urlscan.io logo urlscan.io
SecurityTrails logo

bpm.shaparak.ir Open in urlscan Pro
176.56.157.159  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.dezhakam.lol/Home/RedirectToPayPage/0/?RefId=1B2B96408DB4216E
Effective URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Submission Tags: @phish_report
Submission: On October 16 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 176.56.157.159, located in Iran, Islamic Republic Of and belongs to SITSCO-AS, IR. The main domain is bpm.shaparak.ir. The Cisco Umbrella rank of the primary domain is 295753.
TLS certificate: Issued by Certum Extended Validation CA SHA2 on May 2nd 2023. Valid for: a year.
This is the only time bpm.shaparak.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank Mellat (Financial)

Domain & IP information

IP Address AS Autonomous System
1 81.12.52.58 208161 (PARSVDS)
1 13 176.56.157.159 43415 (SITSCO-AS)
13 2
Apex Domain
Subdomains		 Transfer
13 shaparak.ir
bpm.shaparak.ir — Cisco Umbrella Rank: 295753
393 KB
1 dezhakam.lol
api.dezhakam.lol
677 B
13 2
Domain Requested by
13 bpm.shaparak.ir 1 redirects bpm.shaparak.ir
1 api.dezhakam.lol
13 2

This site contains links to these domains. Also see Links.

Domain
www.behpardakht.com
Subject Issuer Validity Valid
api.dezhakam.lol
ZeroSSL RSA Domain Secure Site CA		 2023-10-01 -
2023-12-30		 3 months crt.sh
bpm.shaparak.ir
Certum Extended Validation CA SHA2		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Frame ID: 0E74FF829EA0FBFE3FA9C24B7121F571
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

پرداخت اینترنتی به پرداخت ملت

Page URL History Show full URLs

  1. https://api.dezhakam.lol/Home/RedirectToPayPage/0/?RefId=1B2B96408DB4216E Page URL
  2. https://bpm.shaparak.ir/pgwchannel/startpay.mellat HTTP 302
    https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

393 kB
Transfer

390 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.dezhakam.lol/Home/RedirectToPayPage/0/?RefId=1B2B96408DB4216E Page URL
  2. https://bpm.shaparak.ir/pgwchannel/startpay.mellat HTTP 302
    https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
api.dezhakam.lol/Home/RedirectToPayPage/0/ 		515 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.dezhakam.lol/Home/RedirectToPayPage/0/?RefId=1B2B96408DB4216E
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.12.52.58 , Iran, Islamic Republic Of, ASN208161 (PARSVDS, IR),
Reverse DNS
ip-81-12-52-58.hosted-by.parsvds.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b92f90df01e003ed00cf6a82e169f18c935677d043d90e724a6b48956a9bf273

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
private
content-length
515
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 17:32:35 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
Primary Request result.mellat
bpm.shaparak.ir/pgwchannel/
Redirect Chain
  • https://bpm.shaparak.ir/pgwchannel/startpay.mellat
  • https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e0948f8e244389a394bd0e27dd21c80e35de24e3e1f83853a355c53aba7063ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://api.dezhakam.lol
Referer
https://api.dezhakam.lol/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Content-Encoding
gzip
Content-Language
fa
Content-Type
text/html;charset=utf-8
Date
Mon, 16 Oct 2023 17:32:35 GMT
Server
Microsoft-HTTPAPI/2.0
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
content-length
1332

Redirect headers

Content-Length
0
Content-Type
text/html;charset=UTF-8
Date
Mon, 16 Oct 2023 17:32:35 GMT
Location
/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Server
Microsoft-HTTPAPI/2.0
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
esprit_fa.min.css
bpm.shaparak.ir/pgwchannel/css/ 		162 KB
162 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
1bcdfc7361b6317cb9b30d10a842512ba345ffa1790adcd3b09cba5b1e9f22f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Mar 2023 11:01:56 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"165420-1678186916000"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
165420
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
jquery-3.6.0.min.js
bpm.shaparak.ir/pgwchannel/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/js/jquery-3.6.0.min.js?v=21
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Mar 2023 11:01:56 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"89503-1678186916000"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
89503
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
messages_fa.min.js
bpm.shaparak.ir/pgwchannel/msg/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/msg/messages_fa.min.js?v=22
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4c9070567a4996b40c44f242c3645f0001f9e182b5dcb82bfba61ff6057603db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 25 Jun 2023 11:13:06 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"2675-1687691586000"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
2675
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
payment.min.js
bpm.shaparak.ir/pgwchannel/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/js/payment.min.js?v=23
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
14a0876e9f44acea0979cbd4fb87d149ae906e0467e454a02a50f768c92ae602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 25 Jun 2023 11:13:06 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"25379-1687691586000"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
25379
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
shaparak_logo.svg
bpm.shaparak.ir/pgwchannel/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpm.shaparak.ir/pgwchannel/img/shaparak_logo.svg
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
1356660e11a18e55b4841dd6769d50413c509ad1b4ac43bd56a4a46655f09052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"31079-1645870874000"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
31079
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
behpardakht_logo.svg
bpm.shaparak.ir/pgwchannel/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpm.shaparak.ir/pgwchannel/img/behpardakht_logo.svg
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
011310002d771ac6a136964ee17f8c265a06bc385ab51dd1a21ec4b5a3d8ab5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/result.mellat?RefId=1B2B96408DB4216E&BLOCKER_ERROR=invalidRefId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"19177-1645870874000"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
19177
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:49 GMT
mellat_arc.svg
bpm.shaparak.ir/pgwchannel/img/ 		349 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpm.shaparak.ir/pgwchannel/img/mellat_arc.svg
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
67e70e1d5d489482630b186aee63e56361bdc93ac01e8e3a09fcabce5782f7ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"349-1645870874000"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
349
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:50 GMT
ipg-failed-ico.svg
bpm.shaparak.ir/pgwchannel/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpm.shaparak.ir/pgwchannel/img/ipg-failed-ico.svg
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ed1f2eff5c3bdc9abd2c31026b92191bf225573cbaf90f66771d6bae467e82e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"1278-1645870874000"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
1278
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:50 GMT
mellat_arc_footer.svg
bpm.shaparak.ir/pgwchannel/img/ 		592 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpm.shaparak.ir/pgwchannel/img/mellat_arc_footer.svg
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
9019fb40193423b787b752dfc130ce05ad4c5863f1002302a315ec57a0f36cc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:14 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"592-1645870874000"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
592
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:50 GMT
IRANSansWeb_Medium.woff2
bpm.shaparak.ir/pgwchannel/css/fonts/woff2/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/css/fonts/woff2/IRANSansWeb_Medium.woff2
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d7a84ef6c13340a59e5cc94b645b6e28dba4e7d767c60aa9c5bdb521eceaa96c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Origin
https://bpm.shaparak.ir
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:12 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"28916-1645870872000"
X-Frame-Options
DENY
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
28916
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:50 GMT
IRANSansWeb.woff2
bpm.shaparak.ir/pgwchannel/css/fonts/woff2/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bpm.shaparak.ir/pgwchannel/css/fonts/woff2/IRANSansWeb.woff2
Requested by
Host: bpm.shaparak.ir
URL: https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ee1e854ddec6131b2a46771cfbfcd8941049bf25391a640b08995bbd1c51c6c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bpm.shaparak.ir/pgwchannel/css/esprit_fa.min.css?v=20
Origin
https://bpm.shaparak.ir
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 17:32:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 26 Feb 2022 10:21:12 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"31320-1645870872000"
X-Frame-Options
DENY
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
31320
X-XSS-Protection
1; mode=block
Expires
Mon, 25 Sep 2023 00:29:50 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank Mellat (Financial)

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| i18n undefined| globalRemainingSeconds undefined| terminalDiscountStatus undefined| otpRequestWaitMillis undefined| panDtoList undefined| encRefId undefined| focusedField undefined| shuffledArray undefined| previousPan undefined| keyPadInputId undefined| previousOTPRequestMillis undefined| otpRemainingSeconds boolean| ctrlDown number| ctrlKey number| cmdKey boolean| disableCountDown boolean| paymentSuccessfullyDone boolean| successResultSubmitted number| cursorPosition number| selectedPanIndex number| previousSelectedPanIndex object| availableBankLogos function| validatePaymentInputs function| removeInvalidClassFromPan function| addInvalidClassToPan function| validatePan function| doPayment function| processSaleResponse function| refreshCaptcha function| showMessage function| hideMessage function| handleUnknownError function| validateAndDoPayment function| removeInvalidClassFromInput function| validateInput function| addInvalidClassToInput function| validateDate function| focusNextField function| focusField function| hideKeypadOnTab function| checkPattern function| setPanCursorPosition function| formatPanOnKeyDown function| shouldIgnore function| formatPanOnKeyUp function| getFormattedPan function| concatNumericChars function| extractNumbers function| preventInvalidKeys function| isNumericKeyDownOrUp function| getEventKeyCode function| cancelPay function| countDownRemainingTime function| stopCountDown function| fillField function| keypadTab function| keyPadBackspace function| setFocusedField function| shuffleKeypad function| showKeypadJustInMobile function| showLogoJustInMobile function| showKeypad function| hideKeypad function| hideOthersKeypad function| shuffle function| waitAndSendSuccessResult function| sendSuccessResult function| enableReturnButton function| hideKeypadOnOutsideClick function| hideCardSuggestionListOnOutSideClick function| showSubmitSpinner function| hideSubmitSpinner function| showBankLogoSpinner function| hideBankLogoSpinner function| checkPanDiscount function| handlePanChange function| prepare4DiscountServiceCall function| processDiscountResponse function| openDiscountDialog function| setPan function| hideDiscountDialog function| showDiscountDialog function| showDynamicPinDialog function| removeDynamicPinDialog function| setAmount function| setCardSuggestionListHeight function| filterAndShowCardSuggestionList function| toggleAllPans function| showAllPans function| showCardSuggestionList function| setBankLogo function| hideCardSuggestionList function| deleteSelectedPan function| processDeleteSelectedPanResponse function| selectPan function| scrollTopAnimated function| scrollMiddleAnimated function| cardNumberFocus function| maskExpireDate function| unmaskExpireDate function| isBankLogoAvailable function| resetSelectedPan function| getBankLogoSrc function| isNewPan function| validateAndRequestOTP function| requestOTP function| showSuccessFulMessageJustInMobile function| processOtpResponse function| disableOtpButton function| enableOtpButton function| disableCardNumber function| enableCardNumber function| disableCvv2KeyPad function| enableCvv2KeyPad function| disableCardListButton function| enableCardListButton function| disableInputCVV2 function| enableInputCVV2 function| disableInputMonth function| enableInputMonth function| disableInputYear function| enableInputYear function| disableInputMonthEnc function| enableInputMonthEnc function| disableInputYearEnc function| enableInputYearEnc function| disableCaptcha function| enableCaptcha function| showRetryMessageJustInMobile function| countDownDynamicPinRemainingTime

2 Cookies

Domain/Path Name / Value
bpm.shaparak.ir/pgwchannel Name: JSESSIONID
Value: F3676752E30C324404C2C6E656FBCFF0
bpm.shaparak.ir/ Name: cookiesession1
Value: 678B28872F7F819878D6D3AC969BC90A