ddt5xexocvjhbhp2nesx3uf5khnncfka2cirfggqdzljzf4y32pvjuawlypzsxs42anmap2xcfqvdwpitj3n2zo4hrpkowjjlhwrak62m7mwrubmkatb3vlm2m6jcvmu4tofruzatwpguhiqxoinw5qtsn6fzgz2sn2hp5kicbzjhvbi7p3vzgllh2lfvhs4cyajvb4zrqrjaascoijnefmsd53nji7bcr6rlj5dtsriz4xo3rvjywsdjidjux27ifcyex6kjxpysbo2qgpbvhozd3ciivoasaibetkrjibbyf3ucjjduxlcxs2zk5sqdtkm3e2wcew56os53wr5yglt4bjchwyhwbfnzicy4ungpuuqp7snf3mnf6b4ggzm3tvct3xzx5vw7m353purx3gsrbcubr2olspfts6ct5iu4tsmbenycqoa2rdfobmniemvlhcwdeoj6ver2afb7wo6lpi5sqe7lvpq2smesykbiemqkpm5ehuwd7b5uhipyaavoho6tbnyyruj2teq6hsztqizgvmaslizagart5lv3fu2dnfiaagud3pjqg4jiwhqfrqc3chyyacsbmk4fbofz6kapawjiehysckdqqaqxtw4blempcgc32nf3w642hkmbvmt2ej5uua6c2offcaojaaijfa7toguttcb3oazrwq5dfo5aukuykijav4my4emgs2bjuoyva6akupr6dekjgiyzfo6z6ebxhgrchkeauuei4mvahqxdxbfsssl2xi3wu4vg6jrfws3r4i5whmytuifbfaasbizulxfo5ztdzzsuwqnqc73pw47uueiuw2djn7if3vc6i45akgmbpf6gy6dfjp6pnoyz4tu55ywh3zxjtmbofwscxoewcgnybj5gr2fq5b47byjipejatejbgbjnamlz4g4vhaxjvl47t22jvf4pbetc3abguqlsyjbppz7ui4rhvwqtfjnio7aklkohmsstvdqnv5ssa4crx6skbkbyeu3wnyuz7icdbcwba46heff6twr3gleyfajsdof2wfkhlzndq%3D%3D%3D%3D%3Fu%3D&icons=YSsLZs7CeHapdDth_eP5NgprJ-0lD5hY64SWwQh1As3vJGV2_pXUACAX_m4w-8jGeYa8eaxWJw33z6CSOWSq1kpq8eVxV4qDEF6zjzeuNJqqOkazpFPdFKkq5dNTOTM0EUZ_rkQ-b_x0f4qi00tQCdLF82-uKMuBRtFLUeuzDn4QAO29fA&ext_cid=713806&px_id=31513108&min_cpm=0.011232208795797201&out_id=0&campaign_type=lq-pop&aid=412&cid=2724&uniq=&mid=76855247235988885&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.10277394138452199&cpm=0&verify_hash=1aa663483dd07607ae1421077649b1a3&is_native=2&real_bid=0.002002910861445908&original_bid_usd=0.002117241970241281&original_bid=0.002117241970241281&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2602:ffc8:2:104::15&geo=US&carrier=-&label_ids=89,20,27,108,0,83&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1710709434&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.002117241970241281&hostname=auc-inpage-hz-0-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Pacific/Honolulu&topics=&historical_keywords=&pop_cpc=0.000002117241970241281&ext_campaign_id_str=713806&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&st=0.03&cpa=e7a2fbe9-7701-48e5-b8f1-d3d8c528b2cd&prev_step_diff=1074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://download-book-ketab2.fire-blog.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 21:03:55 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ Frame CD9C 		486 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&st=0.03&cpa=be535536-5db5-48fd-aae5-06ea38051bb5&prev_step_diff=1074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sun, 16 Mar 2025 21:03:54 GMT
date
Sat, 16 Mar 2024 21:03:54 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-1e6"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
486
x-proxy-cache
HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zarad.net
URL
https://zarad.net/v1/load.php

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| zarpop_user_id number| zarpop_userMax function| R function| X object| atOptions function| zarpop_pop2under function| openCloseWindow function| openCloseTab undefined| zarpop_url object| zarpop_browser object| script number| x object| bd object| hd string| zarpop_wid number| zarpop_uid object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam number| needpop string| vc_cn string| vc_url object| Page_Enter number| PopWidth number| PopHeight number| PopTargetingMethod number| PopUseDivLayer string| RTSDomain string| debugDomain boolean| Page_Popped boolean| Page2_Popped boolean| Page_Loaded object| MySiteDomain function| InitPop750976386 function| SiteEnter function| createCookie function| readCookie function| RetrieveCount function| IncrementCount function| LoadStandardPop object| h object| s object| d object| activesInpages function| __fp-init object| __inpageSkins object| keys string| mediad object| ki object| clicked object| poss number| media_id string| baseurl string| twdomain string| fileurl string| fcmuZAR string| baseApi object| op object| validpos object| df number| cv number| userip boolean| supStrg function| viewAds function| getAllLoc function| bestlocation boolean| lc boolean| lcFcmTw function| totalLoc object| cstr undefined| ccd function| aClickC function| totalClick object| isMobile45 boolean| ismob function| toId function| pluski function| plusclicked function| pageToId function| sdget function| zaradAjax function| getsavvy function| upValidPos function| idsCatToScore function| getScoreFrmAd function| getposIdAdsOrderd function| orderIds function| getAds function| actionResultAds function| addStyle45 function| addJsZarad function| urlads function| titleAd function| result4 function| result5 function| result7 function| result8 function| result9 function| result10 function| result11 function| result12 function| Cookies boolean| $best object| vi boolean| a string| r object| head object| style object| locat

4 Cookies

Domain/Path Name / Value
download-book-ketab2.fire-blog.ir/ Name: PHPSESSID
Value: 170sugbo5i791kuneuqk43qkb3
download-book-ketab2.fire-blog.ir/ Name: c132-6
Value: 1
download-book-ketab2.fire-blog.ir/ Name: lstsavvy
Value: 1710623033
fp.metricswpsh.com/ Name: id
Value: 13767108811579963430

7 Console Messages

Source Level URL
Text
network error URL: https://investigationsuperbprone.com/1c/6f/df/1c6fdfe4b09d23ddef600cc7300d371b.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://download-book-ketab2.fire-blog.ir/(Line 2751)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://investigationsuperbprone.com/563e95a62505233795c0c429fcb39c82/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://download-book-ketab2.fire-blog.ir/(Line 2751)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://investigationsuperbprone.com/563e95a62505233795c0c429fcb39c82/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://investigationsuperbprone.com/65384cdda923dc10a61f7eb4085210f5/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://investigationsuperbprone.com/563e95a62505233795c0c429fcb39c82/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjz79yugLcKTkRXBARrUik_RDKdM7KiZxmm8hSOX01TPsNbhMa8fkpWlwXC4NPIqO_3ghwr9AQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1912648251%3A1710623033751870&theme=mn&ddm=0
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://download-book-ketab2.fire-blog.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0729a1e027.84284a87a4.com
accounts.google.com
b2d6e0ee6d.bf25322e4f.com
c365b42d0b.50005582df.com
download-book-ketab2.fire-blog.ir
fire-blog.ir
fp.metricswpsh.com
investigationsuperbprone.com
js.capndr.com
nereserv.com
static.bookmsg.com
storage.multstorage.com
www.zarpop.ir
zarad.net
zarpop.com
zarad.net
157.90.84.242
172.240.253.132
185.49.85.27
2606:4700:3032::ac43:ae33
2607:f8b0:4004:c19::54
2a01:4f8:252:561a::2
2a02:b48:8300::24
45.133.44.52
45.133.44.53
65.21.26.20
85.10.210.80
94.130.198.6
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
1ea428e3380a3c6691276c91d5aea168b3411f6591a2939c8b57e81f568ccf58
208d6df04e1338c7c824f044a11796dfd9d03e13af90de8f65e4993ecd081cab
265dc6a41e9f0c8bb0ddc64442e6d8e49d2dc2540d22d0a059b8af4bb7de6f33
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
4d5fe9f53ec9b4b21463dc8826fbe3f349f30974c8f6855f9bbb237719df6d9a
4e246d032003ca1d6aaaaea55653f5b9ea39b84449aed6932ad2acbf8b81b364
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
6c526bf2446e55b0464a9bd6fe5639a1a3b61467cd9da5de60d4a53972af02ee
766788bd06cb520d6b730cea6c33c3cea8891b6576a4bcfd826dc6d4101c264f
79e8d96b1093a2523ba9b5fa09a02bedc64aec6ecad2e767562d630d32145a43
7d7c677ff265c965bb061064f78b105762d6a355e48bc85adb5dc32d25ff97df
8692393f0b49ed49b4bc09e39f902d3c7f77e60dd4138b794a3b82553d9f015b
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
a0eb3e6ec1755efa3c91151d2a4da09a252638989f4e42607750f3bac262c2bc
a12d7ad6c8d6156ba9dcb9a7005c237836ae878235616f57b66677af9575f6ef
b9779f5ae10477c910d51ff73dcfba49bb4cf184264e7c11d26801dc33c1d178
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb77efb492ae476335aebca2224520389013538896fe5404470de08f48f7f266
ec67771808d4eeed145c81211b354be6aaa9d71c21a37692e632424844fa3f03
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6