0.rebrandingstoreblue.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.neginweb.com.62-60-197-91.cprapid.com/
Effective URL:
https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz
Submission: On December 17 via api (December 17th 2024, 6:52:57 am UTC) from US — Scanned from IS

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 66 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 0.rebrandingstoreblue.com.
TLS certificate: Issued by WE1 on December 10th 2024. Valid for: 3 months.

This is the only time 0.rebrandingstoreblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	62.60.197.91 62.60.197.91	48147 (AminIDC A...) (AminIDC Asre Pardazeshe Ettelaate Amin Institute)
39	185.143.234.120 185.143.234.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock))
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.164.190 172.67.164.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.192.6 172.67.192.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	7

1 62.60.197.91 (Iran, Islamic Republic Of)

ASN48147 (AminIDC Asre Pardazeshe Ettelaate Amin Institute, IR)

mail.neginweb.com.62-60-197-91.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 185.143.234.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR)

neginweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

png.linetoslice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.164.190 (United States)

ASN13335 (CLOUDFLARENET, US)

gb.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.192.6 (United States)

ASN13335 (CLOUDFLARENET, US)

fr2.readytocheckline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fr1.readytocheckline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rebrandingstoreblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.rebrandingstoreblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	neginweb.com neginweb.com	489 KB
4	rebrandingstoreblue.com rebrandingstoreblue.com 0.rebrandingstoreblue.com	18 KB
3	readytocheckline.com fr2.readytocheckline.com — Cisco Umbrella Rank: 999589 Failed fr1.readytocheckline.com — Cisco Umbrella Rank: 984314	3 KB
2	rdntocdns.com gb.rdntocdns.com de.rdntocdns.com	11 KB
1	linetoslice.com png.linetoslice.com	6 KB
1	cprapid.com mail.neginweb.com.62-60-197-91.cprapid.com	313 KB
66	6

	Domain	Requested by
39	neginweb.com	mail.neginweb.com.62-60-197-91.cprapid.com neginweb.com
2	0.rebrandingstoreblue.com	mail.neginweb.com.62-60-197-91.cprapid.com
2	rebrandingstoreblue.com
2	fr2.readytocheckline.com	de.rdntocdns.com
1	fr1.readytocheckline.com
1	de.rdntocdns.com	gb.rdntocdns.com
1	gb.rdntocdns.com	png.linetoslice.com
1	png.linetoslice.com	mail.neginweb.com.62-60-197-91.cprapid.com
1	mail.neginweb.com.62-60-197-91.cprapid.com
66	9

This site contains no links.

Subject Issuer	Validity	Valid
neginweb.com R11	`2024-12-17` - `2025-03-17`	3 months	crt.sh
linetoslice.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
rdntocdns.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
readytocheckline.com WE1	`2024-12-14` - `2025-03-14`	3 months	crt.sh
rebrandingstoreblue.com WE1	`2024-12-10` - `2025-03-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz
Frame ID: D3EB18255A5A9ACE7DC003E5BA4A736F
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser

Page URL History Show full URLs

http://mail.neginweb.com.62-60-197-91.cprapid.com/ HTTP 307
https://mail.neginweb.com.62-60-197-91.cprapid.com/ Page URL
https://fr2.readytocheckline.com/t2kf4F?ds=https://mail.neginweb.com.62-60-197-91.cprapid.com Page URL
https://fr1.readytocheckline.com/RYewtyw Page URL
https://rebrandingstoreblue.com/go/gztggyrtgi5dcojxha4q?sub1=sams&sub2=cert&sub3=spz Page URL
https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

76 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

7
IPs

3
Countries

840 kB
Transfer

1939 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.neginweb.com.62-60-197-91.cprapid.com/ HTTP 307
https://mail.neginweb.com.62-60-197-91.cprapid.com/ Page URL
https://fr2.readytocheckline.com/t2kf4F?ds=https://mail.neginweb.com.62-60-197-91.cprapid.com Page URL
https://fr1.readytocheckline.com/RYewtyw Page URL
https://rebrandingstoreblue.com/go/gztggyrtgi5dcojxha4q?sub1=sams&sub2=cert&sub3=spz Page URL
https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mail.neginweb.com.62-60-197-91.cprapid.com/ HTTP 307
https://mail.neginweb.com.62-60-197-91.cprapid.com/

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
mail.neginweb.com.62-60-197-91.cprapid.com/
Redirect Chain

http://mail.neginweb.com.62-60-197-91.cprapid.com/
https://mail.neginweb.com.62-60-197-91.cprapid.com/

312 KB
313 KB

869ms
337ms

Document
text/html

62.60.197.91
AminIDC Asre Pard...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.197.91 , Iran, Islamic Republic Of, ASN48147 (AminIDC Asre Pardazeshe Ettelaate Amin Institute, IR),
Reverse DNS
Software: nginx /
Resource Hash: 5424910e54b7c7e8384d736f8fb61fb5e1ce55aaf4ab3129a1d9700070c07014

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Dec 2024 06:52:48 GMT
Server: nginx
Transfer-Encoding: chunked
link: <https://neginweb.com/wp-json/>; rel="https://api.w.org/"
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://mail.neginweb.com.62-60-197-91.cprapid.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style-rtl.min.css
neginweb.com/wp-includes/css/dist/block-library/ 112 KB
16 KB 671ms
460ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.7.1

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

7bc755ee70d50640e707d482708a287541627f049420a6b867b82ecaf10fb6e0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: b6819fa289622b31d6c8ca8096e01052
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=358
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Wed, 13 Nov 2024 08:53:15 GMT
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
neginweb.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 572ms
362ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 0e82155737395afe80088b25be7a0901
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=268
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 21 Sep 2023 20:22:51 GMT
x-xss-protection: 1; mode=block

GET
H2 200 styles-rtl.css
neginweb.com/wp-content/plugins/contact-form-7/includes/css/ 152 B
436 B 566ms
355ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.8

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: f02c1167ead64f8602cd00dba70d0eaa
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=263
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 21 Sep 2023 20:22:51 GMT
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
neginweb.com/wp-content/themes/charso/assets/css/ 190 KB
29 KB 642ms
431ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/css/bootstrap.min.css?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

a3972f643b114c9c0def088ebd9288bca6ed8ee6d63a60176cbca0f414f38a59

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: e569c975e93a28108417a3d50c48116a
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=332
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Tue, 30 Aug 2022 09:06:14 GMT
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome.min.css
neginweb.com/wp-content/themes/charso/assets/css/ 538 KB
89 KB 649ms
439ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/css/fontawesome.min.css?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

e9125431c1c2d7d6f872475386d063149e6ee668280fedfb76ad5fb052e158ef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 37dddfea99af2b1910726ee8786eac1c
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=338
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Tue, 30 Aug 2022 10:26:02 GMT
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
neginweb.com/wp-content/themes/charso/assets/css/ 183 KB
30 KB 659ms
448ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

f88717f71a283aeb9eae8d8867139f00e366f74f454cea510a3e60c4f255d97f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: b4d81f6ea0f1d618f8b370d032d94d94
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=344
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 29 Jun 2023 13:58:03 GMT
x-xss-protection: 1; mode=block

GET
H2 200 rpt_style.min.css
neginweb.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/ 8 KB
2 KB 573ms
363ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/rpt_style.min.css?ver=5.1.7

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

081091118e8bd10a591b771435766141d34d981577c5061ab4ea75fd4786796c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 205e8404953021863730dca41e91bf45
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:15 GMT
x-sid: 6231
server-timing: total;dur=270
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
vary: Accept-Encoding
server: ArvanCloud
last-modified: Sun, 25 Jun 2023 11:43:18 GMT
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
neginweb.com/wp-content/themes/charso/assets/js/ 87 KB
32 KB 746ms
535ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/js/jquery-3.6.0.min.js?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

1872148df9ef5b11681f3d4f37eb2d4b2945f8b7060849dfd411db4e0cc646f7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: d5358107e56c3de3db6efc9749093611
content-encoding: br
x-sid: 6231
server-timing: total;dur=340
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Tue, 30 Aug 2022 09:06:30 GMT
x-xss-protection: 1; mode=block

GET
H2 200 rpt.min.js Show response
neginweb.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/ 317 B
494 B 557ms
347ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/rpt.min.js?ver=5.1.7

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

6a247cc4a7dfabf12ea2797a38fc01a2e762988d0ba7c8e6111a4f87f11733fa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: e77b374d626e73ff2a3d1102e344fdf4
content-encoding: br
x-sid: 6231
server-timing: total;dur=254
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Sun, 25 Jun 2023 11:43:18 GMT
x-xss-protection: 1; mode=block

GET 55822e1e-080c-4c35-8358-c1591ec7cca3
https://mail.neginweb.com.62-60-197-91.cprapid.com/ 0
0

GET
H2 200 moree-2-1.webp
neginweb.com/wp-content/uploads/2023/06/ 232 B
555 B 351ms
351ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/moree-2-1.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

60fa08698da9f2dff9f43547896a9550a2ecbaff38b91feacb53b38aaef98a23

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 7e68799fab139deff4c06024addaa07a
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:17 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=258
x-cache: BYPASS
content-length: 232
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Thu, 29 Jun 2023 09:56:35 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 black-negin-web1.png
neginweb.com/wp-content/uploads/2023/06/ 4 KB
4 KB 349ms
349ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/black-negin-web1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

279714ea965fecd7a606c36e19fdee53352c7126594c163886ea9ea2f000771a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 89b147fcae1d22b23732f3ad3bdef6e6
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:17 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=256
x-cache: BYPASS
content-length: 3742
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 14:00:26 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 white-negin-web-1.png
neginweb.com/wp-content/uploads/2023/06/ 4 KB
4 KB 343ms
342ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/white-negin-web-1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

112fe2756ae14e149e1497fc8f201391564f56a1eb44091f0ff98adababd0328

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: f21403ee87336461311697c2deb99fd3
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=248
x-cache: BYPASS
content-length: 3726
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 14:00:28 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 datacenterweb-1.webp
neginweb.com/wp-content/uploads/2023/06/ 32 KB
32 KB 435ms
435ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/datacenterweb-1.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5eaaaa67ea72770984e8ad90fb125252e3f9620978592576331b8f4be0b26dc0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: a8506af8ead0eb6026a800efc623d632
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:17 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=328
x-cache: BYPASS
content-length: 32510
date: Tue, 17 Dec 2024 06:52:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Wed, 28 Jun 2023 15:38:29 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 avatar.png
neginweb.com/wp-content/themes/charso/assets/images/ 1 KB
2 KB 348ms
348ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/avatar.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

a5c2494769b4c4b621a31ae4345c1024798ebe34c36496a42189aaf7464618c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 4e5c7a30d80757b2cb1da38813f27f80
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=254
x-cache: BYPASS
content-length: 1523
date: Tue, 17 Dec 2024 06:52:50 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Fri, 20 May 2022 09:57:16 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 portfico.jpg
neginweb.com/wp-content/themes/charso/assets/images/ 6 KB
6 KB 349ms
349ms Image
image/jpeg 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/portfico.jpg

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

56bde35460d8a3bf036fa1bd2b2b3cc6a1b8ac81bf90f553843f5e8e1658bcd5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: ae28c377b01800728ec38c9e081428ce
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=254
x-cache: BYPASS
content-length: 6306
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Sun, 20 Nov 2022 03:58:36 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 plans-2-1.webp
neginweb.com/wp-content/uploads/2023/06/ 3 KB
3 KB 362ms
361ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/plans-2-1.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fe599fbcc517675f33712e128df756b0367fded42d40953518b67afd926ed1c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 7d37e19f3fafc3206b6a32867abfd904
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=266
x-cache: BYPASS
content-length: 2626
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Thu, 29 Jun 2023 09:29:39 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 servers-1.webp
neginweb.com/wp-content/uploads/2023/06/ 2 KB
2 KB 354ms
352ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/servers-1.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

abdd95373bc3dd092931125357b66e9534ab9c8e4c48420819ff13ac1228b8a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: a87307f4e9a0e53f6cc0885f5c177730
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=260
x-cache: BYPASS
content-length: 1898
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Thu, 29 Jun 2023 09:25:33 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 namads-2-1.webp
neginweb.com/wp-content/uploads/2023/06/ 2 KB
2 KB 367ms
366ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/namads-2-1.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

7f21291184f0f7a9facc1e3eb5ca77d87a2adbd74df7969fc5db1dccbd7524a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 319ecf5e8c411a9a8195fbdc3bbfe73a
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=270
x-cache: BYPASS
content-length: 1598
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Thu, 29 Jun 2023 09:26:58 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 subscribers1.png
neginweb.com/wp-content/uploads/2023/06/ 36 KB
36 KB 461ms
460ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/subscribers1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

b02b98dfc280194af43e0dedead8ef1ba5d6ec1c9765113db0b9e9701ca60e70

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: b230b55a8e1f7ef607a796ac6189e6bf
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=358
x-cache: BYPASS
content-length: 36555
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 09:31:26 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 kafshorg1.png
neginweb.com/wp-content/uploads/2023/06/ 3 KB
3 KB 357ms
356ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/kafshorg1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

3d61fa2d4cde9dbd6d040032149702a10aa05b3bbba3ffb41278a9b5624decd2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: eb82a4dd9110c1f9fd0570ee51b5bfc4
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=262
x-cache: BYPASS
content-length: 3024
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 10:03:10 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 drnazi1.png
neginweb.com/wp-content/uploads/2023/06/ 2 KB
2 KB 363ms
362ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/drnazi1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5c857651800d110c54f1818789d510f76c913f3f8b943418f233de6fb415c005

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 425d9c068e4dd1ca253e7c5ebf2b5503
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=266
x-cache: BYPASS
content-length: 1920
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 10:03:10 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 arayesh-org-150x150-1.png
neginweb.com/wp-content/uploads/2023/06/ 3 KB
3 KB 359ms
358ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/arayesh-org-150x150-1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

730d75dcef3fd16c1339a7ec9026abb76c93217e7c8fa9c86669634207e1eb47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 535df30a81b10ce511e911714817862a
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=264
x-cache: BYPASS
content-length: 3199
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 10:03:11 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 negin-web1.png
neginweb.com/wp-content/uploads/2023/06/ 3 KB
4 KB 342ms
341ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/negin-web1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

e615f63c3ef2524d14337ee438b67cb284a2695e47e738733cd20c31751edf5b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: ab8299ac164222504e6725f6ba9cf876
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:18 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=248
x-cache: BYPASS
content-length: 3273
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 10:03:11 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 navid-abbasi1-1.png
neginweb.com/wp-content/uploads/2023/06/ 2 KB
2 KB 364ms
364ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/navid-abbasi1-1.png

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

38852f0f1998f27f16e9772819f15966c995ba47e90efd1853ed7b2a5adb5047

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 167f7a3f6e9b7e23606180c4f4573f04
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=270
x-cache: BYPASS
content-length: 1618
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 10:03:10 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 telegram.svg
neginweb.com/wp-content/themes/charso/assets/images/ 2 KB
1 KB 462ms
461ms Image
image/svg+xml 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/telegram.svg

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

cb24dec6846771026332110bd04574f7b4c65fc99018b9d6dd64bd61d8efe3f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 3af06d6e43a197b61b5551ac854bf8de
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
server-timing: total;dur=284
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/svg+xml
vary: Accept-Encoding
server: ArvanCloud
last-modified: Fri, 26 Aug 2022 22:44:56 GMT
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
neginweb.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 431ms
431ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: e9bd6993f2aed3d63965a245d5fe44cf
content-encoding: br
x-sid: 6231
server-timing: total;dur=336
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:50 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 21 Sep 2023 20:22:51 GMT
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
neginweb.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 339ms
339ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 8491ec85792926d0812ae1d04aa454a9
content-encoding: br
x-sid: 6231
server-timing: total;dur=244
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:50 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 21 Sep 2023 20:22:51 GMT
x-xss-protection: 1; mode=block

GET
H2 200 bundle.min.js Show response
neginweb.com/wp-content/themes/charso/assets/js/ 167 KB
49 KB 436ms
436ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/js/bundle.min.js?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

a838bc9def6e271007ae7034df70a1f4bee4fd63b3aaf0f05ddb49a623fce561

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 334b1df94ecdd910a5a93421d3ac4c35
content-encoding: br
x-sid: 6231
server-timing: total;dur=342
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:50 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Sat, 24 Sep 2022 00:32:30 GMT
x-xss-protection: 1; mode=block

GET
H2 200 main.min.js Show response
neginweb.com/wp-content/themes/charso/assets/js/ 12 KB
3 KB 339ms
339ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-content/themes/charso/assets/js/main.min.js?ver=2.0.4

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

38a6d4190bf8ac01ccdec1c595bfc9bca5e029b494f1aa2cbd9db66e022a6e98

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: f959ae491dbab263cc489466449f1631
content-encoding: br
x-sid: 6231
server-timing: total;dur=246
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:50 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Thu, 01 Dec 2022 20:23:40 GMT
x-xss-protection: 1; mode=block

GET
H3 200 res.js Show response
png.linetoslice.com/scripts/ 14 KB
6 KB 495ms
296ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://png.linetoslice.com/scripts/res.js?v=1142&uy=mail.neginweb.com.62-60-197-91.cprapid.com
Requested by: Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423273f365a4ef4bcf2a6dc2cf8dbfbbb3e412ba8a376a9c1cbad6305d843930

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67388031-386f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBejQcQKdNe%2Fl8AhgCi8kCvaJYblbO%2Bw44l8Peux%2Fxn09kaal8IfjaLflsA2IHHGLoO9or3E4XxAF6O0qRV1gk8apOlI6ma0673vWwwuXSfLePs78h4w5yJk2A%2BA4TkrrNWEQkSB"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=93715&min_rtt=88248&rtt_var=22919&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4217&recv_bytes=4473&delivery_rate=247&cwnd=12000&unsent_bytes=0&cid=0bd2bafba643f1dc&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 16 Nov 2024 11:21:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f34fe239bfa5cc4-KEF
server: cloudflare

GET
H2 200 hit
neginweb.com/wp-json/wp-statistics/v2/ 62 B
717 B 510ms
510ms XHR
application/json 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=Lw=&referred=&_=1734418370911

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-robots-tag: noindex
x-request-id: 77c208c882dbff259bb0fba032464312
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: br
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-sid: 6231
server-timing: total;dur=416
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:52 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://neginweb.com/wp-json/>; rel="https://api.w.org/"
cache-control: no-cache
access-control-allow-credentials: true
allow: GET
access-control-allow-origin: https://mail.neginweb.com.62-60-197-91.cprapid.com
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: ArvanCloud

OPTIONS
H2 200 hit
neginweb.com/wp-json/wp-statistics/v2/ 0
0 931ms
746ms Preflight
application/json 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=Lw=&referred=&_=1734418370911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mail.neginweb.com.62-60-197-91.cprapid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: https://mail.neginweb.com.62-60-197-91.cprapid.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
allow: GET
content-encoding: br
content-type: application/json; charset=UTF-8
date: Tue, 17 Dec 2024 06:52:51 GMT
link: <https://neginweb.com/wp-json/>; rel="https://api.w.org/"
server: ArvanCloud
server-timing: total;dur=386
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-request-id: 2c4664b83b854ba1049e38747708ed0d
x-robots-tag: noindex
x-sid: 6231
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 sw.svg
neginweb.com/wp-content/themes/charso/assets/images/ 490 B
569 B 427ms
427ms Image
image/svg+xml 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/sw.svg

Requested by

Host: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

3f8875020483ef8fe1d0b501d66200a3aeb332f57d08b96125b2ced006b6dcb4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Response headers

x-request-id: e739e4ed9a063900320450e6fa6e6472
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
server-timing: total;dur=264
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/svg+xml
vary: Accept-Encoding
server: ArvanCloud
last-modified: Tue, 23 Aug 2022 04:05:52 GMT
x-xss-protection: 1; mode=block

GET
H2 200 corner.svg
neginweb.com/wp-content/themes/charso/assets/images/ 176 B
478 B 432ms
431ms Image
image/svg+xml 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/corner.svg

Requested by

Host: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

6901cf34e3c707146a945089251a0f810292f5a962aad49d13f231742de72480

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Response headers

x-request-id: ef566325a919ee1affd74006ddbe23e1
cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 24 Dec 2024 06:28:20 GMT
x-sid: 6231
server-timing: total;dur=268
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/svg+xml
vary: Accept-Encoding
server: ArvanCloud
last-modified: Sun, 20 Nov 2022 03:43:36 GMT
x-xss-protection: 1; mode=block

GET
H2 200 footer-bg.png
neginweb.com/wp-content/themes/charso/assets/images/ 10 KB
10 KB 425ms
424ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/themes/charso/assets/images/footer-bg.png

Requested by

Host: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

63a0e3a81014bea430c20d54d899723a146674b1c96e55488160278a8fe34177

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://neginweb.com/wp-content/themes/charso/assets/css/style.min.css?ver=2.0.4

Response headers

x-request-id: 616f0703b6d292f8b1b40dcf6f53ab1b
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:28:19 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=257
x-cache: BYPASS
content-length: 10063
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/png
last-modified: Thu, 29 Jun 2023 14:02:48 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET IRANYekanWebMedium.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebRegular.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebBold.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebExtraBlack.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebLight.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET fa-solid-900.woff2
neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/ 0
0

GET
H2 200 photo_2024-01-31_10-31-24-768x337.jpg
neginweb.com/wp-content/uploads/2024/01/ 40 KB
41 KB 487ms
486ms Image
image/jpeg 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2024/01/photo_2024-01-31_10-31-24-768x337.jpg

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

012f087ac07d1117d8f968b9cd36f68f09918365c6d503ce5a4fb7ce309aef0d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 6f439d8e5301f542288153c889fc8b47
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:43:58 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=334
x-cache: BYPASS
content-length: 41220
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/jpeg
last-modified: Wed, 31 Jan 2024 07:04:15 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 NEGINWEB-1-1-768x444.webp
neginweb.com/wp-content/uploads/2023/06/ 28 KB
29 KB 508ms
507ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2023/06/NEGINWEB-1-1-768x444.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

8916663b04a4147dcaea4fd690ee338011010d7d21f07391ad90562c0c9578d2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: fbcb82361bf9b304ad4e14e9ae4eaea6
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:43:58 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=356
x-cache: BYPASS
content-length: 29150
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Thu, 29 Jun 2023 10:21:24 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H2 200 arayeshiorg-768x462.webp
neginweb.com/wp-content/uploads/2022/10/ 35 KB
35 KB 563ms
563ms Image
image/webp 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neginweb.com/wp-content/uploads/2022/10/arayeshiorg-768x462.webp

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

2f0d14cbd0a888bb7c6c1e41c71534287c8f015b33615d254f809bf4ee98d26a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: 54070521e30bcc643b39797dc9836f02
cache-control: public, max-age=604800
expires: Tue, 24 Dec 2024 06:43:58 GMT
x-sid: 6231
accept-ranges: bytes
server-timing: total;dur=411
x-cache: BYPASS
content-length: 35508
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/webp
last-modified: Sun, 25 Jun 2023 11:04:07 GMT
server: ArvanCloud
x-xss-protection: 1; mode=block

GET
H3 200 6tdzst Show response
gb.rdntocdns.com/ 13 KB
6 KB 439ms
322ms Script
application/javascript 172.67.164.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gb.rdntocdns.com/6tdzst?u=mail.neginweb.com.62-60-197-91.cprapid.com
Requested by: Host: png.linetoslice.com
URL: https://png.linetoslice.com/scripts/res.js?v=1142&uy=mail.neginweb.com.62-60-197-91.cprapid.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3c3e5d8c32f6f45dbb3ed8b9c3f4316801babf0974b7b6e37cd5af2ee166dc9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKEc1R%2FxW1kDaTDNfdBz7x%2F4CbX2upbcA%2FFv%2BVVdBWwGWXhnpJK2xg4YJ9oJBgMW9J4kaRWuh2MNwCqcxZaQIXU6bf6tUP5cuSjja1JCsmd3uVUDjRuCWnIsbyJehd6BZwIo"}],"group":"cf-nel","max_age":604800}
expires: Tue, 17 Dec 2024 06:52:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=91276&min_rtt=88005&rtt_var=20223&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4413&delivery_rate=247&cwnd=12000&unsent_bytes=0&cid=276b4c7510bfc8bf&ts=337&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f34fe263b0a7304-KEF
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H2 200 wp-emoji-release.min.js Show response
neginweb.com/wp-includes/js/ 18 KB
5 KB 437ms
437ms Script
text/javascript 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1

Requested by

Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-request-id: b8751feeea62594b4d56ab1d191f716a
content-encoding: br
x-sid: 6231
server-timing: total;dur=344
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:51 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
vary: Accept-Encoding
server: ArvanCloud
last-modified: Wed, 03 Apr 2024 03:53:43 GMT
x-xss-protection: 1; mode=block

GET
H2 200 schema Show response
neginweb.com/wp-json/contact-form-7/v1/contact-forms/31/feedback/ 226 B
788 B 358ms
358ms Fetch
application/json 185.143.234.120
ARVANCLOUD-CDN-IR...

General

Check archive.org

Show headers Download Go to

Full URL

https://neginweb.com/wp-json/contact-form-7/v1/contact-forms/31/feedback/schema

Requested by

Host: neginweb.com
URL: https://neginweb.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-IR Noyan Abr Arvan Co. ( Private Joint Stock), IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

d37963a2d8144e8f69aa5bced83973386b7e0045217a00a9c76655810176e5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, */*;q=0.1
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

x-robots-tag: noindex
x-request-id: 7f710449de819c089e9aca3c0eb791d1
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: br
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-sid: 6231
server-timing: total;dur=250
x-cache: BYPASS
date: Tue, 17 Dec 2024 06:52:51 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://neginweb.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-credentials: true
allow: GET
access-control-allow-origin: https://mail.neginweb.com.62-60-197-91.cprapid.com
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: ArvanCloud

GET IRANYekanWebBold.woff
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebLight.woff
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebRegular.woff
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebExtraBlack.woff
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET IRANYekanWebMedium.woff
neginweb.com/wp-content/themes/charso/assets/fonts/ 0
0

GET fa-solid-900.ttf
neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/ 0
0

GET
H3 200 yirutyew Show response
de.rdntocdns.com/ 9 KB
5 KB 336ms
324ms Script
application/javascript 172.67.164.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.rdntocdns.com/yirutyew?u=mail.neginweb.com.62-60-197-91.cprapid.com
Requested by: Host: gb.rdntocdns.com
URL: https://gb.rdntocdns.com/6tdzst?u=mail.neginweb.com.62-60-197-91.cprapid.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.164.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 20397a889e6c0d5c7aeeed54e58079326bde7b083f88e0c0d9e7c31cc128e68e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrKvXcS7a2nyLPKOaZAGNMcuDNY6R5M%2Fzz9bBYr1GbabetXuO4hQ5FQAubpM%2BGTaEBIk1xn%2BPbiDdkZYwbnQ6E%2BNKAWL21%2F911n1SvJx92lldvXowNRipX33DUZn58wS5nmU"}],"group":"cf-nel","max_age":604800}
expires: Tue, 17 Dec 2024 06:52:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90228&min_rtt=88005&rtt_var=10106&sent=19&recv=14&lost=0&retrans=0&sent_bytes=10695&recv_bytes=4856&delivery_rate=73698&cwnd=12000&unsent_bytes=0&cid=276b4c7510bfc8bf&ts=689&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f34fe286b5d7304-KEF
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET t2kf4F
fr2.readytocheckline.com/ 0
0

GET
H3 200 t2kf4F Show response
fr2.readytocheckline.com/ 204 B
1 KB 412ms
311ms Document
text/html 172.67.192.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr2.readytocheckline.com/t2kf4F?ds=https://mail.neginweb.com.62-60-197-91.cprapid.com
Requested by: Host: de.rdntocdns.com
URL: https://de.rdntocdns.com/yirutyew?u=mail.neginweb.com.62-60-197-91.cprapid.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aece6748df5f2ab39527da33a027a62ffcfa56eefb9136d85cd8ad116af4132d

Request headers

Referer: https://mail.neginweb.com.62-60-197-91.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f34fe2b2bc25cc3-KEF
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 17 Dec 2024 06:52:52 GMT
expires: Tue, 17 Dec 2024 06:52:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GMRCEgsBCgb%2BaifXTajzbLbVDx%2F8esDurGBzKrLl7NWSt%2BBHphR8nsEBopcEVc3WWm0d2OpxpDmgxEg1R1E2BK1AmPauBjf8CDevpEBdJ2z24ucdDB4LLsonaORMi6gxCbHQjxnWzwXf%2FM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=91289&min_rtt=88016&rtt_var=20233&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4562&delivery_rate=247&cwnd=12000&unsent_bytes=0&cid=f0f4cf3d842c96ba&ts=315&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 RYewtyw Show response
fr1.readytocheckline.com/ 248 B
1 KB 330ms
310ms Document
text/html 172.67.192.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr1.readytocheckline.com/RYewtyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8094996baf13a2c1ac9f57b8a8b19df2e28c23fe3757867d6f062b0f4ac96f57

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f34fe2d4c2f5cc3-KEF
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 17 Dec 2024 06:52:52 GMT
expires: Tue, 17 Dec 2024 06:52:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHsO%2FTZN62AHmroNmRmxuRpu37ivIhXObWTXtiZUka5TKSh6Zyx0U5Q2h7k0VwCbGWZf4ewkcMu%2BXzmBbmTpc%2Bpy5netch8tgaCy%2F9obDBhuVeH%2BSE6rsEDfCJ2wVutTfLtq%2BneOcoiiAjU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=90877&min_rtt=87990&rtt_var=15999&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6232&recv_bytes=5512&delivery_rate=13603&cwnd=12000&unsent_bytes=0&cid=f0f4cf3d842c96ba&ts=659&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 404 favicon.ico
fr2.readytocheckline.com/ 548 B
799 B 293ms
293ms Other
text/html 172.67.192.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr2.readytocheckline.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYGlRkPOe8JGDrgke0JNaRTIIZFVlsfjKW4JcDmY%2B5m33mylZUVq7YMGScbVtaY65pwcFBpfC5AIUePBVsI1Ts1B3kruBLHYod%2FdoHUNiJ9s4hZOgodIkaBxc6%2F9Ls9WgZetfHpzidhI9t0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34fe2d2c285cc3-KEF
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90877&min_rtt=87990&rtt_var=15999&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5386&recv_bytes=5512&delivery_rate=13603&cwnd=12000&unsent_bytes=0&cid=f0f4cf3d842c96ba&ts=624&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 gztggyrtgi5dcojxha4q Show response
rebrandingstoreblue.com/go/ 12 KB
8 KB 289ms
180ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rebrandingstoreblue.com/go/gztggyrtgi5dcojxha4q?sub1=sams&sub2=cert&sub3=spz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ef66f0ecf473a56461bf3436fda00870e9093777da6d64ff6e5e09868ac3f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f34fe300bb15cbb-KEF
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 06:52:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2BbfUDwo6lFwXAqyNMICUPYTk5zP4GFGsLhj5hQQd53uEbSkmT0beR2i2RrRp%2F%2F1tQ1L3kUKQ%2BqE5JkQAePKhsABeUvocx7MXd4iPzFNwPIxL%2BYRj%2FHjYjLl7q0R67KmXi27bH53BG9eug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=88190&min_rtt=87984&rtt_var=18728&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4473&delivery_rate=6614&cwnd=12000&unsent_bytes=0&cid=1ddbdfdc86f7a055&ts=185&x=1" cfExtPri cfHdrFlush;dur=0

GET favicon.ico
fr1.readytocheckline.com/ 0
0

GET
DATA 200
OK truncated
/ 748 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 204 favicon.ico
rebrandingstoreblue.com/ 0
643 B 172ms
172ms Other
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rebrandingstoreblue.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rebrandingstoreblue.com/go/gztggyrtgi5dcojxha4q?sub1=sams&sub2=cert&sub3=spz

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55Og280fPsCVZXk%2F%2Bv3Z%2FFa%2BZ9KaUTiDJphmnOUmgCBF2OjfVDg5L7AxVIE%2Fo1JS7BCCZkag09BCnwBD4AxDuI%2F5P6pHFHKNTLGiE7%2BujQzeZqFWY4hS2yuKnR6IEDhYAz9ztyqkPGwCIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34fe317be25cbb-KEF
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90284&min_rtt=87984&rtt_var=6932&sent=23&recv=16&lost=0&retrans=0&sent_bytes=12976&recv_bytes=5520&delivery_rate=86720&cwnd=12000&unsent_bytes=0&cid=1ddbdfdc86f7a055&ts=408&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:53 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 Primary Request index.php Show response
0.rebrandingstoreblue.com/ 18 KB
9 KB 203ms
194ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz
Requested by: Host: mail.neginweb.com.62-60-197-91.cprapid.com
URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8896bc7a201b84a35d397d5f06a094b618d08c772c4a08bbd5b87c840dbcdb97

Request headers

Referer: https://rebrandingstoreblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f34fe3bde005cbb-KEF
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 06:52:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjupFGGChxDpRBXMyruSKf%2B7wUHykJA%2BGa1EMIo83o0GhshbpUAdM1YP216Dl3UEvRSnoCjNDZ1WC8lV5R3VTmhQpEOGXq48pg2NnmBNZ8Qj%2B5crzY4EcuZ%2ByY%2FCeJj8IHwFw%2BQsJHNcpWNm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=90184&min_rtt=87984&rtt_var=5399&sent=25&recv=18&lost=0&retrans=0&sent_bytes=13666&recv_bytes=6045&delivery_rate=8444&cwnd=12000&unsent_bytes=0&cid=1ddbdfdc86f7a055&ts=2095&x=1" cfExtPri cfHdrFlush;dur=0

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 favicon.ico
0.rebrandingstoreblue.com/ 0
635 B 175ms
175ms Other
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.rebrandingstoreblue.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://0.rebrandingstoreblue.com/index.php?p=gztggyrtgi5dcojxha4q&sub1=sams&sub2=cert&sub3=spz

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IQTy1DqS7zkyc2Y7h8rwCY9vIAgVFFEwIk2OfhmXRLUgxj9JWr4q24f8MtfGC%2FcuKgTNr9CHqF8n8S1jnDvpEvAaFr5rlpbExr8huh%2FLiHLSYk8v8OazcH%2BFeKmAQuVO22rwuskQkNNG%2Fah"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f34fe3d5e2b5cbb-KEF
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=101083&min_rtt=87984&rtt_var=18755&sent=39&recv=26&lost=0&retrans=0&sent_bytes=23743&recv_bytes=7222&delivery_rate=48058&cwnd=12000&unsent_bytes=0&cid=1ddbdfdc86f7a055&ts=2312&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 06:52:55 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mail.neginweb.com.62-60-197-91.cprapid.com
URL: blob:https://mail.neginweb.com.62-60-197-91.cprapid.com/55822e1e-080c-4c35-8358-c1591ec7cca3

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff2?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff2?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff2?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff2?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff2?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.woff2

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff?nqj53a

Domain: neginweb.com
URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.ttf

Domain: fr2.readytocheckline.com
URL: https://fr2.readytocheckline.com/t2kf4F?ds=https://mail.neginweb.com.62-60-197-91.cprapid.com

Domain: fr2.readytocheckline.com
URL: https://fr2.readytocheckline.com/t2kf4F?ds=https://mail.neginweb.com.62-60-197-91.cprapid.com

Domain: fr1.readytocheckline.com
URL: https://fr1.readytocheckline.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fr2.readytocheckline.com/	1970-01-21 02:31:36	Name: _subid Value: 1cs44tq2fkfh1
fr2.readytocheckline.com/	1970-01-21 01:48:24	Name: 7b22a Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM0XCI6MTczNDQxODM3Mn0sXCJjYW1wYWlnbnNcIjp7XCI0XCI6MTczNDQxODM3Mn0sXCJ0aW1lXCI6MTczNDQxODM3Mn0ifQ.WOtFOClDEx8UcxSmf7DmFtUf4X6sYd30L2y_XMZo3o0
fr1.readytocheckline.com/	1970-01-21 02:31:36	Name: _subid Value: 1cs44tq2fkfh3
fr1.readytocheckline.com/	1970-01-21 01:48:24	Name: 7b22a Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwXCI6MTczNDQxODM3Mn0sXCJjYW1wYWlnbnNcIjp7XCI3XCI6MTczNDQxODM3Mn0sXCJ0aW1lXCI6MTczNDQxODM3Mn0ifQ.QQpChiRsPGfdWHPXDgGdbwBEIe3gCv2jEg_oLCY7nrI
.rebrandingstoreblue.com/	1970-01-21 02:30:10	Name: uuid Value: 7c1287fc-ef90-4a55-9b00-8a584b3b4dff
.0.rebrandingstoreblue.com/	1970-01-21 02:30:10	Name: uuid Value: 7c1287fc-ef90-4a55-9b00-8a584b3b4dff

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff2?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff2?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff2?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff2?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff2?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff2?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff2?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff2?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff2?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff2?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.woff2' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebBold.woff?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebLight.woff?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebRegular.woff?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebExtraBlack.woff?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff?nqj53a' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/IRANYekanWebMedium.woff?nqj53a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.neginweb.com.62-60-197-91.cprapid.com/ Message: Access to font at 'https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.ttf' from origin 'https://mail.neginweb.com.62-60-197-91.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neginweb.com/wp-content/themes/charso/assets/fonts/fontawesome/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://fr2.readytocheckline.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.rebrandingstoreblue.com
de.rdntocdns.com
fr1.readytocheckline.com
fr2.readytocheckline.com
gb.rdntocdns.com
mail.neginweb.com.62-60-197-91.cprapid.com
neginweb.com
png.linetoslice.com
rebrandingstoreblue.com
fr1.readytocheckline.com
fr2.readytocheckline.com
mail.neginweb.com.62-60-197-91.cprapid.com
neginweb.com
172.67.164.190
172.67.192.6
185.143.234.120
188.114.96.3
188.114.97.3
62.60.197.91
012f087ac07d1117d8f968b9cd36f68f09918365c6d503ce5a4fb7ce309aef0d
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9
081091118e8bd10a591b771435766141d34d981577c5061ab4ea75fd4786796c
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
112fe2756ae14e149e1497fc8f201391564f56a1eb44091f0ff98adababd0328
1872148df9ef5b11681f3d4f37eb2d4b2945f8b7060849dfd411db4e0cc646f7
20397a889e6c0d5c7aeeed54e58079326bde7b083f88e0c0d9e7c31cc128e68e
279714ea965fecd7a606c36e19fdee53352c7126594c163886ea9ea2f000771a
2f0d14cbd0a888bb7c6c1e41c71534287c8f015b33615d254f809bf4ee98d26a
38852f0f1998f27f16e9772819f15966c995ba47e90efd1853ed7b2a5adb5047
38a6d4190bf8ac01ccdec1c595bfc9bca5e029b494f1aa2cbd9db66e022a6e98
3c3e5d8c32f6f45dbb3ed8b9c3f4316801babf0974b7b6e37cd5af2ee166dc9e
3d61fa2d4cde9dbd6d040032149702a10aa05b3bbba3ffb41278a9b5624decd2
3f8875020483ef8fe1d0b501d66200a3aeb332f57d08b96125b2ced006b6dcb4
423273f365a4ef4bcf2a6dc2cf8dbfbbb3e412ba8a376a9c1cbad6305d843930
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5424910e54b7c7e8384d736f8fb61fb5e1ce55aaf4ab3129a1d9700070c07014
56bde35460d8a3bf036fa1bd2b2b3cc6a1b8ac81bf90f553843f5e8e1658bcd5
5c857651800d110c54f1818789d510f76c913f3f8b943418f233de6fb415c005
5eaaaa67ea72770984e8ad90fb125252e3f9620978592576331b8f4be0b26dc0
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
60fa08698da9f2dff9f43547896a9550a2ecbaff38b91feacb53b38aaef98a23
63a0e3a81014bea430c20d54d899723a146674b1c96e55488160278a8fe34177
6901cf34e3c707146a945089251a0f810292f5a962aad49d13f231742de72480
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6a247cc4a7dfabf12ea2797a38fc01a2e762988d0ba7c8e6111a4f87f11733fa
730d75dcef3fd16c1339a7ec9026abb76c93217e7c8fa9c86669634207e1eb47
7bc755ee70d50640e707d482708a287541627f049420a6b867b82ecaf10fb6e0
7f21291184f0f7a9facc1e3eb5ca77d87a2adbd74df7969fc5db1dccbd7524a4
8094996baf13a2c1ac9f57b8a8b19df2e28c23fe3757867d6f062b0f4ac96f57
8896bc7a201b84a35d397d5f06a094b618d08c772c4a08bbd5b87c840dbcdb97
8916663b04a4147dcaea4fd690ee338011010d7d21f07391ad90562c0c9578d2
a3972f643b114c9c0def088ebd9288bca6ed8ee6d63a60176cbca0f414f38a59
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
a5c2494769b4c4b621a31ae4345c1024798ebe34c36496a42189aaf7464618c8
a838bc9def6e271007ae7034df70a1f4bee4fd63b3aaf0f05ddb49a623fce561
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
abdd95373bc3dd092931125357b66e9534ab9c8e4c48420819ff13ac1228b8a4
aece6748df5f2ab39527da33a027a62ffcfa56eefb9136d85cd8ad116af4132d
b02b98dfc280194af43e0dedead8ef1ba5d6ec1c9765113db0b9e9701ca60e70
cb24dec6846771026332110bd04574f7b4c65fc99018b9d6dd64bd61d8efe3f1
d37963a2d8144e8f69aa5bced83973386b7e0045217a00a9c76655810176e5f5
d9ef66f0ecf473a56461bf3436fda00870e9093777da6d64ff6e5e09868ac3f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615f63c3ef2524d14337ee438b67cb284a2695e47e738733cd20c31751edf5b
e9125431c1c2d7d6f872475386d063149e6ee668280fedfb76ad5fb052e158ef
f88717f71a283aeb9eae8d8867139f00e366f74f454cea510a3e60c4f255d97f
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
fe599fbcc517675f33712e128df756b0367fded42d40953518b67afd926ed1c0

0.rebrandingstoreblue.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

76 %HTTPS

0 %IPv6

6 Domains

9 Subdomains

7 IPs

3 Countries

840 kBTransfer

1939 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

0.rebrandingstoreblue.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

76 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

7
IPs

3
Countries

840 kB
Transfer

1939 kB
Size

6
Cookies

66 HTTP transactions
3 data transactions