Overview

URL bita4444.mihanblog.com/
IP5.144.133.146
ASNAS59441 Noavaran Shabakeh Sabz Mehregan
Location Iran, Islamic Republic of
Report completed2018-02-13 14:57:42 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-02-13 2 click.sabavision.com/get_camp.php?id=2152,2151,2150,2149 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.144.133.146

Date UQ / IDS / BL URL IP
2018-09-23 17:51:43 +0200
0 - 0 - 1 boxsml.mihanblog.com/ 5.144.133.146
2018-09-23 17:14:08 +0200
0 - 0 - 4 funmaxtv.mihanblog.com/post/archive/1392/8/page/5 5.144.133.146
2018-09-23 14:47:57 +0200
0 - 0 - 1 meraj-group.ir/post/740 5.144.133.146
2018-09-23 04:02:18 +0200
0 - 0 - 1 meraj-group.ir/post/334 5.144.133.146
2018-09-23 03:19:29 +0200
0 - 0 - 2 2new.ir/post/tag/%C3%A3%C6%92%C3%A2%C6%92%C3% (...) 5.144.133.146
2018-09-22 11:26:30 +0200
0 - 0 - 3 www.bia2hamester.mihanblog.com/ 5.144.133.146
2018-09-22 11:18:20 +0200
0 - 0 - 3 porbazdid.mihanblog.com/post/386 5.144.133.146
2018-09-22 05:22:44 +0200
0 - 4 - 1 jezlbzu.mihanblog.com/ 5.144.133.146
2018-09-22 05:10:10 +0200
0 - 0 - 1 boxsml.mihanblog.com/ 5.144.133.146
2018-09-22 01:12:11 +0200
0 - 0 - 2 100downloads.mihanblog.com/page/38 5.144.133.146

Last 10 reports on ASN: AS59441 Noavaran Shabakeh Sabz Mehregan

Date UQ / IDS / BL URL IP
2018-09-23 17:51:43 +0200
0 - 0 - 1 boxsml.mihanblog.com/ 5.144.133.146
2018-09-23 17:14:08 +0200
0 - 0 - 4 funmaxtv.mihanblog.com/post/archive/1392/8/page/5 5.144.133.146
2018-09-23 14:47:57 +0200
0 - 0 - 1 meraj-group.ir/post/740 5.144.133.146
2018-09-23 04:02:18 +0200
0 - 0 - 1 meraj-group.ir/post/334 5.144.133.146
2018-09-23 03:19:29 +0200
0 - 0 - 2 2new.ir/post/tag/%C3%A3%C6%92%C3%A2%C6%92%C3% (...) 5.144.133.146
2018-09-22 11:26:30 +0200
0 - 0 - 3 www.bia2hamester.mihanblog.com/ 5.144.133.146
2018-09-22 11:18:20 +0200
0 - 0 - 3 porbazdid.mihanblog.com/post/386 5.144.133.146
2018-09-22 05:22:44 +0200
0 - 4 - 1 jezlbzu.mihanblog.com/ 5.144.133.146
2018-09-22 05:10:10 +0200
0 - 0 - 1 boxsml.mihanblog.com/ 5.144.133.146
2018-09-22 01:12:11 +0200
0 - 0 - 2 100downloads.mihanblog.com/page/38 5.144.133.146

No other reports on domain: mihanblog.com



JavaScript

Executed Scripts (39)


Executed Evals (2)

#1 JavaScript::Eval (size: 3204, repeated: 1) - SHA256: 14eea6a9677643a672ad6b4bee9ead62e876283dc8f7b992c938de8d22ec71de

                                        function showMihanBlogSmileBox(textarea_id) {
    if (document.getElementById('MihanBlogSmiles_' + textarea_id).style.display == 'inline') {
        document.getElementById('MihanBlogSmiles_' + textarea_id).style.display = 'none'
    } else {
        document.getElementById('MihanBlogSmiles_' + textarea_id).style.display = 'inline'
    }
}

function MihanBlogShowSmile(value, textarea_id) {
    if (value.length > 10) {
        return
    }
    var bodyString = document.getElementById(textarea_id).value;
    document.getElementById(textarea_id).tempValue = bodyString.substring(0, mihanBlog_commentBody_cursorPos) + '[' + value + ']' + bodyString.substring(mihanBlog_commentBody_cursorPos);
    document.getElementById(textarea_id).value = document.getElementById(textarea_id).tempValue;
    showMihanBlogSmileBox(textarea_id)
}

function Set_Cookie(name, value, expires, path, domain, secure) {
    var today = new Date();
    today.setTime(today.getTime());
    if (expires) {
        expires = expires * 1000 * 60 * 60 * 24 * 30
    }
    var expires_date = new Date(today.getTime() + (expires));
    document.cookie = name + "=" + escape(value) + ((expires) ? ";expires=" + expires_date.toGMTString() : "") + ((path) ? ";path=" + path : "") + ((domain) ? ";domain=" + domain : "") + ((secure) ? ";secure" : "")
}

function Get_Cookie(check_name) {
    var a_all_cookies = document.cookie.split(';');
    var a_temp_cookie = '';
    var cookie_name = '';
    var cookie_value = '';
    var b_cookie_found = false;
    for (i = 0; i < a_all_cookies.length; i++) {
        a_temp_cookie = a_all_cookies[i].split('=');
        cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
        if (cookie_name == check_name) {
            b_cookie_found = true;
            if (a_temp_cookie.length > 1) {
                cookie_value = unescape(a_temp_cookie[1].replace(/^\s+|\s+$/g, ''))
            }
            return cookie_value;
            break
        }
        a_temp_cookie = null;
        cookie_name = ''
    }
    if (!b_cookie_found) {
        return null
    }
}

function Delete_Cookie(name, path, domain) {
    if (Get_Cookie(name)) document.cookie = name + "=" + ((path) ? ";path=" + path : "") + ((domain) ? ";domain=" + domain : "") + ";expires=Thu, 01-Jan-1970 00:00:01 GMT"
}

function c_textBox_blockSpam(id) {
    el = document.getElementById(id);
    var focusFunc = el.onfocus;
    var blurFunc = el.onblur;
    var onkeydownFunc = el.onkeydown;
    var onkeyupFunc = el.onkeyup;
    el.onfocus = function(el) {
        c_textBox_focusEl(this, focusFunc)
    };
    el.onblur = function(el) {
        c_textBox_restoreData(this, true, blurFunc)
    };
    el.onkeydown = function(event, el) {
        return c_textBox_noCopyKey(event, this, onkeydownFunc)
    };
    el.onkeyup = function(el) {
        c_textBox_saveData(this, onkeyupFunc)
    };
    el.oncontextmenu = function(el) {
        return false
    };
    el.value = '';
    el.tempValue = '';
    el.focusNum = 0;
    el.blurNum = 0;
    el.focus();
    setTimeout(function() {
        el.blur()
    }, 200)
}

function c_textBox_noCopyKey(e, el, otherFunc) {
    if (otherFunc) {
        otherFunc()
    }
    var key;
    var isCtrl;
    if (window.event) {
        key = window.event.keyCode;
        isCtrl = window.event.ctrlKey;
        isShift = window.event.shiftKey
    } else {
        key = e.which;
        isCtrl = e.ctrlKey;
        isShift = e.shiftKey
    }
    if ((isCtrl && key == 86) || (isShift && key == 45)) {
        return false
    }
    return true
}

function c_textBox_saveData(el, otherFunc) {
    if (otherFunc) {
        otherFunc()
    }
    el.tempValue = el.value
}

function c_textBox_focusEl(el, otherFunc) {
    if (otherFunc && el.focusNum) {
        otherFunc()
    }
    el.focusNum = 1;
    el.focusVar = true;
    setTimeout(function() {
        el.value = el.tempValue
    }, 200)
}

function c_textBox_restoreData(el, type, otherFunc) {
    if (type) {
        if (otherFunc && el.blurNum) {
            otherFunc()
        }
        el.blurNum = 1;
        el.focusVar = false
    }
    if (!el.focusVar) {
        el.value = el.tempValue;
        setTimeout(function() {
            c_textBox_restoreData(el, false, otherFunc)
        }, 200)
    }
}
                                    

#2 JavaScript::Eval (size: 1430, repeated: 1) - SHA256: c3a80419ab1a11ea2e230f2c09fa63da16c2b8f27bff6802d80b43c179840e5b

                                        var sabavisionisMobile = navigator.userAgent.match(/(iPhone|iPod|iPad|Android|BlackBerry|Mobile)/);
var touch = function() {
    try {
        document.createEvent("TouchEvent");
        return true
    } catch (e) {
        return false
    }
};
var orientationChange = (('onorientationchange' in window)),
    touchEvents = ('ontouchstart' in window) || (window.DocumentTouch && document instanceof DocumentTouch) || touch();
var sabavisioniSmobileFlag = (Math.floor((Math.random() * 100) + 1)) * 2;
if (sabavisionisMobile || orientationChange || touchEvents) {
    sabavisioniSmobileFlag += 1
}

function createCookie(name, value, hours) {
    if (hours) {
        var date = new Date();
        date.setTime(date.getTime() + (hours * 60 * 60 * 1000));
        var expires = "; expires=" + date.toGMTString()
    } else var expires = "";
    document.cookie = name + "=" + value + expires + "; path=/"
}

function readCookie(name) {
    var nameEQ = name + "=";
    var ca = document.cookie.split(';');
    for (var i = 0; i < ca.length; i++) {
        var c = ca[i];
        while (c.charAt(0) == ' ') c = c.substring(1, c.length);
        if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length)
    }
    return null
}

function makeGetVar(param, val) {
    if (val) {
        url += "&" + param + "=" + val
    }
};

function encodeuri(b) {
    if (typeof encodeURIComponent == "function") {
        return encodeURIComponent(b)
    } else {
        return escape(b)
    }
};
var varloc = '';
if (((window.location.host).indexOf("sabavision.com")) > 0 || ((window.location.host).indexOf("akairan.com")) > 0) {
    varloc = encodeuri(document.location).split('%23')[0]
} else {
    try {
        varloc = encodeuri(window.parent.location.href).split('%23')[0]
    } catch (e) {
        varloc = ''
    }
};
                                    

Executed Writes (20)

#1 JavaScript::Write (size: 17, repeated: 1) - SHA256: 81c2289505775dd1532abcddc4d7f44a1997e713fdcfdaf6961ba700303a28df

                                        /H4F(G 2 "01 1394
                                    

#2 JavaScript::Write (size: 1, repeated: 1) - SHA256: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

                                        0
                                    

#3 JavaScript::Write (size: 1, repeated: 1) - SHA256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

                                        1
                                    

#4 JavaScript::Write (size: 2, repeated: 2) - SHA256: 4fc82b26aecb47d2868c4efbe3581732a3e7cbcc6c2efb32062c08170a05eeb8

                                        11
                                    

#5 JavaScript::Write (size: 3, repeated: 1) - SHA256: 5d389f5e2e34c6b0bad96581c22cee0be36dcf627cd73af4d4cccacd9ef40cc3

                                        134
                                    

#6 JavaScript::Write (size: 3, repeated: 1) - SHA256: bfa7634640c53da7cb5e9c39031128c4e583399f936896f27f999f1d58d7b37e

                                        182
                                    

#7 JavaScript::Write (size: 2, repeated: 1) - SHA256: 9400f1b21cb527d7fa3d3eabba93557a18ebe7a2ca4e471cfe5e4c5b4ca7f767

                                        19
                                    

#8 JavaScript::Write (size: 2, repeated: 3) - SHA256: 535fa30d7e25dd8a49f1536779734ec8286108d115da5045d77f3b4185d8f790

                                        23
                                    

#9 JavaScript::Write (size: 2, repeated: 1) - SHA256: 670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf

                                        27
                                    

#10 JavaScript::Write (size: 5, repeated: 1) - SHA256: 43a3999cca5ec6542030949fbb94d392de7dedd3fdd8e89d713dd0267aebe9d3

                                        29922
                                    

#11 JavaScript::Write (size: 2, repeated: 1) - SHA256: 9f14025af0065b30e47e23ebb3b491d39ae8ed17d33739e5ff3827ffb3634953

                                        35
                                    

#12 JavaScript::Write (size: 28, repeated: 1) - SHA256: 71a5be263d9da8b3e37176bb0c328c8bf555c0475ffd9e4329e2b038a5026c13

                                        3 G 4 F(G 24(GEF 1396(05: 31)
                                    

#13 JavaScript::Write (size: 1, repeated: 1) - SHA256: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

                                        4
                                    

#14 JavaScript::Write (size: 2, repeated: 1) - SHA256: 44cb730c420480a0477b505ae68af508fb90f96cf0ec54c6ad16949dd427f13a

                                        43
                                    

#15 JavaScript::Write (size: 1, repeated: 1) - SHA256: ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

                                        5
                                    

#16 JavaScript::Write (size: 2, repeated: 1) - SHA256: 3e1e967e9b793e908f8eae83c74dba9bcccce6a5535b4b462bd9994537bfe15c

                                        59
                                    

#17 JavaScript::Write (size: 1, repeated: 1) - SHA256: 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

                                        8
                                    

#18 JavaScript::Write (size: 67, repeated: 1) - SHA256: be1924ebe624aa65442f1652d29bf90d1b29469b06a9e2c5b3fde4e051f16144

                                        < div style = "width:0px; height:0px;"
id = "sabavisionbody55769" > < /div>
                                    

#19 JavaScript::Write (size: 67, repeated: 1) - SHA256: a2e0e55790a8cf930656f01f2fd10150b0de25506375112a367cc591ca338a8e

                                        < div style = "width:0px; height:0px;"
id = "sabavisionbody88969" > < /div>
                                    

#20 JavaScript::Write (size: 825, repeated: 1) - SHA256: 2d54c1b91b953856c9de67b2411ef160943b5d450e6d2af5877d4e4bcd24dacb

                                        < iframe frameborder = "0"
allowfullscreen name = "clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965"
id = "clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965"
width = "120"
height = "240"
frameborder = 0 src = "http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowFullScreen = "true"
webkitallowfullscreen = "true"
mozallowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (44)


Request Response
                                        
                                            GET //public/scripts/run/g.other.v3.js HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Content-Length: 2370
Last-Modified: Sun, 22 Sep 2013 12:09:51 GMT
Etag: "523ede0f-942"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   2370
Md5:    4cc5f2c75356a8ada1b14b226b723f63
Sha1:   7ec249fb587ed5870525464d8ad8942b9373698c
Sha256: 9c7e6c2ebd2ac2b10978a8627e31d1cd287aa43f19e5a8233b018103dad507d2
                                        
                                            GET //public/images/publish/advert_close.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Content-Length: 281
Last-Modified: Wed, 27 Apr 2011 10:52:17 GMT
Etag: "4db7f561-119"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 8 x 8
Size:   281
Md5:    6db25f1545b6179dd2892b5463fdbacd
Sha1:   c9c25c12188352960803c3fe2da938fadef9e46a
Sha256: 841a15c57af7f10aa34f4c309392f2d902218d4a9031c44d3a4c63af7389e05d
                                        
                                            GET / HTTP/1.1 
Host: bita4444.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:39 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, must-revalidate
Set-Cookie: bita4444_ads_cnt=1; expires=Wed, 14-Feb-2018 14:03:39 GMT; Max-Age=86400 mib_lb_id=m0; path=/; domain=.mihanblog.com
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Toofun/1.0.1


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   25803
Md5:    b363ab009c523122b55055f377945589
Sha1:   6d64c930dd4623bc0a8582ea96d56ad807b1343f
Sha256: a1b35a861660ff84ccedc8e4e772260976d91576a6f4427608fe8e81e23366e7
                                        
                                            GET /showads.php?posid=229 HTTP/1.1 
Host: mihan.ads.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Server: nginx
X-Upstream-CT: 0.099
X-Upstream-HT: 0.201
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  HTML document text
Size:   3190
Md5:    a09f0e2e8a8cc8498a83d1338be10ff8
Sha1:   f0f132991186865563499b149f4845ef2d203891
Sha256: 1ed1c2983df0805493bc149f12d71c4664d8f7accc906945ee5545364b836647
                                        
                                            GET //public/images/template_packages/12/body_background.png HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Content-Length: 148
Last-Modified: Wed, 27 Apr 2011 10:52:23 GMT
Etag: "4db7f567-94"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 5, 8-bit/color RGBA, non-interlaced
Size:   148
Md5:    e04e4b90d5e98a16280147ea8c21aed8
Sha1:   51d5721e53ebc05b393773f8b574bf3468a820c7
Sha256: f9fe7a53110a3d8caab799fd02b07dcdbb54e0ec6232748c8cc20578981694fc
                                        
                                            GET /showads.php?posid=42 HTTP/1.1 
Host: mihan.ads.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Server: nginx
X-Upstream-CT: 0.210
X-Upstream-HT: 0.450
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  HTML document text
Size:   2886
Md5:    94b568e496ec44c8731e383d1140db95
Sha1:   d45ccf75283cc25e39c108ae39bca284510f40f1
Sha256: 00ac2325cecb5c8bf506d06a66b7fc6439c3fc71eb030b0d14f88b1757a9e00f
                                        
                                            GET /wp-content/uploads/2014/10/tanhaei-4-2.jpg HTTP/1.1 
Host: rouzegar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         199.167.138.19
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Expires: Tue, 20 Feb 2018 14:03:39 GMT
Etag: "6135-58e96228-9d19bc5628c86b63;;;"
Last-Modified: Sat, 08 Apr 2017 22:20:24 GMT
Content-Length: 24885
Date: Tue, 13 Feb 2018 14:03:39 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   24885
Md5:    423853c32493a4f337469ec1a1a08ac1
Sha1:   f9c4d491994eb442ec90fc3ff5ea1874047d0caa
Sha256: d8f9cf2e0d1b9c91404c920367ecfd429873d4ef30a9083d6e41724be5d1815f
                                        
                                            GET //public/user_data/user_template/1135/3403120_photo_top.jpg HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 13 Feb 2018 14:03:40 GMT
Content-Length: 7980
Last-Modified: Mon, 17 Aug 2015 23:21:00 GMT
Etag: "55d26c5c-1f2c"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   7980
Md5:    e33e0f9c4c228c75225c371aff31c819
Sha1:   f1492d5de25f4f90816b91f8842ba8b42fa2df88
Sha256: 5f411a96a136c1d2806018ba63e00bb7232b4e8a27daa1350696fc792c3418c6
                                        
                                            GET /images/58186726242052962253.jpg HTTP/1.1 
Host: upload7.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         5.9.39.105
HTTP/1.0 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Server: Apache/2
X-Powered-By: PHP/5.5.38
Set-Cookie: filehosting=kpqc9b8bi9mh0frtdlr4dt99l5; expires=Wed, 14-Feb-2018 14:03:41 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: User-Agent
Content-Length: 0
Connection: close


--- Additional Info ---
                                        
                                            GET /codes/icon/girl/2/9.jpg HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 12899
Last-Modified: Thu, 19 Feb 2015 23:11:30 GMT
Connection: keep-alive
Etag: "54e66da2-3263"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   12899
Md5:    6eef0aace44150ba2ad7a96e2b604d95
Sha1:   51b7982586761a9422931189e3f62cfb7195e94d
Sha256: 4e05610c0d9c437e7bb33ec5fa071de5017e86e48509e24b8d8bea0fd508199f
                                        
                                            GET /codes/icon/girl/2/34.jpg HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 26951
Last-Modified: Thu, 19 Feb 2015 23:11:30 GMT
Connection: keep-alive
Etag: "54e66da2-6947"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   26951
Md5:    4d1aa56da924a5fe17e8330ec5215e3a
Sha1:   d57ad076794f2defd207c55d4d45e9829ab72d36
Sha256: 021d931cad991149e4a4690f273a93a95e5d87edfc151982ef1331f5f6e6bc72
                                        
                                            GET /stars/ashley_tisdale/avatars/avatarki_youloveit_ru_ashley_tisdale_24.png HTTP/1.1 
Host: avatarki.youloveit.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         88.99.218.133
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 169
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    ca8bba226fc38384d4e889ff1e5f0b02
Sha1:   8dc2ae5a396686aba485bec7815e8fc8a6e12be5
Sha256: 6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914
                                        
                                            GET /style/emo/avatars/avatarki_youloveit_ru_emo_21.gif HTTP/1.1 
Host: avatarki.youloveit.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         88.99.218.133
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 169
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   169
Md5:    ca8bba226fc38384d4e889ff1e5f0b02
Sha1:   8dc2ae5a396686aba485bec7815e8fc8a6e12be5
Sha256: 6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914
                                        
                                            GET /codes/icon/girl/2/38.jpg HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 23008
Last-Modified: Thu, 19 Feb 2015 23:11:30 GMT
Connection: keep-alive
Etag: "54e66da2-59e0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   23008
Md5:    c6f96994f4890b8a9579294b536ee5fa
Sha1:   48019d41bff8b010c9e9fe61beacdb84a2e42616
Sha256: 5a82c92a3efc12bb2c9eb784a7068685ce51b5785887e45308f4b3c57a96aa1c
                                        
                                            GET /codes/icon/girl/47.png HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 21176
Last-Modified: Wed, 15 May 2013 13:13:38 GMT
Connection: keep-alive
Etag: "51938a02-52b8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 100 x 100, 8-bit/color RGB, non-interlaced
Size:   21176
Md5:    88c5f1e7d1c1cdc429f8551174a5e099
Sha1:   a593970d74c2403d230e6a31b0a46e7e56c27460
Sha256: c913c17d7c281dcce1dee4429c0e6a2edb0b8da750d7e2f645f1c54e4f61dd99
                                        
                                            GET /codes/icon/girl/92.png HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 18048
Last-Modified: Wed, 15 May 2013 13:56:38 GMT
Connection: keep-alive
Etag: "51939416-4680"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 100 x 100, 8-bit/color RGBA, non-interlaced
Size:   18048
Md5:    0741aad206c2aa19edcb342112b1f92d
Sha1:   6f0bead0c41adcf326da4e03ca6bd3be2e03d86b
Sha256: cea334cf7a6a98e2629c911b92c52b6be9799fdfda305f3789f0fac8f771e6c7
                                        
                                            GET /codes/icon/girl/2/40.jpg HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 30303
Last-Modified: Thu, 19 Feb 2015 23:11:30 GMT
Connection: keep-alive
Etag: "54e66da2-765f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   30303
Md5:    56b4d04cc8fc5e11c049e9f20f2f5ee8
Sha1:   b1497dabc35e96805753c31ecf3eff37afc7edee
Sha256: dcd829d48b39eebeb78af1cb0e0e3e793e00d71ca949dfec6f6d7547994fc699
                                        
                                            GET //public/images/empty.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 43
Last-Modified: Wed, 27 Apr 2011 10:52:25 GMT
Etag: "4db7f569-2b"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET //public/images/icon/rss.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 695
Last-Modified: Wed, 27 Apr 2011 10:52:18 GMT
Etag: "4db7f562-2b7"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 20 x 20
Size:   695
Md5:    90a2e6b37554f15093a66f2328d2ae56
Sha1:   063e23738dd6a859a0a3454bfece294c2b6b768a
Sha256: 86b16c5a128b61c562b8b753a50934e8f4337fa55d303181435781b6c48d239a
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4bb2e4074fe5f9f8d715e5888d0b4188
Sha1:   8d020c92f7f3278b86d901ebef396c31d5e39d51
Sha256: cc9e9c93a83b6c3b89cfb24126cc32cfb0876f7705046b642039176859c160e0
                                        
                                            GET /codes/icon/girl/2/21.jpg HTTP/1.1 
Host: nightnama.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         164.132.66.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 32836
Last-Modified: Thu, 19 Feb 2015 23:11:30 GMT
Connection: keep-alive
Etag: "54e66da2-8044"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   32836
Md5:    f8dfb20c3312c1ffaaa85d5e0c82249a
Sha1:   51e408fd86d23da05c7cfd3f7c14aacd7204aacf
Sha256: d1e2b21e8ea48e8a7b27209e6cc1d96454ef1934ea50ba1c5e555e9321432760
                                        
                                            GET /wp-content/uploads/2014/10/a-a-d-13t-4.jpg HTTP/1.1 
Host: rouzegar.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         199.167.138.19
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Expires: Tue, 20 Feb 2018 14:03:40 GMT
Etag: "b123-58e962f6-2a0576f902b76f10;;;"
Last-Modified: Sat, 08 Apr 2017 22:23:50 GMT
Content-Length: 45347
Date: Tue, 13 Feb 2018 14:03:40 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   45347
Md5:    41b2b7d126ee962fa57b24d61dec4834
Sha1:   0227cb12b24718d6ac61e4c19f0cbe38ffdad6fc
Sha256: b0b48b8953a9b1927fbf44ff543711f16c293e0a648b4a925f14d4d72933ce37
                                        
                                            GET /public/public/user_data/advert_banner/5/14254.gif?url=http://mihan.ads.sabavision.com/advert/program/visit/onlineid/302 HTTP/1.1 
Host: www.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=229
Cookie: sv_lb_id=m0

                                         
                                         185.147.178.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 3996
Last-Modified: Wed, 09 Nov 2016 13:38:24 GMT
Etag: "582326d0-f9c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Set-Cookie: sv_lb_id=m0; path=/; domain=.sabavision.com
Cache-Control: max-age=2592000
Server: nginx
Expires: Thu, 15 Mar 2018 14:03:41 GMT
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 40
Size:   3996
Md5:    5bd0fa3b9645391733f54e0303b75ad7
Sha1:   8375bb855ad12b79afdc8965a9fc7251e8d4ebf4
Sha256: 7affe6e89a29c94b2b0a0f7f2729ad8549abbd2217914a7c637bdaf1e6929f7a
                                        
                                            GET //public/images/icon/atom.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 722
Last-Modified: Wed, 27 Apr 2011 10:52:17 GMT
Etag: "4db7f561-2d2"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 20 x 20
Size:   722
Md5:    e1dc3803b13c6783cf1184c5d969442d
Sha1:   3bd04b87bda5ffaafdb58cea0f60c751bca5aed8
Sha256: e44436d8ce3690569f3e4ccf3e22ea894869f0bf1eef8c2c606880ba1c883175
                                        
                                            GET //public/user_data/user_photo/470/1409980.jpg HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Content-Length: 3340
Last-Modified: Sat, 15 Aug 2015 15:59:45 GMT
Etag: "55cf61f1-d0c"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   3340
Md5:    a538f9d3e641518541bb8415f8846471
Sha1:   c319d80540828a93eb1b1b85f55031ecc2f49ec0
Sha256: db586ead420052d6422ac701f36319f1bf4f8e1908820c3dc8ad76c1e9471e46
                                        
                                            GET /wp-content/uploads/2014/02/sad-love-Amazing-ir-1.gif HTTP/1.1 
Host: www.amazing.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         185.49.85.149
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=604800
Expires: Tue, 20 Feb 2018 14:03:41 GMT
Etag: "3c6d-53083da8-68d40636935fb8c9;;;"
Last-Modified: Sat, 22 Feb 2014 06:03:20 GMT
Content-Length: 15469
Date: Tue, 13 Feb 2018 14:03:41 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 87a, 300 x 163
Size:   15469
Md5:    8eabfb95ee04a3fb10a0e15469f67239
Sha1:   71d016d9efb62a9b8559a5157ebad94031a648b5
Sha256: 79572859ab437c894af2a36351ac112c6c5d81f1a6aa5aa5d2b3af5a5bca49d2
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=546989, public, no-transform, must-revalidate
Last-Modified: Mon, 12 Feb 2018 21:56:01 GMT
Expires: Mon, 19 Feb 2018 21:56:01 GMT
Date: Tue, 13 Feb 2018 14:03:41 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    dab664d03e303a7b1deba30189c57d23
Sha1:   1a87b2335fc304a7783b6f7ffdb5ff97367d30de
Sha256: a420898c491aa5011be91b1f128d5401a72f65f88f6db5db605abde5677fb03d
                                        
                                            GET /images?q=tbn:ANd9GcQejzl3eRNW6bFjz_SX7Cv7_443LEggeVDKcvLxDSWPz1ehH9IL HTTP/1.1 
Host: encrypted-tbn0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 4720
Date: Tue, 13 Feb 2018 14:03:41 GMT
Expires: Wed, 13 Feb 2019 14:03:41 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 01 Jan 2016 16:13:45 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   4720
Md5:    b79fe9f96db088fbe47c8d584344382f
Sha1:   f90a2a7bdcac07b193f6d63f5302f18b39c04500
Sha256: e47301e4c35411747e5ab7de193943e2ddb2d23adea0efe77d18aad8054de3ce
                                        
                                            GET /get_camp.php?id=2152,2151,2150,2149 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: sv_lb_id=m0

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:41 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Set-Cookie: cl_lb_id=m2; path=/; domain=.click.sabavision.com
Server: nginx
X-Upstream-CT: 0.100
X-Upstream-HT: 0.209
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4930
Md5:    1a2d173833692acb1c711f40d103a9f4
Sha1:   bbe91a3a885228a532da25708f73793faab6d3b1
Sha256: b694f053010eb4b84a755ad3e4c036318cd7dbb5ee0562432c7e4c9b166f26a0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2014/09/Sad-love-Photos-Amazing-ir-15.jpg HTTP/1.1 
Host: www.amazing.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         185.49.85.149
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Expires: Tue, 20 Feb 2018 14:03:41 GMT
Etag: "9bea-541c3996-3e2dbee696afcd82;;;"
Last-Modified: Fri, 19 Sep 2014 14:11:34 GMT
Content-Length: 39914
Date: Tue, 13 Feb 2018 14:03:41 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.00, comment: "LEAD Technologies Inc. V1.01"
Size:   39914
Md5:    fab97d3f193be38573d012845a07f9b3
Sha1:   f4688db98b50e74aaba8bf65cb80d7b4aadf4657
Sha256: 71909d61cd159316c09e42406bba943aab209b4eb8a095885c97e609deab4684
                                        
                                            GET //showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: sv_lb_id=m0; cl_lb_id=m2

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:42 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: cs_all=%2C27022; expires=Tue, 13-Feb-2018 20:29:00 GMT; Max-Age=23118
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Upstream-CT: 0.100
X-Upstream-HT: 0.211
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5919
Md5:    7194faaf86e5c2b3a204bce5aa410aa1
Sha1:   5e07393e6744b578c9aab41a7e7778076f0b5e43
Sha256: e741399e006940461e19280ed762484448b950e737e85d8573a8c9471f027713
                                        
                                            GET //showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192 HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mihan.ads.sabavision.com/showads.php?posid=42
Cookie: cs_all=%2C27022; sv_lb_id=m0; cl_lb_id=m2

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 13 Feb 2018 14:03:42 GMT
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: cs_all=%2C27022%2C26971; expires=Tue, 13-Feb-2018 20:29:00 GMT; Max-Age=23118
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Upstream-CT: 0.206
X-Upstream-HT: 0.421
X-Cache: O-BYPASS
X-Upstream: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5922
Md5:    beb025d0db2d48e45d1f5972a0d3b6b1
Sha1:   14327b94fe0c97bf6cff3b7a239b71a53db8c4ad
Sha256: b68f39e5dcd3147a59eb311b0a3ef887314a53ce1fc53bc5351025489f80bd05
                                        
                                            GET /public//public/user_data/user_banner/18/53482.gif HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192
Cookie: sv_lb_id=m0; cl_lb_id=m2

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:42 GMT
Content-Length: 18422
Last-Modified: Sat, 10 Feb 2018 08:29:16 GMT
Etag: "5a7ead5c-47f6"
Expires: Thu, 15 Mar 2018 14:03:42 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Options: nosniff
Server: nginx
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 240
Size:   18422
Md5:    0191122cb1e657cac9dfee48e430f367
Sha1:   936d68617f687c682a747aeec48a08a8581dc80c
Sha256: b0c257623c2ac13cfea93f273d1801e421d90d18a99cd9a29411766944cf42d1
                                        
                                            GET /public//public/images/banner_saba_logo_small.png HTTP/1.1 
Host: click.sabavision.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192
Cookie: sv_lb_id=m0; cl_lb_id=m2

                                         
                                         185.147.178.25
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 14:03:42 GMT
Content-Length: 1281
Last-Modified: Tue, 08 Mar 2016 15:25:49 GMT
Etag: "56deeefd-501"
Expires: Thu, 15 Mar 2018 14:03:42 GMT
Cache-Control: max-age=2592000
Server: nginx
X-Cache: O-HIT
X-Upstream: 0
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 13 x 11, 8-bit/color RGBA, non-interlaced
Size:   1281
Md5:    226971addd095ba581944ec05af2140b
Sha1:   b87e85064cb3b8e14d7627774b7500aa19f296f9
Sha256: 9d47a0fe7fba29bb3e6de700dc91961402b249be3e52c2c9145d621e68627bab
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 13:15:47 GMT
Expires: Tue, 13 Feb 2018 15:15:47 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17172
Age: 2876
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17172
Md5:    43adefe535269f3b75e0f229d0dba4d6
Sha1:   5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a
Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
                                        
                                            GET /r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1309425925&utmhn=bita4444.mihanblog.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=%E2%99%94%D8%A8%20%D9%85%D8%AB%D9%84%20%D8%A8%DB%8C%D8%AA%D8%A7%E2%99%94&utmhid=260983080&utmr=-&utmp=%2F&utmht=1518530623801&utmac=UA-153829-9&utmcc=__utma%3D1743266.1897324612.1518530624.1518530624.1518530624.1%3B%2B__utmz%3D1743266.1518530624.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1356736777&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         172.217.21.142
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-9&cid=1897324612.1518530624&jid=1356736777&_v=5.7.1&z=1309425925
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2018 14:03:43 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 369


--- Additional Info ---
Magic:  HTML document text
Size:   369
Md5:    876309dd64ef4677ddbd2e1ec5a2638f
Sha1:   8cf92ddb9a7004434aefd769a41260b10bbaa007
Sha256: 65953b47df4c1a700ce82678cc44b5018dd4e8480094c158006b04763d0da6a6
                                        
                                            GET //public/images/logo/poweredby.gif HTTP/1.1 
Host: static.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/
Cookie: mib_lb_id=m0

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 13 Feb 2018 14:03:43 GMT
Content-Length: 2774
Last-Modified: Wed, 27 Apr 2011 10:52:18 GMT
Etag: "4db7f562-ad6"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 86 x 131
Size:   2774
Md5:    56be1d96db75b04af21b12ad37885f2f
Sha1:   c00b3198b30f696010783f72b5953f516138d5d4
Sha256: e54578c8be717ff994e5d0206c426ff8e2da5ca68493c9d4184ed9317b3c6b9a
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 14:03:43 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6ea90b04815236e9005a97e76148e394
Sha1:   256637485a6d2ab91f66dfc94598aafaa31250c0
Sha256: 98fe9ca5bbe415d51e7c4c01f2ccbfd26909479017bb040d52309743c3eb0dba
                                        
                                            GET /MusicMa_Ir_Player.swf HTTP/1.1 
Host: dl.musicma.ir
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         138.201.147.18
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Last-Modified: Tue, 27 Dec 2016 10:29:57 GMT
Accept-Ranges: bytes
Etag: "529f72b2c60d21:0"
Server: Microsoft-IIS/8.5
Date: Tue, 13 Feb 2018 14:03:42 GMT
Content-Length: 9236


--- Additional Info ---
Magic:  Macromedia Flash data (compressed), version 8
Size:   9236
Md5:    5aba9281ae9ffd56803914adabf1e8e6
Sha1:   853d77e3b303de69362a40d2b9b56ce4f3d154b2
Sha256: 3721cd56784c83add4baafbd30d2532c4db88acdca456c6a3c8f174fac674320
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 14:03:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            POST / HTTP/1.1 
Host: gt.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1456
Content-Transfer-Encoding: binary
Cache-Control: max-age=306326, public, no-transform, must-revalidate
Last-Modified: Sat, 10 Feb 2018 03:05:20 GMT
Expires: Sat, 17 Feb 2018 03:05:20 GMT
Date: Tue, 13 Feb 2018 14:03:44 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1456
Md5:    e96caca255bbd7e5f009ead61a096be3
Sha1:   f626530c466f69d7b5f8cf07a493793ccf0dcfac
Sha256: 7c0ffe34a9bb3acf711e7e4437e06b30b4f9adad3b1e8ae33665e444b8200537
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-9&cid=1897324612.1518530624&jid=1356736777&_v=5.7.1&z=1309425925 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bita4444.mihanblog.com/

                                         
                                         64.233.162.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Tue, 13 Feb 2018 14:03:44 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bita4444.mihanblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: bita4444_ads_cnt=1; mib_lb_id=m0; __utma=1743266.1897324612.1518530624.1518530624.1518530624.1; __utmb=1743266.1.10.1518530624; __utmc=1743266; __utmz=1743266.1518530624.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         5.144.133.146
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 13 Feb 2018 14:03:44 GMT
Content-Length: 1150
Last-Modified: Tue, 10 Apr 2012 06:35:23 GMT
Etag: "4f83d4ab-47e"
Server: Toofun/1.0.1
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    1d7ec18d59c62859ca9c7c6645940786
Sha1:   811c1bc7cb794216bcc6eec9013d874c02fb7807
Sha256: 787dc32a02dbf7dc4dfcb00c2ac15b3912f5a176b4ddcc60c813226a759fb3a2
                                        
                                            GET /?7g_buyer=59db1b69237a06000a7ff3c5&7g_referrer=http://bita4444.mihanblog.com/ HTTP/1.1 
Host: pixel.7grid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://click.sabavision.com//showcamp.php?w=120&h=240&posdata[1]=2152-a--1066&posdata[2]=2151-b--1066&posdata[3]=2150-b--1066&posdata[4]=2149-c--1066&postype=other&t=1518530683&ct=7e8a3ab1ea33cfe154b63571781af38432f93e64&extra_click_url=&loc=http%3A%2F%2Fmihan.ads.sabavision.com%2Fshowads.php%3Fposid%3D42&ref=http%3A%2F%2Fbita4444.mihanblog.com%2F&bannerid=clicknet_vars_frame46561481954e-1a48-b256-382e-90fb04733965&vt=192

                                         
                                         185.147.176.83
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 13 Feb 2018 14:03:45 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: 7g=bedea0c8-325d-4138-b634-1bcaa4fe6dc7; Path=/
Strict-Transport-Security: max-age=15768000


--- Additional Info ---