www.spiderman4.r98.ir/cat/72/taknet98ir.html
79.127.127.68301 Moved Permanently 707 B URL HTTP/1.1 www.spiderman4.r98.ir/cat/72/taknet98ir.html
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html HTTP/1.1
Host: www.spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 09:00:15 GMT
server: LiteSpeed
location: http://spiderman4.r98.ir/cat/72/taknet98ir.html
strict-transport-security: max-age=0;
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13027
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:00:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2781
Cache-Control: max-age=94637
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:15 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:17:32 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4559
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:00:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2471
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 989
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:00:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
spiderman4.r98.ir/cat/72/taknet98ir.html
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; path=/
sdf444ddddddddds=1; expires=Sat, 26-Nov-2022 09:00:15 GMT; Max-Age=86400; path=/
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:15 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 09:00:16 GMT
date: Fri, 25 Nov 2022 09:00:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 08:11:11 GMT
cache-control: public,max-age=3600
age: 2945
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
spiderman4.r98.ir/theme/rozblog_v5/assets/css/bootstrap.css
79.127.127.68200 OK 28 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/css/bootstrap.css
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (540)
Hash 27f45b2e4c080a601963b593d8b4a46e
c42c7e6cedd63cc68b035aba506fabff96659647
9baf39b27f7199e3eaba5ad9fb7d5c030fb50022d0f2b897fd8bb773704805aa
GET /theme/rozblog_v5/assets/css/bootstrap.css HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 25 Dec 2022 09:00:16 GMT
content-type: text/css
last-modified: Sat, 22 Jan 2022 15:15:57 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 27466
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/theme/panel_v5/assets/vendors/popper.js/dist/umd/popper.min.js
79.127.127.68200 OK 7.4 kB URL HTTP/1.1 spiderman4.r98.ir/theme/panel_v5/assets/vendors/popper.js/dist/umd/popper.min.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (19015)
Hash 02472c6de271c7bdd689acb2a1544fe3
e2723c45ad29355d4f2f2d88922029c741f4c3d4
a0d9a01f3524566e5662271caaf4e5062aacae2cb59f9ba9bfd82c3f9d8467de
Analyzer Verdict Alert fortinet Malware
GET /theme/panel_v5/assets/vendors/popper.js/dist/umd/popper.min.js HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 02:54:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7425
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/theme/rozblog_v4/chili-1.7.pack.js
79.127.127.68200 OK 3.9 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v4/chili-1.7.pack.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type exported SGML document, ASCII text, with very long lines (7007), with no line terminators
Hash a155a6e297ca06f8f663f5a97755f384
0559dd7378a5ee5096e0a738f742d9cf1837900a
d87cffbd47e98e96e922a766f5de7038801d26e0f70a54b5479909065247425b
GET /theme/rozblog_v4/chili-1.7.pack.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Thu, 20 Mar 2014 11:01:17 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3926
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spiderman4.r98.ir/theme/panel_v5/assets/izitoast/iziToast.min.js?96141
79.127.127.68200 OK 6.5 kB URL HTTP/1.1 spiderman4.r98.ir/theme/panel_v5/assets/izitoast/iziToast.min.js?96141
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Unicode text, UTF-8 text, with very long lines (1137)
Hash f62bd834ff40d0bcbf55ccdf69b34214
2009693e35d54303b17d6ae046a0b7fa6ade1329
794b96670fd65d061b7858c28fee2e074a661fc2cd8d9037a2d8d4afd4518c7a
Analyzer Verdict Alert fortinet Malware
GET /theme/panel_v5/assets/izitoast/iziToast.min.js?96141 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 18:39:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6476
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
79.127.127.68200 OK 13 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Unicode text, UTF-8 text, with very long lines (402)
Hash 39e88a17ddc09ba37699b68765267237
9cef3ef135103f04a011c4254b36443c7fe9f274
7d29e28b7d7667dbd56d367338661112e416409b1be378425987111e3ca063a2
Analyzer Verdict Alert fortinet Malware
GET /theme/rozblog_v5/assets/css/style.css?5 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 25 Dec 2022 09:00:16 GMT
content-type: text/css
last-modified: Mon, 14 Mar 2022 12:00:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12565
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/theme/rozblog_v5/assets/js/bootstrap.min.js
79.127.127.68200 OK 16 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v5/assets/js/bootstrap.min.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (48664)
Hash 20961bf217f1968a7b90d4b48345bdcd
5bfc767da66eb77113ec72939d5507b906fdbc91
89f65709807f59a050d6eb8ccea163c69952fec1953c2360c63436b5bab58c9c
GET /theme/rozblog_v5/assets/js/bootstrap.min.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 07:18:48 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 15451
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/theme/rozblog_v5/assets/js/customize.js
79.127.127.68200 OK 225 B URL HTTP/1.1 www.rozblog.com/theme/rozblog_v5/assets/js/customize.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash a60c890500ec9e8221ac6dce25d2b3e1
9bea0acc3d9a968682cc7b532ef416027d5f44b5
8d081ff3edd89875e9150a70463d9beeddff52d3fc8b499268ed61a6ab88d724
GET /theme/rozblog_v5/assets/js/customize.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Fri, 15 Jun 2018 03:03:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 225
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/js/3.js
79.127.127.68200 OK 2.2 kB IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Unicode text, UTF-8 (with BOM) text
Hash 5c416e61711427cc71319d7b21324e30
919d28ca8ed66f1163d67ece3c3e5dadea3ec305
0b37807490358e87a3dfec580638e6a7b491f5598f872b67f1b22d339970ac23
GET /js/3.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Thu, 28 Oct 2021 10:34:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2163
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/theme/rozblog_v4/jquery.cycle.all.js
79.127.127.68200 OK 17 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v4/jquery.cycle.all.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash f7d48faab76bd4d6cd6fc8c8b5276743
f23ed2781ef2838bbf57767668ef72fc571b79fc
2879834e027c088c635721a350f58c4d8e32b5bbd343769bcb35d261c35324ca
GET /theme/rozblog_v4/jquery.cycle.all.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Thu, 20 Mar 2014 11:01:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 16744
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
www.rozblog.com/theme/rozblog_v5/assets/js/owl.carousel.min.js
79.127.127.68200 OK 13 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v5/assets/js/owl.carousel.min.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (31997)
Hash 3f241b12788b385d80518a36979e0fba
c3de474cff0f3b9a350a922a4a676f668acbcdfe
5051bf5c475a0c88bd16a391c50318eb0510ea5521ea71796214562a0f68164d
GET /theme/rozblog_v5/assets/js/owl.carousel.min.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 12:29:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 13414
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5057
Cache-Control: max-age=91850
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:16 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:31:06 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
spiderman4.r98.ir/theme/rozblog_v5/assets/images/En.png
79.127.127.68200 OK 13 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/images/En.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash 906efdd0d038a7d8079c8e0494014a27
69a4dcf2bde3bab6fe9982257f2a893bd958c69a
273969a886b1e0e31f161971ef946019f0ca683f0d41afcd301cec26f8a7209d
GET /theme/rozblog_v5/assets/images/En.png HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/png
last-modified: Thu, 14 Jan 2021 17:31:45 GMT
accept-ranges: bytes
content-length: 12928
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v5/assets/images/logo1.png
79.127.127.68200 OK 7.8 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/images/logo1.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 130 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 7eb16de105a16ee33c49e5df38ba37b7
b9ef3d5d38a98d6c4d6dfccc7d34cc5c747f2e2e
6f435c95b836aee19f661ed3320ab6d1285670de170826e9bca7eef2335c21c7
GET /theme/rozblog_v5/assets/images/logo1.png HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/png
last-modified: Sat, 25 Sep 2021 17:40:53 GMT
accept-ranges: bytes
content-length: 7761
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.rozblog.com/theme/rozblog_v5/assets/js/jquery-3.5.1.min.js
79.127.127.68200 OK 35 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v5/assets/js/jquery-3.5.1.min.js
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type ASCII text, with very long lines (65451)
Hash e6286f059a051e65fbb65e1edd026c5e
348e936ba0b7beb4618212cc74496fb78e152932
db9d15ce2e0a2ed2bb34d70d223482bc8088bce7035fa3ffe9fc75e2cd5bae3f
GET /theme/rozblog_v5/assets/js/jquery-3.5.1.min.js HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 20:45:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 34811
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/theme/banned.jpeg
79.127.127.68200 OK 1.6 kB URL HTTP/1.1 spiderman4.r98.ir/theme/banned.jpeg
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x120, components 3\012- data
Hash 94fdc8fdc15224191bfa339f84128584
2b454e1320e46d04af689eed03d7a6ef260e2fbc
4ea71e0814f246332c7fcbd6556a84c852343c73e64984ec433b8fdf9dee64d6
Analyzer Verdict Alert fortinet Malware
GET /theme/banned.jpeg HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/jpeg
last-modified: Wed, 11 Jan 2012 23:22:48 GMT
accept-ranges: bytes
content-length: 1635
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
www.rozblog.com/usercp.js?10
79.127.127.68200 OK 2.3 kB URL HTTP/1.1 www.rozblog.com/usercp.js?10
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash 3345caca650e2f6013034cb8452a88f7
40f3014dff2fd5b61c8a073707a21c27a005196c
a340cecbce449ac986ea8e6c6868a13a6ad1151898ebfb405853c62ee4a14d46
GET /usercp.js?10 HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Fri, 02 Dec 2022 09:00:16 GMT
content-type: application/javascript
last-modified: Mon, 31 Jan 2022 03:31:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2252
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-Light-web.woff2
79.127.127.68200 OK 33 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-Light-web.woff2
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Web Open Font Format (Version 2), TrueType, length 32748, version 3.0\012- data
Hash deecd7b9e79a829f0addc7b477f78d66
de1dc71b022c536c8b5a9c033a3a379232fc7416
80eca765a7f123d944488102a14d1e9b8ece313ec8d0af525e96363ae857c585
Analyzer Verdict Alert fortinet Malware
GET /theme/rozblog_v5/assets/fonts/IRANSans-Light-web.woff2 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 27 Nov 2022 09:00:16 GMT
content-type: font/woff2
last-modified: Fri, 15 Jun 2018 03:02:55 GMT
etag: "7fec-5b232c5f-774bafa6422dd57;;;"
accept-ranges: bytes
content-length: 32748
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v5/assets/images/top-ribbon.png
79.127.127.68200 OK 31 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/images/top-ribbon.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 1600 x 2, 8-bit/color RGBA, non-interlaced\012- data
Hash bf8061c8e46378d2cafeb4f83294a598
4c42efa285da52ff750f1214e9a14f72175bcf22
68512e37d7aab7038dc1a365c0b83182f6cd778c93a2a2b2bd467b0434371c07
GET /theme/rozblog_v5/assets/images/top-ribbon.png HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/png
last-modified: Sat, 25 Sep 2021 17:40:53 GMT
accept-ranges: bytes
content-length: 31124
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/images/rozblog-banner-468x150.gif
79.127.127.68200 OK 113 kB URL HTTP/1.1 spiderman4.r98.ir/images/rozblog-banner-468x150.gif
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type GIF image data, version 89a, 468 x 150\012- data
Size 113 kB (113287 bytes)
Hash 93ed7f95cd6e2c4e7f655afa5e30632b
7c60e1974b0aa305e1186def6be95d3beba81e6e
bd3969c606e95bba7b46f676bc0fbf7f9f02eb262e25e37b54754b849eee7af7
GET /images/rozblog-banner-468x150.gif HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/gif
last-modified: Sun, 31 Jan 2021 22:05:27 GMT
accept-ranges: bytes
content-length: 113287
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/parsianweb.ttf?3gj4r1
79.127.127.68200 OK 10 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/parsianweb.ttf?3gj4r1
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, parsianweb \012- data
Hash 37acd65ca52e264c870c06e607f1bea7
df0e23b4d94af34e77f491ede3c3d1c964872152
fbb27069ff299ce4cdef889c0d0fc23985e9afae132c7052e25378cbb12e8966
GET /theme/rozblog_v5/assets/fonts/parsianweb.ttf?3gj4r1 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=172800
expires: Sun, 27 Nov 2022 09:00:16 GMT
content-type: font/ttf
last-modified: Fri, 15 Jun 2018 03:02:58 GMT
etag: "271c-5b232c62-d02bddeb60281ab7;;;"
accept-ranges: bytes
content-length: 10012
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/web_Yekan.woff
79.127.127.68200 OK 28 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/web_Yekan.woff
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Web Open Font Format, TrueType, length 27516, version 0.0\012- data
Hash 6a8165b77213542fc1542b9f0f9d9d51
0cf5455eaaa43e967e13c4baaf22d7dd95c337d8
dd41efff5afebad2f72d1301367dd6502371c8711bedca4b817664e5ee561a9d
Analyzer Verdict Alert fortinet Malware
GET /theme/rozblog_v5/assets/fonts/web_Yekan.woff HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 27 Nov 2022 09:00:16 GMT
content-type: font/woff
last-modified: Fri, 15 Jun 2018 03:02:59 GMT
etag: "6b7c-5b232c63-aad0e45e10709287;;;"
accept-ranges: bytes
content-length: 27516
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-Medium-web.woff2
79.127.127.68200 OK 32 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-Medium-web.woff2
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Web Open Font Format (Version 2), TrueType, length 31692, version 3.0\012- data
Hash 068aff9626a6808a412979cd68987229
d9a09a1b2361983e28db2263fd601c6a235b101d
83f2088182a1c38208b59ea971a02dac54f9f0e82af6d4ba938532456f88e51a
Analyzer Verdict Alert fortinet Malware
GET /theme/rozblog_v5/assets/fonts/IRANSans-Medium-web.woff2 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 27 Nov 2022 09:00:16 GMT
content-type: font/woff2
last-modified: Fri, 15 Jun 2018 03:02:56 GMT
etag: "7bcc-5b232c60-e6070db3ce5950c7;;;"
accept-ranges: bytes
content-length: 31692
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
spiderman4.r98.ir/theme/rozblog_v4/respon.css
79.127.127.68200 OK 2.5 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v4/respon.css
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
Hash 07fa6561972bc6488539e9b9237d829f
79fdf8974156097e4f1d3d31fa3cc8583c3a2a3e
7b01306430c0b42272fa7a97ceb9396ef58d22107bfc5d44a0132f54f3d0cf24
GET /theme/rozblog_v4/respon.css HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 25 Dec 2022 09:00:16 GMT
content-type: text/css
last-modified: Wed, 24 Sep 2014 15:00:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2471
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-UltraLight-web.woff2
79.127.127.68200 OK 32 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/fonts/IRANSans-UltraLight-web.woff2
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type Web Open Font Format (Version 2), TrueType, length 32488, version 3.0\012- data
Hash 7b3c6059e6ffb34e09973a4d56f64ab8
2256a9b53a9ed8d7fb040ef3c240948ccc3474b2
ce6679c79c3e9cdf8d32ff4eb94ddf954c76203f8e5f70c6bb43ff9f870a2b7e
Analyzer Verdict Alert fortinet Malware
GET /theme/rozblog_v5/assets/fonts/IRANSans-UltraLight-web.woff2 HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sun, 27 Nov 2022 09:00:16 GMT
content-type: font/woff2
last-modified: Fri, 15 Jun 2018 03:02:57 GMT
etag: "7ee8-5b232c61-84772a926671316c;;;"
accept-ranges: bytes
content-length: 32488
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NBynb0FVFHFFPZNV0tEC9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gklOBa6mKawRM3lhnsLsUUPieSo=
spiderman4.r98.ir/theme/rozblog_v5/assets/images/sprite.png
79.127.127.68200 OK 8.9 kB URL HTTP/1.1 spiderman4.r98.ir/theme/rozblog_v5/assets/images/sprite.png
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type PNG image data, 184 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash c3251e01ae481b8185740d9a9158294c
da888694c320440e7beafeb201e093c47807e5e8
0c692ad52996e613ae0b2a446b8bbc7bda98d3e70a86ba7d69f32ab7e9ddda9a
GET /theme/rozblog_v5/assets/images/sprite.png HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/theme/rozblog_v5/assets/css/style.css?5
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/png
last-modified: Sat, 25 Sep 2021 17:40:53 GMT
accept-ranges: bytes
content-length: 8890
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
date: Fri, 25 Nov 2022 08:55:03 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 180683319
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:12D7_2E69C9F0:0050_63808420_70112:2201
x-iplb-instance: 42476
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://spiderman4.r98.ir
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 2874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rozblog.com/theme/rozblog_v4/favi1.ico
79.127.127.68200 OK 1.2 kB URL HTTP/1.1 www.rozblog.com/theme/rozblog_v4/favi1.ico
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 129e0e4681906fae60ea32d066a7b4c5
33c024415db44baa3aba0f13df1399d9b81ac9e6
0a14eb14e53df8201b78084ab9a276a1f4ca01e55a20c3b8b0b6f3b660ee3ff0
GET /theme/rozblog_v4/favi1.ico HTTP/1.1
Host: www.rozblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000, no-transform
expires: Sat, 25 Nov 2023 09:00:16 GMT
content-type: image/x-icon
last-modified: Tue, 18 Nov 2014 15:12:07 GMT
accept-ranges: bytes
content-length: 1150
date: Fri, 25 Nov 2022 09:00:16 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
vary: User-Agent
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:00:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18242
Expires: Fri, 25 Nov 2022 14:04:19 GMT
Date: Fri, 25 Nov 2022 09:00:17 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?1680739&@f16&@g1&@h1&@i1&@j1669366816262&@k0&@l1&@mspiderman4%20-%20%D8%B3%D8%A7%DB%8C%D8%AA%20%D9%85%D9%88%D8%B1%D8%AF%20%D9%86%D8%B8%D8%B1%20%D9%85%D8%B3%D8%AF%D9%88%D8%AF%20%D8%A7%D8%B3%D8%AA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-131542837&@b3:1669366816&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fspiderman4.r98.ir%2Fcat%2F72%2Ftaknet98ir.html&@w
158.69.248.123200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?1680739&@f16&@g1&@h1&@i1&@j1669366816262&@k0&@l1&@mspiderman4%20-%20%D8%B3%D8%A7%DB%8C%D8%AA%20%D9%85%D9%88%D8%B1%D8%AF%20%D9%86%D8%B8%D8%B1%20%D9%85%D8%B3%D8%AF%D9%88%D8%AF%20%D8%A7%D8%B3%D8%AA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-131542837&@b3:1669366816&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fspiderman4.r98.ir%2Fcat%2F72%2Ftaknet98ir.html&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash 2f70e8439bffcdfc066044862a836e6d
78a76e9ab10d448501af710d76f5dccc48ae6d42
21bb9c9d6ff68df6b569fde8c587740db3adbae245d7c2e4e77c1f1c645ac4fc
GET /stats/0.php?1680739&@f16&@g1&@h1&@i1&@j1669366816262&@k0&@l1&@mspiderman4%20-%20%D8%B3%D8%A7%DB%8C%D8%AA%20%D9%85%D9%88%D8%B1%D8%AF%20%D9%86%D8%B8%D8%B1%20%D9%85%D8%B3%D8%AF%D9%88%D8%AF%20%D8%A7%D8%B3%D8%AA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-131542837&@b3:1669366816&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fspiderman4.r98.ir%2Fcat%2F72%2Ftaknet98ir.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spiderman4.r98.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:00:17 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
spiderman4.r98.ir/cat/72/taknet98ir.html?action=pm
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=pm
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=pm HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirmuser
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirmuser
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=confirmuser HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirmpost
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirmpost
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=confirmpost HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=zobaledan
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=zobaledan
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=zobaledan HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=comment
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=comment
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=comment HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=comment_no
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=comment_no
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=comment_no HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=ban_user
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=ban_user
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=ban_user HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=admin_user
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=admin_user
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=admin_user HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:17 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:00:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:00:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:00:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:00:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
age: 41118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 141bbf99-5d78-4b9c-a537-491718aee68a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b43YGE_SoAMFlbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d29a-00017cd344caea2b6408aeb3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1-8WM-7tNqakPDW9-K0GVbOKdotndEXj2QeJzw3cJol-g9TT5IVyOQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 16:45:53 GMT
age: 58465
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OTpJ5Qu_Ttq5se4SrZIAEiNVm6mqrrUq_0TmMJ4vldeuzMuCSxxUtA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:37:47 GMT
age: 8551
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
age: 41117
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 36029
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05a92b9f554600c920e8b772eb16ee75
7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _dHgUlzLnOsFrI73NzPGn0VJ2NvJqRew6bHzlD6_n2zwHPfQ-8kIvA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 03:16:29 GMT
age: 20629
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
spiderman4.r98.ir/cat/72/taknet98ir.html?action=zobaledan
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=zobaledan
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=zobaledan HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:18 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirm_link
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=confirm_link
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=confirm_link HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:18 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=new_comment_no
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=new_comment_no
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=new_comment_no HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:18 GMT
server: LiteSpeed
strict-transport-security: max-age=0;
spiderman4.r98.ir/cat/72/taknet98ir.html?action=new_comment
79.127.127.68200 OK 4.5 kB URL HTTP/1.1 spiderman4.r98.ir/cat/72/taknet98ir.html?action=new_comment
IP 79.127.127.68:0
ASN #43754 Asiatech Data Transmission company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (371)
Hash a5055c37ec1c731cb8e837d5e120b206
55cfe07aa81293426d993ca23576d55e8f1994ee
786dc8963f68b13ae99ec414129147326672c47adf6907d991b82b3a91321d5b
Analyzer Verdict Alert fortinet Malware
GET /cat/72/taknet98ir.html?action=new_comment HTTP/1.1
Host: spiderman4.r98.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spiderman4.r98.ir/cat/72/taknet98ir.html
Cookie: PHPSESSID=27c1b437dadd48dfcf0967223758b276; sdf444ddddddddds=1; HstCfa1680739=1669366816262; HstCla1680739=1669366816262; HstCmu1680739=1669366816262; HstPn1680739=1; HstPt1680739=1; HstCnv1680739=1; HstCns1680739=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-language: fa
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
content-length: 4455
content-encoding: gzip
date: Fri, 25 Nov 2022 09:00:18 GMT
server: LiteSpeed
strict-transport-security: max-age=0;