r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10418
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 04:04:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3210
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:04:42 GMT
Last-Modified: Mon, 28 Nov 2022 03:11:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9117
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 04:04:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 03:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2817
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 1189
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:04:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rbi.ir/
5.144.130.43302 Found 0 B IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: wc_session_ids[default]=54697d0818d2197a5b10dd8bda24030297370712; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/; HttpOnly
wc_session_ids[all_forms]=20bdf13ceebe371e33734eb592fb13b8655378e3; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/; HttpOnly
wc_session_ids[multi][0]=5e2f469d61dbff9bbd1109f683c47eebae8c9054; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/
wc_session_ids[multi][1]=f96a114fbb4c4a68bbd54dfee95117653fdd91c2; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/
wc_session_ids[multi][2]=6b28f2ea7296841009477829c158d0ccf1fa5c18; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/
wc_session_ids[multi][3]=d6e84c6ef2940814d0420768486284256579b58c; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/
wc_session_ids[multi][4]=af267fc42c757b9c3c556ef8542cb87aed49fecf; expires=Mon, 28-Nov-2022 04:04:51 GMT; Max-Age=10; path=/
pll_language=en; expires=Tue, 28-Nov-2023 04:04:41 GMT; Max-Age=31536000; path=/; SameSite=Lax
vary: Accept-Language
x-redirect-by: Polylang Pro
location: http://www.rbi.ir/en/home/
content-type: text/html; charset=UTF-8
content-length: 0
date: Mon, 28 Nov 2022 04:04:41 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 03:11:12 GMT
cache-control: public,max-age=3600
age: 3210
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 578
Cache-Control: max-age=105108
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:04:42 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:16:30 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d3AdpsTgp3MK5OiTlpBrdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R3RK445AUVUMXe0h6hi/ET0ZkRA=
www.rbi.ir/en/home/
5.144.130.43200 OK 27 kB IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19273), with CRLF, LF line terminators
Hash e0fb256ffa889878d5db784158f15d41
ecf5d52eb185345225f907e87da936f5d5ff15fa
6f9da991cf605e277ed20ef52e1a8b0c03b25abed7ba0d2e1f4cea68f57ad82c
Analyzer Verdict Alert fortinet Malware
GET /en/home/ HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/; HttpOnly
wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/; HttpOnly
wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/
wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/
wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/
wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/
wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; expires=Mon, 28-Nov-2022 04:04:52 GMT; Max-Age=10; path=/
pll_language=en; expires=Tue, 28-Nov-2023 04:04:42 GMT; Max-Age=31536000; path=/; SameSite=Lax
content-type: text/html; charset=UTF-8
link: <https://www.rbi.ir/wp-json/>; rel="https://api.w.org/", <https://www.rbi.ir/wp-json/wp/v2/pages/6558>; rel="alternate"; type="application/json", <https://www.rbi.ir/>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:04:42 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:04:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rbi.ir/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
5.144.130.43200 OK 4.0 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash a8fe3a449d497000cfcccfda997e39c2
a46a0e59001295fc5c352ea9af62f38f22d81c6d
bfc1b89982f10355b7f2ad7d5c405a8c6d4b872a111951fa855f9862df463573
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4048
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
5.144.130.43200 OK 676 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash aed6d7df00952fe5e2c7c636649262f6
7d27a3280224fa23a11af27e6816ba0a49ab5d70
06c5b0cd3f5177c83dc46e5fa8aca26cd4c79f9a3a256cfd03352c129039fdf6
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 676
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/wc-captcha/css/frontend.css?ver=6.1.1
5.144.130.43200 OK 211 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/wc-captcha/css/frontend.css?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash 472b7ac93eea6a2563ff60c83dff615b
8b94d5d338d6a1b73570cfde252196478bfa82f9
9c64f42a9d49ac75007689ef3bd83bf82a23686dd7fcac27d4f09303f2aae7b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wc-captcha/css/frontend.css?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 17:36:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 211
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1
5.144.130.43200 OK 1.6 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash 1853861fa4b1a8d059812577f53ec17e
8722a03b45e81c7964341f97f8f69f79c9a0306c
6dbd1dc91908618b5522ca95a71b63ae13d56900975afc4bef68f6a471172e72
GET /wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1554
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
5.144.130.43200 OK 9.6 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 4e1237e14f7156c3761b3aad4eb0fa0e
1a331f7be9045dbb71665b750124c9b59af89091
cedbb7e59f35b504f399b64b12652caadc94d7ea303ffab1f0fa7a46874f20e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9570
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/themes/Zephyr/css/plugins/woocommerce.min.css?ver=5.1
5.144.130.43200 OK 7.6 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/css/plugins/woocommerce.min.css?ver=5.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (38831), with no line terminators
Hash 8e8d1281184846b52fd2f2dbc5a0e766
85141b90bcd049bbe55d6913d87a994ee2ab2d30
302504031602abc2c8e6216624e3729201a2698d90e57025bb3ea6c43db58837
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/css/plugins/woocommerce.min.css?ver=5.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7641
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/themes/Zephyr/css/responsive.min.css?ver=5.1
5.144.130.43200 OK 4.7 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/css/responsive.min.css?ver=5.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (22895), with no line terminators
Hash 56ebc688e36887af9ff11b0b368e7796
8b7abdc9d32d119af0fe970573c6f68486a5bd42
d77ff4af9719cf31f89ba630ea4e81f476a2f9f1237c028c9b7e51516d1aa14b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/css/responsive.min.css?ver=5.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4723
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1
5.144.130.43200 OK 4.7 kB URL HTTP/1.1 www.rbi.ir/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (27639), with no line terminators
Hash 8d79c425675ceb405d952a3c699f4c01
8d625b9cbbe450874e30961ecd9b77db5745e730
2dbc69927d7f6f4d147578f6b94323e1e8b5bbc9539b336dfcbea5533cf823e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4717
date: Mon, 28 Nov 2022 04:04:43 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5933e082693f81f030d3a5faa3546a7
0f10f0061e21d30afe3d7ce09f32509d4d876a6a
75a4fd7f6dd1094b6d4f7a6007ac7dce5f27f5b7de337243a6113191374fe0de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75A4FD7F6DD1094B6D4F7A6007AC7DCE5F27F5B7DE337243A6113191374FE0DE"
Last-Modified: Sat, 26 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 10:04:43 GMT
Date: Mon, 28 Nov 2022 04:04:43 GMT
Connection: keep-alive
www.rbi.ir/wp-content/themes/Zephyr/css/style.min.css?ver=5.1
5.144.130.43200 OK 41 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/css/style.min.css?ver=5.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9b7c66f9beca23d9df0b3c32d4ef5e69
761817698d494c0725ffc633e46b977c911b7f56
967481bcbe2b8306477df00255cb723fbc68fa5ac00788200d36fea10ca0340f
GET /wp-content/themes/Zephyr/css/style.min.css?ver=5.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 40974
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4
5.144.130.43200 OK 46 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (65536), with no line terminators
Hash f0985cea05f1e883d5655d2fbf34412e
845abaf367aa2ae0d58cbb92ae7d94a46acf42eb
071cafaf6d4ebafb6e74f2ae8ff5d42028060c49174928b45071c88c9dd4213b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.4 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:17 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 45484
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
5.144.130.43200 OK 4.2 kB URL HTTP/1.1 www.rbi.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 17:28:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.25
5.144.130.43200 OK 47 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.25
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (33492), with CRLF line terminators
Hash 911d1d3fab9cab80664858036cbbc2b3
09f7194dce81c49f1377773db5351ac10bfb3e13
57ce6a2455f70eb0513692fc0f015216a48a921a5c6d44f51815f12363df6a58
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.25 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 16:44:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 46617
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/uploads/2021/04/AC.png
5.144.130.43200 OK 2.8 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/AC.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 6507b23a0df177b757d69499d0525725
194b9b2cb2ea9821434a3d09051cd9921a5b02e9
6a306e9ae6080e58d17eb7480bade4d59fe9cb9d240bd2d8bd7df69589739dfb
GET /wp-content/uploads/2021/04/AC.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:15 GMT
accept-ranges: bytes
content-length: 2838
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
5.144.130.43200 OK 18 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash d4063405bdeedf677d13c9ce7b535aa1
256f3aed2dfad47a4f42e45356fd9aedb7be1f31
d31e0030358c9ee54256451fd2055125da1d7bd58da7b1ea901aacfe25b84696
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 18107
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
5.144.130.43200 OK 31 kB URL HTTP/1.1 www.rbi.ir/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 17:28:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31046
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/wc-captcha/js/wc-captcha-main.js?ver=6.1.1
5.144.130.43200 OK 509 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/wc-captcha/js/wc-captcha-main.js?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with CRLF line terminators
Hash 55c58aa502375e2ea54ef1caa05f7eb2
24a227345602ed19e81af72fe5746a75bc53888a
527fc760975ee15c451d11f7314ae928278c55bf5371d5317dedeb88154eeb92
GET /wp-content/plugins/wc-captcha/js/wc-captcha-main.js?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 17:36:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 509
date: Mon, 28 Nov 2022 04:04:43 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:04:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:04:44 GMT
Connection: keep-alive
www.rbi.ir/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
5.144.130.43200 OK 7.1 kB URL HTTP/1.1 www.rbi.ir/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a1ea044fd4d54d119f627d3939a67624
1c9b59ec1b17620f25f16b72ebc7de0ae73ac985
3421c30a5456397431cce98af963c60084eac78f5689ff38376cb3b81b24100e
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 17:28:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7093
date: Mon, 28 Nov 2022 04:04:43 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:04:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:04:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 22406
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:08 GMT
age: 20916
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:04:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 21778
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 22415
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YLb6Et3z5MS3x4qk32fUeOCzFeofTOiHbTH2dGaQbGe_e8yMedqqw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:11:10 GMT
age: 71614
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 20430
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rbi.ir/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
5.144.130.43200 OK 5.0 kB URL HTTP/1.1 www.rbi.ir/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 17:28:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
5.144.130.43200 OK 12 kB URL HTTP/1.1 www.rbi.ir/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 17:28:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12489
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-includes/css/classic-themes.min.css?ver=1
5.144.130.43200 OK 188 B URL HTTP/1.1 www.rbi.ir/wp-includes/css/classic-themes.min.css?ver=1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 17:28:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 188
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
5.144.130.43200 OK 3.5 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (9172)
Hash de329cdce96c17fef9c3516b09ba51c6
664ff401060faaf6770ba30761b367d3aef10a8a
d9f05937cd228acc98f18a5e52ef966e0885afbcbc06d31da2e61e2b3f9e13f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3533
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.25
5.144.130.43200 OK 59 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.25
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (31990)
Hash bc497dd3def1d6c6b2288f8ec6a9e08a
14d900017d02fadfab49c79054879adcf5eb5918
15bf2ab4b352e830d959a5e56434c0afb2431cc4d81b30b78686c2f5ae736ffa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.25 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 58864
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
5.144.130.43200 OK 977 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (1680)
Hash 60e4ab71992dc241e8f93bdf73199d7c
61fe2f1b6151b2c400f0b32998ce1504cdf2140a
eae30f24f574269c25ef73f888c3513259a8ea233be7cb25166bbc017e8318f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 977
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
5.144.130.43200 OK 589 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (1402), with no line terminators
Hash abc31bb937d1b913aa08d186e7a438aa
4803b5aa2452b0c74c144781931f3ee45764ac35
232466b97db18583b49a23e54801e9ed747b45d5303e72c9e844a69c535b0d9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 589
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
5.144.130.43200 OK 39 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash da82b93940d18779f96809b863a9f975
a0a731146a6a1a908b24ad04f3c2529dc81d9914
ca73520757002c8e415668ecef09cfca42ac2f8ad6a48d243959a9850855ac55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 38593
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
5.144.130.43200 OK 924 B URL HTTP/1.1 www.rbi.ir/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (2568), with no line terminators
Hash 23eb2ef4d2b62fa5dcfb770a6eb2b70e
79854d82241ec6803a4f8dc8284a47d910fc8ab8
915e0df7ca297d243fb531fab96c26309facf5772ed044cc5422e834cfbb5951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 924
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/themes/Zephyr/js/us.core.min.js?ver=5.1
5.144.130.43200 OK 29 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/js/us.core.min.js?ver=5.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (7010), with CRLF line terminators
Hash e489a250b20c941444107ccdf6c915d7
d3e680aef95c10c1e9c16dc20688bb257b25039d
b344849c354bc27228fa288fe5c3ba7de7f10068416b2e049b2a19f7571d3012
GET /wp-content/themes/Zephyr/js/us.core.min.js?ver=5.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 28789
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/themes/Zephyr/framework/js/vendor/magnific-popup.js?ver=5.1
5.144.130.43200 OK 7.4 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/framework/js/vendor/magnific-popup.js?ver=5.1
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash 9e37df04f49f27d377fdc54db4362436
09b5f23f2bda4a19322974bd7e659b4acfeae2b9
ab2fde4eaa91a347245146070c9b3aa83cd40b56fb5407d22e63118ecadc817d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/framework/js/vendor/magnific-popup.js?ver=5.1 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7379
date: Mon, 28 Nov 2022 04:04:43 GMT
www.rbi.ir/wp-content/uploads/2021/04/PH.png
5.144.130.43200 OK 2.3 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/PH.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash e163617b002d4ab0efe21feb5f4b3146
6df73d74bf50de4c7608395bd2355444e0877196
33ee92375c54826a85ba443e45b4cf9b10b29e8857db9fe6f1dafba42bbecac1
GET /wp-content/uploads/2021/04/PH.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 2310
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/IPA1.png
5.144.130.43200 OK 2.6 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/IPA1.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 08ec9d13303bd1f2cb8755846d236d6d
688b0526fed39aa8a5fd441d5fc51aa50f1fd2eb
027c85ea4314a18f55446aa19fa54cfba2bc9f0d8424289e05a949b9ff0a2cfa
GET /wp-content/uploads/2021/04/IPA1.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 2624
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/BG.png
5.144.130.43200 OK 2.9 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/BG.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 6115ff4f2f2a7da81f495a8e945c2378
c5a4e845db14bd3637c9622b3d60b2a940a63fbb
4ba80de2247262cd284973618bd497e971110d5010af3776116763a3f01dbdf8
GET /wp-content/uploads/2021/04/BG.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:15 GMT
accept-ranges: bytes
content-length: 2869
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers.png
5.144.130.43200 OK 26 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 2880 x 1800, 8-bit colormap, non-interlaced\012- data
Hash 7bf90b49f75aa5f50ca1e72974b91eff
357971a15795a2d480f53efd40a49065a9aa6c95
4e5c7131ddb81c386ad593b3a5523e9ba035368c71b601429b62474663f1a36e
GET /wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:06:59 GMT
accept-ranges: bytes
content-length: 25783
date: Mon, 28 Nov 2022 04:04:43 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/logo1.png
5.144.130.43200 OK 62 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/logo1.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 994 x 994, 8-bit/color RGBA, non-interlaced\012- data
Hash 198199b0974acfedc02cc503b8799077
b1db68eb2b4fdbb337de1a0dbdb0514ff503b1bb
3466baba5bba9f6d3a7ea95047d80b4381ca88ae241f89b93d1f4eee6f213573
GET /wp-content/uploads/2021/04/logo1.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 61981
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/PCE.png
5.144.130.43200 OK 2.8 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/PCE.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash e1a347cd97681d32c28e2b7894a8ec16
bfeefbde2c7b21d922a533d3443903288973389e
afa63ba60292e7d3110e167513c2ac0097b7d607ac114e5c763ba4341cdb0df2
GET /wp-content/uploads/2021/04/PCE.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 2808
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/EP.png
5.144.130.43200 OK 2.4 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/EP.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 65 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 48ff7cecc25b472e54f7c7f8240db7dd
50d9aac28207e07cd5c16b6d6f933ad04c761217
e9cf742666e9886c8aeb9ab4680cb746b888bcf42ea5442e9d162af200f3da37
GET /wp-content/uploads/2021/04/EP.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:15 GMT
accept-ranges: bytes
content-length: 2357
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4
5.144.130.43200 OK 5.7 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (19706), with no line terminators
Hash d7e7ea9e93bdcfc93983e620a0bef973
a2249794a7b65faccb575b168ab60f0690f8af45
0f5b272eaf8e6244c6f8f9da79d198a148eb9b91801c7557a460f001d73f054c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.4 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5670
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/uploads/2013/05/paper-571937_1920.jpg
5.144.130.43200 OK 221 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2013/05/paper-571937_1920.jpg
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1329, components 3\012- data
Size 221 kB (220847 bytes)
Hash 1ad6568b529bae654e978bdb59114d7a
06bfa5998ab68ac86914253cb1c5bd07f604403f
5d8cd06025a2aa6d0451176cd55afbe7774d31f05872981dda6da41acb3c00e1
GET /wp-content/uploads/2013/05/paper-571937_1920.jpg HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:43 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 19:06:59 GMT
accept-ranges: bytes
content-length: 220847
date: Mon, 28 Nov 2022 04:04:43 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum).woff
5.144.130.43200 OK 38 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum).woff
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 38401, version 4.0\012- data
Hash a1233cc118c5257c1add132a786df256
31615a0ad11d94ee94ff2f16f02c54dbe2467614
bc6fcfad33755fdb7d138a5f27c4b12aefb9770577ce58d4175cf533b74e0664
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum).woff HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 38401
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2
5.144.130.43200 OK 65 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format (Version 2), TrueType, length 65316, version 1.0\012- data
Hash 48461ea4e797c9774dabb4a0440d2f56
024b7f9afa49a3658ebd7eee4e1c536502db51fa
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff2
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 65316
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/material-icons.woff2
5.144.130.43200 OK 49 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/material-icons.woff2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format (Version 2), TrueType, length 49028, version 1.0\012- data
Hash d3a4b3bfc67f733e8bb271dc35ecb19c
cf2619343ada96cbc371d38b4903a0459efb95cf
4ffcb784731a65dabd45daaa3efea8f831943811cbc51c510180fff417d49811
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/material-icons.woff2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff2
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 49028
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2014/10/picjumbo.com_HNCK2634.jpg
5.144.130.43200 OK 249 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2014/10/picjumbo.com_HNCK2634.jpg
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 249 kB (248844 bytes)
Hash 86f96b583ba956bbe2a153d7dcc076be
8145c04b5208261c443559d692c986b7d4da1cd1
ea2900786f4640dd42cff8cdeaa7e097e08e3328430fa565ed75bbb12b05a90a
GET /wp-content/uploads/2014/10/picjumbo.com_HNCK2634.jpg HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 19:07:04 GMT
accept-ranges: bytes
content-length: 248844
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
5.144.130.43200 OK 6.9 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash 9a461f14d9a0b28ba0cd2b0d47f50582
f7c578cee2b64c94529449ea9f9f8cbc7ded8f02
12a945bbc6e9c3ded1f53aed7c0302fab3106fb7dce14bb7ab17f9d54c105d1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6919
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
5.144.130.43200 OK 14 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (55556), with CRLF line terminators
Hash 09f92e8feb669ef00c78266c73b1e136
84ef5e6592a609f2ffb1460146de11b3e7dcc8ae
8ccc2d9a91b2c13ee8a0a023331d3f889af02f9af97068d1ec563ab9291eb6fe
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14324
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
5.144.130.43200 OK 7.1 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type ASCII text, with very long lines (25862), with CRLF line terminators
Hash bada599611d2b2ec6b6b563071295783
8c65ecae6ec3500e9167ab51b1c21a6617e4fab8
5ad93b79fb166aa0f78534f486a33609c7c22fb5e4f5d9d68c2ace13d25dc1c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7054
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2
5.144.130.43200 OK 19 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format (Version 2), TrueType, length 67400, version 1.0\012- data
Hash cf8ec0855a5f695f7eed33e2b97fb254
c9b62dae3a454e930999c8100d7aba3270fbc824
6a9e3af35f9e075ce5566d7b2732db182ade50f27443ae89fcd982b4e139bcc8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff2
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 67400
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-regular-400.woff2
5.144.130.43200 OK 15 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-regular-400.woff2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format (Version 2), TrueType, length 14868, version 1.0\012- data
Hash 949a2b066ec37f5a384712fc7beaf2f1
2554caf9e1af4c824a2f0e5e7a139ce555381b18
48810f2ca5c1a9cb285177a493b18a3ca22c177afeb9b242a592788eafc606f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-regular-400.woff2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff2
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 14868
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2014/10/colorful-266993_1920.jpg
5.144.130.43200 OK 235 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2014/10/colorful-266993_1920.jpg
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1276, components 3\012- data
Size 235 kB (234990 bytes)
Hash c3ac8d3d07612495839c929234bdc0d8
2324078d42b381b21622a37cb8251fa633eaded3
2a0478430668df2cd37404425d1d05527a91f0cd4cd2db7fdb38ca1f7459556a
GET /wp-content/uploads/2014/10/colorful-266993_1920.jpg HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 19:07:03 GMT
accept-ranges: bytes
content-length: 234990
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-solid-900.woff
5.144.130.43200 OK 87 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-solid-900.woff
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 86876, version 1.0\012- data
Hash 815694de1120d6c1e9d1f0895ee81056
6d320e1a3820a7998051c4feec4dad22760e485e
a188f8b84731c59143770ef391c9ad0fa2534d316862d5cb384623285c95c2e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-solid-900.woff HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 86876
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-brands-400.woff
5.144.130.43200 OK 76 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-brands-400.woff
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 76344, version 1.0\012- data
Hash 7b464e274bc331f9a765d765359635a5
6df3f0063d291a192baf09c1965182d463f815e2
e1e30bb6e54ee8694d77ce63ff9b71e1174c2ade3791f094c6b9bb3ba292fda6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-brands-400.woff HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 76344
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/material-icons.woff
5.144.130.43200 OK 64 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/material-icons.woff
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 63924, version 1.1\012- data
Hash 85cba3ca0dc8911361d31477c7af4ef8
fc61fc1cc827ca98c4d59fe09b155884fd635969
d4eb9cad80ae6087774b1e70a16e48dd1ce47ce72039e54dd62cfd6903f7f8d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/material-icons.woff HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 63924
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-regular-400.woff
5.144.130.43200 OK 18 kB URL HTTP/2 www.rbi.ir/wp-content/themes/Zephyr/fonts/fa-regular-400.woff
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 18168, version 1.0\012- data
Hash 381af09a1366b6c2ae65eac5dd6f0588
269984dfc3d210c4471b59b5c982790c9576324c
f47e95b5a8e9c9da8cd50f626888cc2042d6da99c2c340cf3dc137da2e54f5b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/fa-regular-400.woff HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-length: 18168
date: Mon, 28 Nov 2022 04:04:44 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.woff2
5.144.130.43404 Not Found 122 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.woff2
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19273), with CRLF, LF line terminators
Size 122 kB (121736 bytes)
Hash 015da2f07fd26d36af48f80e50563bdd
a412edec8465a43d6dbc898477f5170742a960c0
06f5bd9c4383f89cd2ee84044f74b15d41ec337363809a227b533422cff79ca7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.woff2 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.rbi.ir/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.ttf
5.144.130.43200 OK 40 kB URL HTTP/1.1 www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.ttf
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 34 names, Macintosh, Copyright (c) 2015 by www.fontiran.com (Moslem Ebrahimi). All rights reserved.RegularIRANSansWeb\012- data
Hash 06d5be5960f4c9734517723802745dc6
ffa3d5c8efc73b3985f3a4f2b95a60d0c78eb1e2
1b80d60991e834195084b4b6060d8ce89b3952326cb0ff14a318538df60c1d34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts/IRANSansWeb(FaNum)_Light.ttf HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/wp-content/themes/Zephyr/fonts/abzarwp-fonts/fonts.css?ver=6.1.1
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:44 GMT
content-type: font/ttf
last-modified: Sat, 26 Nov 2022 16:44:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 39832
date: Mon, 28 Nov 2022 04:04:44 GMT
www.rbi.ir/en/?wc-ajax=get_refreshed_fragments
5.144.130.43200 OK 307 B URL HTTP/1.1 www.rbi.ir/en/?wc-ajax=get_refreshed_fragments
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type JSON data\012- , ASCII text, with very long lines (515), with no line terminators
Hash 102d7dc0a1c1f660823d8f3059bf8dfc
30f873fa68134f2a30b0aa1d6915607e0e00c899
5ec2c8f1a5fc3e8db9e86b1c19480ea2758197a44b32c728e6570783eda37e7c
POST /en/?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://www.rbi.ir
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
Content-Length: 0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: http://www.rbi.ir
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: application/json; charset=UTF-8
content-length: 307
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:04:45 GMT
www.rbi.ir/wp-content/uploads/2021/04/logo1-300x300.png
5.144.130.43200 OK 25 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/logo1-300x300.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ce6c0010283cfefaaf3eeab238463c0
c52732d03726601d68d00f370b74e227fb62d3ba
549651cd3adde6e74ada9276b84f02bfeee58cb753aba2e73c6804bdf2f10981
GET /wp-content/uploads/2021/04/logo1-300x300.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:45 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 24726
date: Mon, 28 Nov 2022 04:04:45 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/uploads/2021/04/logo1-150x150.png
5.144.130.43200 OK 7.1 kB URL HTTP/2 www.rbi.ir/wp-content/uploads/2021/04/logo1-150x150.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash dab54a07061a3fbcac1eda0016858a5f
fa26feab04b320a79da88203b8ee242318a090f2
65989da1453960b9f24ef38b6c31c0c137b682f6968a049fea5e4be59d40a2e2
GET /wp-content/uploads/2021/04/logo1-150x150.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:45 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:07:16 GMT
accept-ranges: bytes
content-length: 7142
date: Mon, 28 Nov 2022 04:04:45 GMT
X-Firefox-Spdy: h2
www.rbi.ir/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
5.144.130.43200 OK 7.5 kB URL HTTP/1.1 www.rbi.ir/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rbi.ir/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:45 GMT
content-type: font/woff
last-modified: Sat, 26 Nov 2022 16:44:15 GMT
accept-ranges: bytes
content-length: 7536
date: Mon, 28 Nov 2022 04:04:45 GMT
www.rbi.ir/wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers-100x50.png
5.144.130.43200 OK 2.2 kB URL HTTP/1.1 www.rbi.ir/wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers-100x50.png
IP 5.144.130.43:0
ASN #59441 NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)
File type PNG image data, 100 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash b4154ea1d593b154449f45628a05c3aa
fbed44fee1345a5faff2d04d8f20310183c71afe
26c1dd2e512550a2b275d44974a473e4fcef6291afa5df7d277b24ead166927d
GET /wp-content/uploads/2013/05/orange-wallpaper-background-1002-1073-hd-wallpapers-100x50.png HTTP/1.1
Host: www.rbi.ir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rbi.ir/en/home/
Cookie: wc_session_ids[default]=7eb159e03f971fba41ffc9f51206991e338df302; wc_session_ids[all_forms]=0fecff6b1e8d451702838d22d225e999ac337739; wc_session_ids[multi][0]=c836d404d13ad809ac50cb739b1d778246200e24; wc_session_ids[multi][1]=8dd84b8900c0f2168c198bf1bfab392e9b938fe1; wc_session_ids[multi][2]=556c74fe43189acb85825635e2b7d7b68b493959; wc_session_ids[multi][3]=979bad332ac8010400c8407f238696c28cc18994; wc_session_ids[multi][4]=352ee5e8160d0b4632f4cf50d2ac99a70e09d68a; pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 04:04:47 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 19:06:59 GMT
accept-ranges: bytes
content-length: 2219
date: Mon, 28 Nov 2022 04:04:47 GMT
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 300ba2bd11eefb4b5b9ba5b9d56c6cca
55c9d2899b16945f329d0dacc021161038629988
a866abff0b6b5c6ed6758f1208f106d8f00c7f16fa07f2a676301cce8301e964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4254
x-amzn-requestid: 9c63d2a1-e805-4114-8875-fc1dc022c047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHopoAMFq0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-395ca7b76b364c11172fbdd6;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kEPPpR5WF9pdwcaIAgJlKrueznhQ4g5RFucMPj5eI0EbNk5Dt2dLIQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:00:48 GMT
age: 21843
etag: "55c9d2899b16945f329d0dacc021161038629988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=IRANSansWebFaNum%3A400%2C700%7CIRANSansWebFaNum_Light%3A400%2C700&subset=latin&ver=6.1.1
142.250.74.10400 Bad Request 0 B URL HTTP/2 fonts.googleapis.com/css?family=IRANSansWebFaNum%3A400%2C700%7CIRANSansWebFaNum_Light%3A400%2C700&subset=latin&ver=6.1.1
IP 142.250.74.10:0
GET /css?family=IRANSansWebFaNum%3A400%2C700%7CIRANSansWebFaNum_Light%3A400%2C700&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rbi.ir/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:04:43 GMT
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2