i.andromedaa.com Open in urlscan Pro
172.67.154.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ndrm.ir/
Effective URL:
https://i.andromedaa.com/
Submission: On April 03 via api (April 3rd 2024, 12:10:39 am UTC) from RU — Scanned from DE

Summary HTTP 16 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 172.67.154.191, located in United States and belongs to CLOUDFLARENET, US. The main domain is i.andromedaa.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time i.andromedaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.201.108 172.67.201.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.165.207.70 188.165.207.70	16276 (OVH) (OVH)
16	172.67.154.191 172.67.154.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

1 172.67.201.108 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ndrm.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.207.70 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns311628.ip-188-165-207.eu

andromedaa.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.154.191 (United States)

ASN13335 (CLOUDFLARENET, US)

i.andromedaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	andromedaa.com i.andromedaa.com	64 KB
1	andromedaa.ir 1 redirects andromedaa.ir	237 B
1	ndrm.ir 1 redirects ndrm.ir	513 B
16	3

	Domain	Requested by
16	i.andromedaa.com	i.andromedaa.com
1	andromedaa.ir	1 redirects
1	ndrm.ir	1 redirects
16	3

This site contains links to these domains. Also see Links.

Domain
followerbegir.ir
likebegir.com
commentbegir.com
ozvdarozv.com
adbn.ir
idlist.ir
t.me
cafebazaar.ir
andromedaa.com
telegram.me

Subject Issuer	Validity	Valid
andromedaa.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://i.andromedaa.com/
Frame ID: 040745E6FFA08C3F878485FDC90DF28F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

دانلود لایک بگیر فالوور بگیر کامنت بگیر و عضو در عضو برای IOS و آیفون

Page URL History Show full URLs

http://ndrm.ir/ HTTP 307
https://ndrm.ir/ HTTP 302
http://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios HTTP 307
https://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios HTTP 302
https://i.andromedaa.com/ Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

64 kB
Transfer

65 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://followerbegir.ir/

Search URL Search Domain Scan URL

URL: http://likebegir.com/

Search URL Search Domain Scan URL

URL: http://commentbegir.com/

Search URL Search Domain Scan URL

URL: http://ozvdarozv.com/

Search URL Search Domain Scan URL

URL: http://adbn.ir/

Search URL Search Domain Scan URL

URL: http://idlist.ir/

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=http://i.andromedaa.com
Title: ارسال به تلگرام

Search URL Search Domain Scan URL

URL: https://cafebazaar.ir/developer/andromedaa/?l=fa

Search URL Search Domain Scan URL

URL: http://andromedaa.com/
Title: اندرومدا

Search URL Search Domain Scan URL

URL: https://telegram.me/andromedaa_ir

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ndrm.ir/ HTTP 307
https://ndrm.ir/ HTTP 302
http://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios HTTP 307
https://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios HTTP 302
https://i.andromedaa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response i.andromedaa.com/ Redirect Chain http://ndrm.ir/ https://ndrm.ir/ http://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios https://andromedaa.ir/ad/?utm_source=ndrm&utm_medium=banner&utm_campaign=fl_ios https://i.andromedaa.com/	7 KB 2 KB	85ms 46ms	Document text/html	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.31 Resource Hash `5accdd66584d43c1bf30ab5b2c64dabe703f2c90682b9ed4678b887663a1d473` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86e4d62019148fd0-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 Apr 2024 00:10:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3vCqe14%2FPzJHi0Res0Tdst5QT3vc%2FYw7wGdAA0LWvRA3awY5OxlkErILGQx5DOyweYUb8PbIRh%2FmamwZp7qn0dZ1wsrCMt0Fly7E8USfziQSNMltRgtyfrLVB8a1NZcbNGo"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-powered-by PHP/5.6.31 Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 03 Apr 2024 00:10:34 GMT Server nginx Vary User-Agent X-Powered-By PHP/5.6.31 location https://i.andromedaa.com
GET H3	200	agent.css i.andromedaa.com/	3 KB 2 KB	52ms 52ms	Stylesheet text/css	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i.andromedaa.com/agent.css?v3 Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a24b480b90d29c2720accb772f37843ba955d18763ef9c63f6c133fbe60b830` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:34 GMT content-encoding br cf-cache-status MISS last-modified Wed, 26 Apr 2017 07:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"59004631-d7b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kg2z6sZUCtUWjostJv8RuvVBFfBKlUaN6Dr1A2PcFd2BEdZRKkyUQyssJFJn1naRB%2Fu7rOoPOvc6wOi0gj4aBgbMPsIaeXVVaPEJRKedq7X69yUDWK6F1bV7ztWyJmYD82hT"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 86e4d62069338fd0-FRA alt-svc h3=":443"; ma=86400
GET H3	200	fl_57.png i.andromedaa.com/	2 KB 3 KB	53ms 53ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/fl_57.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e55a3f1e27d2dc0a9538c729272792e3f717fdadd1bb89a1008ef7b111afac31` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:34 GMT cf-cache-status MISS last-modified Thu, 23 Mar 2017 07:19:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58d376ff-8d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0ylOeSkIsS%2FmbTkr1pWL0NKX6LGZvipL%2FJpKvZopUtHB%2B2WAU424RSK1JbDequMP1UU2n6Azu6yTNTpgAFskIU2vUy3E%2FXfsynES3knpLhlXY4%2BdG72CzC3ZP5eDJj2r93H"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d62069358fd0-FRA alt-svc h3=":443"; ma=86400 content-length 2259
GET H3	200	lb_57.png i.andromedaa.com/	1 KB 2 KB	51ms 50ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/lb_57.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `174d5b0a858a4d6d0f26e5cbf7d26d39b639257ea9457f309bad7389fc5fde66` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:34 GMT cf-cache-status MISS last-modified Thu, 23 Mar 2017 07:19:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58d376ff-5ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJWBvBwcM3%2FyiIkprsu3AaKKMPZX4SDO0WKUb38CGvZiYOzmLGy%2FtTbkdh9s5o6VXu%2BTTtcPWzzUGU%2FQFxt18caSw1lg1oj4um2hIvrYqBibdqtHU71FUKgUvQwlnH9%2BXkUP"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d62069368fd0-FRA alt-svc h3=":443"; ma=86400 content-length 1486
GET H3	200	cm_57.png i.andromedaa.com/	2 KB 3 KB	64ms 63ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/cm_57.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35343ff9453960a99818145c992c57835bd78375a2c237cc3c0b2bbe2138b9e5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 23 Mar 2017 07:19:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58d376fc-8e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uqJH0pnrNoGlrZeBBgYaG%2FEmaE5P%2BWdqFX99pqJlBmepTWK1lyUn6aH6PnIgLe1%2BqsZXVDHsn%2FM7tpFm1gCbV39KbdQpvMYNcQVfjPhiKwmxCwrqI3%2BV%2FkbTedApycmRgRV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620793b8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 2280
GET H3	200	ozv_57.png i.andromedaa.com/oo/	3 KB 3 KB	56ms 55ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/oo/ozv_57.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `71bab8c1133dd0ac2306a93420289f2916b7eefecc77bf4a9de346475ccac0d9` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Mon, 10 Apr 2017 07:57:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58eb3ad3-b82" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SO8kvpMNRUVHdEziwYAcRMiLf9R5%2B%2FX%2FUG0PB6p0dOCdahCdyCeKiAjjHyYPFC%2Fkq96gs5b4qF4nMh7mmBRX%2BZIHtvz4LrF17yc7tMEPZGPdl2unzQoF7X7h7iFwhZ3O6J2l"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620793c8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 2946
GET H3	200	adbn2.png i.andromedaa.com/icon/	3 KB 3 KB	59ms 58ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/adbn2.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cf943c2febc4f4a2c58a5ea3106bc9fba5e604cc0c437e8019d9f6794f769042` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Mon, 30 Apr 2018 05:53:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ae6af5d-b20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7UDIyFe49N69t6drwFv%2FAAdyILfMIHZx4d1CVtV7nxHvO7ee0qEMO4nGjNqwg2NQm2wkNiYr3q0hygCZLkiCZIXVM%2BmuboWjGZRCMuNc1jZpsCRLMZ6TJ2IO%2FNJzZSa0J9j"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620793d8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 2848
GET H3	200	idlist_57.png i.andromedaa.com/	4 KB 5 KB	58ms 57ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/idlist_57.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2f1996017bfda93fd347ccb3a8e7dd9859ae0bdd4403ddbb010c9a823f83398a` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 28 Feb 2019 06:55:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5c7785de-10a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiOab88VUo4W%2Bi4hfcRXtV%2Bv3Tt7o4D%2BizZmWc7PEmjfnrBlHX4P7gUOPszU5mH9j2NFrRJ6OmMiHdYQO6gxddDlBcMzZwxMANcN%2F5oOcxwa69pZyGBzryH2E7WhBk0cjlAM"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620793e8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 4265
GET H3	200	apple.png i.andromedaa.com/icon/	832 B 1 KB	55ms 54ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/apple.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `427af502b0a586115266e98fd70931da21de4676b7977144410195345566ffb9` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2017 08:37:59 GMT x-accel-version 0.01 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag "340-54d950ee667c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqoay5W6YRy5FcJop2yDeb7Z5HtcsxMUz6%2FJ%2Fidfqm9Y%2F0RxsiQtgFlbV8exc%2BS9dssNi3CGfqdSKYTnjjaiLhORvLFy011HeVTMCvk8iJgGVcAQtZhwItiEFJXdoUyzXiZS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620793f8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 832
GET H3	200	android.png i.andromedaa.com/icon/	907 B 1 KB	57ms 56ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/android.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8087508c6cefda774547e6ffc062568a06164bf6537e1c9a24caa6448d49845f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2017 08:37:52 GMT x-accel-version 0.01 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag "38b-54d950e7b9800" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pun6F%2BVRAghoii9SmzT547qIMnOfp7MeP%2BYDq4B%2Fb55AnDBXy0h5inKpVPi30CWQBd4xAhdvIgSpIVT1078sNMGgnBaPEVsd6CKzP%2FBVuyoLXzV%2FzjD3%2Bmz92b9E%2BGB4Guyo"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d62079408fd0-FRA alt-svc h3=":443"; ma=86400 content-length 907
GET H3	200	bazardl.png i.andromedaa.com/	8 KB 8 KB	62ms 61ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/bazardl.png?2 Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a4e8dad911029be1b2523ded98df1d052bef37731c7bde2a286f980f5b56dfd6` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Mon, 16 Nov 2020 06:40:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5fb21ec4-1ea8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FE0Ci%2Be9UQ7PJuhNBCO%2FFeM1L%2FIk0Y%2BCXpORcOf9We8z6IAwDmVuRkC0wR%2FZI8hpuFckZZbxFO3Ntrb1BXFmjwkQXOGzMP2VBY%2BDtH1LWRbfhA63RcDQ8Q1F%2ByLJfSYMor%2B%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d62079418fd0-FRA alt-svc h3=":443"; ma=86400 content-length 7848
GET H3	200	tg.png i.andromedaa.com/icon/	3 KB 3 KB	65ms 64ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/tg.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afba1ccae060f8611d9c212f67f782349252a67d6319181a840301f82df510e5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2017 08:37:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58f87355-b16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAiYVDb%2FZdeBZ7dqmZ2Pd0oS2ajoeY16ienDl2NebqRcvy0LXUA1UsbhmtLx75LAJVmpr1ByvHG7C7SHZk3OIp9wj6vRp%2FkKdgjMfmL3G9xKSaXIyD%2BcSug%2B2Ujx8EXuUVJa"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d62079438fd0-FRA alt-svc h3=":443"; ma=86400 content-length 2838
GET H3	200	share_logo.png i.andromedaa.com/icon/	499 B 967 B	46ms 44ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/share_logo.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/agent.css?v3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2e62864c297e5bbe1d9f56f7e6e3bd36ec55ff30d176c61abdf7d37c59ee5777` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/agent.css?v3 accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2017 08:11:46 GMT x-accel-version 0.01 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag "1f3-54d94b1245480" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IaNMNYebmx88kPI1zkxQkeXQYCP9krr5Ja%2FUfzDlJLJ88DKgJTr%2BQ5No208H706ReOnOgDAPta4AUtMAAwpUvHchFO21NPGHL7h9SRUHjJS36%2BADPQiCvdQ6w%2F1UIm8vQGb"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620c95b8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 499
GET H3	200	copy.png i.andromedaa.com/icon/	345 B 813 B	47ms 46ms	Image image/png	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.andromedaa.com/icon/copy.png Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/agent.css?v3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e176fd3467f55d2a6cfc322aed685409019b0ef0e0c52a4e01e5fb84d487b623` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/agent.css?v3 accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2017 08:37:34 GMT x-accel-version 0.01 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag "159-54d950d68ef80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zn69A%2B1FD0YA7OO0MPmoJcA4L%2BCQiM%2F6SBlHYFG4Bn8lMLbDe3lF7GCQNKtMgaJyEBF2Xcce1Q74l8IhcXw5rhBkymLpm8TRrOB2X0jd4P5oDJnUuaj%2FCIu5qv%2FvIPr6YI3a"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620c95d8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 345
GET H3	200	BYekan.woff i.andromedaa.com/fa_font/	25 KB 26 KB	63ms 62ms	Font application/x-font-woff	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i.andromedaa.com/fa_font/BYekan.woff Requested by Host: i.andromedaa.com URL: https://i.andromedaa.com/agent.css?v3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99fb08ec4058d94b896ffe19013eff58d70e0bf9648f8c07a09f0667d8bba114` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/agent.css?v3 Origin https://i.andromedaa.com accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT cf-cache-status MISS last-modified Sun, 31 Jan 2016 12:43:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "56ae0160-64d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdwXzkp%2FhUdBXuSYoDY33qGFBXoAv9459qhJdpuFVuFu7xelMq3wFoaaxu4bZKIpvAfcBVYlzpi%2FlW%2B0iul2ZQ8s2UN7WlHEvCxhJ9Lo2ks6oIDXW7b%2B3NUGrzaW5VHI3hms"}],"group":"cf-nel","max_age":604800} content-type application/x-font-woff cache-control max-age=14400 accept-ranges bytes cf-ray 86e4d620c95e8fd0-FRA alt-svc h3=":443"; ma=86400 content-length 25808
GET H3	200	favicon.ico i.andromedaa.com/	1 KB 744 B	49ms 49ms	Other image/x-icon	172.67.154.191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i.andromedaa.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `229c893e898804214d2ff6e59106de7c85ec6b4f3c93ea35527d204bfc08793e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://i.andromedaa.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 00:10:35 GMT content-encoding br cf-cache-status MISS last-modified Sun, 31 Jan 2016 12:42:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"56ae0142-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2Fg75UvOJEPL11htzM0ALOtwg1PACMvTp35CVIKctpdrIqvPCND2azCKqnhb9KmjFtS8hhmSs5zwNqJDoSQpdqzdfy3wKsjpt4APjHMjQOmKOx%2BkdWqt72cgU2OEXGbpAZA6"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 86e4d62139848fd0-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| copyToClipboard

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andromedaa.ir
i.andromedaa.com
ndrm.ir
172.67.154.191
172.67.201.108
188.165.207.70
174d5b0a858a4d6d0f26e5cbf7d26d39b639257ea9457f309bad7389fc5fde66
229c893e898804214d2ff6e59106de7c85ec6b4f3c93ea35527d204bfc08793e
2e62864c297e5bbe1d9f56f7e6e3bd36ec55ff30d176c61abdf7d37c59ee5777
2f1996017bfda93fd347ccb3a8e7dd9859ae0bdd4403ddbb010c9a823f83398a
35343ff9453960a99818145c992c57835bd78375a2c237cc3c0b2bbe2138b9e5
427af502b0a586115266e98fd70931da21de4676b7977144410195345566ffb9
5accdd66584d43c1bf30ab5b2c64dabe703f2c90682b9ed4678b887663a1d473
71bab8c1133dd0ac2306a93420289f2916b7eefecc77bf4a9de346475ccac0d9
8087508c6cefda774547e6ffc062568a06164bf6537e1c9a24caa6448d49845f
99fb08ec4058d94b896ffe19013eff58d70e0bf9648f8c07a09f0667d8bba114
9a24b480b90d29c2720accb772f37843ba955d18763ef9c63f6c133fbe60b830
a4e8dad911029be1b2523ded98df1d052bef37731c7bde2a286f980f5b56dfd6
afba1ccae060f8611d9c212f67f782349252a67d6319181a840301f82df510e5
cf943c2febc4f4a2c58a5ea3106bc9fba5e604cc0c437e8019d9f6794f769042
e176fd3467f55d2a6cfc322aed685409019b0ef0e0c52a4e01e5fb84d487b623
e55a3f1e27d2dc0a9538c729272792e3f717fdadd1bb89a1008ef7b111afac31

i.andromedaa.com Open in urlscan Pro 172.67.154.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

1 IPs

2 Countries

64 kBTransfer

65 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

i.andromedaa.com Open in urlscan Pro
172.67.154.191 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

64 kB
Transfer

65 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions