www.ninifarda.ir Open in urlscan Pro
95.217.59.29 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://technelec.be/%D0%BF%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8/kssoyTLJvvvu/?user=redacted%4...
Effective URL:
https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%...
Submission: On November 17 via api (November 17th 2021, 1:25:38 am UTC) from IE — Scanned from FR

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 39 HTTP transactions. The main IP is 95.217.59.29, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is www.ninifarda.ir.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.

This is the only time www.ninifarda.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.121.88.59 91.121.88.59	16276 (OVH) (OVH)
37	95.217.59.29 95.217.59.29	24940 (HETZNER-AS) (HETZNER-AS)
39	2

1 91.121.88.59 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns352885.ip-91-121-88.eu

technelec.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 95.217.59.29 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cp12.abtinweb.com

www.ninifarda.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	ninifarda.ir www.ninifarda.ir	820 KB
1	technelec.be 1 redirects technelec.be	409 B
39	2

	Domain	Requested by
37	www.ninifarda.ir	www.ninifarda.ir
1	technelec.be	1 redirects
39	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ninifarda.ir R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com
Frame ID: FA23767E5390FB85DF52C456E2BEF363
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WF - Information

Page URL History Show full URLs

https://technelec.be/%D0%BF%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8/kssoyTLJv... HTTP 301
https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%... Page URL

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

820 kB
Transfer

811 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://technelec.be/%D0%BF%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8/kssoyTLJvvvu/?user=redacted%40threatwave.com HTTP 301
https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php Show response www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/ Redirect Chain https://technelec.be/%D0%BF%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8/kssoyTLJvvvu/?user=redacted%40threatwave.com https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com	39 KB 39 KB	346ms 234ms	Document text/html	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `6982504188eb62c9716bc1ee4f7794c4b8171c65224a7a66bb62e7af9c64ae91` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Date Wed, 17 Nov 2021 01:25:33 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Wed, 17 Nov 2021 01:25:33 GMT Server Apache Location https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Content-Length 396 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	page_ret.css www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	49 KB 49 KB	83ms 57ms	Stylesheet text/css	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `5e9f0fbd4d08bae0eeece3a7339f6c91351bb3f4a2591440c9e1f6a8d13612dc` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:52:59 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 50355
GET H/1.1	200 OK	wf-logo-transp-bg.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	14 KB 14 KB	167ms 56ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/wf-logo-transp-bg.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `0652ffedee86a18d2589f86dbb1dbb15c81dcdaea054292ee46023f7d64e1c79` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:56:37 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14106
GET H/1.1	200 OK	homepage-lock.svg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	2 KB 2 KB	162ms 52ms	Image image/svg+xml	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/homepage-lock.svg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:00 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1784
GET H/1.1	200 OK	signon-lock.svg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	4 KB 4 KB	166ms 55ms	Image image/svg+xml	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/signon-lock.svg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:55:11 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3985
GET H/1.1	200 OK	1199830824_1200x532.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	56 KB 56 KB	173ms 59ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/1199830824_1200x532.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `1054b2050bae74d4d2125a1748d48dfc0cf544c82158a316ca950e8a505e75f0` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:49:52 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 57368
GET H/1.1	200 OK	house_50x50.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	584 B 825 B	156ms 54ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/house_50x50.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `53f20554e5a8e812764c7e8241e14c9117d2197e00f1b87248bf458aa8e55caa` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:07 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 584
GET H/1.1	200 OK	card_50x50.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	516 B 757 B	55ms 54ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/card_50x50.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `14ebe41c047e0cfca8e17b68f81bc0f980b75321c35d784360cf3491b1f9a06d` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:01 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 516
GET H/1.1	200 OK	laptop-50x50.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	540 B 781 B	52ms 52ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/laptop-50x50.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:52:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 540
GET H/1.1	200 OK	rates-50x50.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	1 KB 2 KB	61ms 54ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/rates-50x50.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:54:44 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1408
GET H/1.1	200 OK	credit-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	26 KB 27 KB	72ms 55ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/credit-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `09504bdecbf274d2b3322b86c6cc699a186b4656cc220d563fcbfb08df220b08` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:09 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 26996
GET H/1.1	200 OK	easy-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	33 KB 33 KB	63ms 56ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/easy-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:19 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 33574
GET H/1.1	200 OK	home_sprite_image.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	11 KB 11 KB	66ms 53ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/home_sprite_image.png Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 11229
GET H/1.1	200 OK	retirement-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	31 KB 31 KB	76ms 56ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/retirement-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `aee5245049750ff1e0f9368e3f69e0804e637539bb95c22db5325f884fbe5e9e` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:54:56 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 31394
GET H/1.1	200 OK	homelending-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	34 KB 34 KB	78ms 56ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/homelending-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:53 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 34654
GET H/1.1	200 OK	college-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	34 KB 35 KB	63ms 56ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/college-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:05 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 35099
GET H/1.1	200 OK	basics-970x485.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	28 KB 28 KB	60ms 54ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/basics-970x485.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `eb38bf6136b9b597e78c4a80f041d4e3bbc9231b348e999ba5aa1e52ec2bbd0f` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:49:58 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 28720
GET H/1.1	200 OK	3356_304x194.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	9 KB 9 KB	73ms 55ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/3356_304x194.jpg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `fbe240520ac06a89f4bc6dd3bd580d5ee2ffa5c2adcf8f5934abf16ac8eeccd3` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:49:46 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 9458
GET H/1.1	200 OK	jquery.min.js Show response www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	95 KB 96 KB	137ms 56ms	Script application/javascript	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/jquery.min.js Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 97628
GET H/1.1	200 OK	epage_per.js Show response www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	77 KB 77 KB	59ms 58ms	Script application/javascript	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/epage_per.js Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `f329c554677be8d85cacb58ad1cae1ff95f1cff8340c4de80150a8d273ee92d0` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:24 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 78700
GET H/1.1	200 OK	page_ret.css www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	8 KB 8 KB	76ms 56ms	Image text/css	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:52:59 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 50355
POST		jsLog www.ninifarda.ir/as/	0 0

GET H/1.1	200 OK	icon-marquee-dot-active.svg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	578 B 823 B	94ms 55ms	Image image/svg+xml	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/icon-marquee-dot-active.svg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `259d6ea28712a17bd489318ef6a3f0918dce2eb375010354b4317bd387ec221c` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:31 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 578
GET H/1.1	200 OK	icon-marquee-dot-inactive.svg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	587 B 832 B	71ms 55ms	Image image/svg+xml	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/icon-marquee-dot-inactive.svg Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `dd341c514417a21a4cde2405765138bc4b0bfbf8cf0b8ca9ca6e468a30977640` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:36 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 587
GET H/1.1	200 OK	page_ret.css www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	8 KB 8 KB	107ms 62ms	Image text/css	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/page_ret.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:52:59 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 50355
GET		s.gif www.ninifarda.ir/assets/images/global/	0 0

GET H/1.1	508 Loop Detected	s.gif Show response www.ninifarda.ir/assets/images/global/	288 B 492 B	58ms 58ms	XHR text/html	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ninifarda.ir/assets/images/global/s.gif?log=1&pageUrl=https%3A%2F%2Fwww.ninifarda.ir%2F%25d0%25bf%25d0%25be%25d0%25bb%25d0%25b8%25d0%25be%25d0%25bb%25d0%25b5%25d1%2584%25d0%25b8%25d0%25bd%25d0%25be%25d0%25b2%25d0%25b0%25d1%258f%2Fa%25d0%25be%25d1%2582%25d1%2580%25d0%25b0%25d0%25bb%25d1%258f%25d1%2585.php%3Fuser%3Dredacted%2540threatwave.com&cb=1637112334467&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=84-147031-16~91-146912-32 Requested by Host: www.ninifarda.ir URL: https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `d3cffe9f37702e95b3702696987f93ab39922a033e06610275a82a7aae14c96a` Request headers Accept / Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com X-Requested-With XMLHttpRequest Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=93 Content-Length 288 Retry-After 14400 Content-Type text/html
GET H/1.1	200 OK	hph_1200x532.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	22 KB 22 KB	58ms 57ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/hph_1200x532.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `6fa97281c327dc009a7f495c0208a550b23f8ed5825e9e4d9017fba2e299b036` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 22039
GET H/1.1	200 OK	pink_1200x532.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	55 KB 55 KB	57ms 57ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/pink_1200x532.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `00fbe29b6a7657692ebdf269643d991692e88f769e772729167b4a9b49dbc799` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:54:30 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 56345
GET H/1.1	200 OK	maa-50x50.png www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	961 B 1 KB	110ms 54ms	Image image/png	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/maa-50x50.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `42902bf802de1e0edd9d13d02216ec6fb579ebbdc9f8ce045cc1ad37a699e481` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:52:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 961
GET H/1.1	200 OK	tablet_device.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	28 KB 29 KB	57ms 53ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/tablet_device.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:55:17 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 29069
GET H/1.1	200 OK	890847206_489_234.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	14 KB 15 KB	72ms 53ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/890847206_489_234.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:49:49 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 14770
GET H/1.1	200 OK	default1_304x194.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	10 KB 10 KB	87ms 58ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/default1_304x194.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:12 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10061
GET H/1.1	200 OK	default3_304x194.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	14 KB 14 KB	56ms 56ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/default3_304x194.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:16 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 14418
GET H/1.1	200 OK	gardening_414x240.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	25 KB 25 KB	54ms 54ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/gardening_414x240.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:36 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 25210
GET H/1.1	200 OK	green-414x240.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	27 KB 28 KB	64ms 63ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/green-414x240.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:50:40 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 28056
GET H/1.1	200 OK	redress_414x240.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	18 KB 18 KB	68ms 68ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/redress_414x240.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `37822f946f1b79d00138a6e027d921492874dc7a79882dc5934277cccbd194b9` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:54:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 18586
GET H/1.1	200 OK	house-414x240.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	24 KB 24 KB	65ms 65ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/house-414x240.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:51:12 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 24302
GET H/1.1	200 OK	screenshot-414x240.jpg www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/	12 KB 12 KB	53ms 53ms	Image image/jpeg	95.217.59.29 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/img/screenshot-414x240.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.217.59.29 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cp12.abtinweb.com Software Apache / Resource Hash `3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.ninifarda.ir/%d0%bf%d0%be%d0%bb%d0%b8%d0%be%d0%bb%d0%b5%d1%84%d0%b8%d0%bd%d0%be%d0%b2%d0%b0%d1%8f/a%d0%be%d1%82%d1%80%d0%b0%d0%bb%d1%8f%d1%85.php?user=redacted%40threatwave.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 01:25:34 GMT Last-Modified Tue, 16 Nov 2021 18:55:03 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 12143

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ninifarda.ir
URL: https://www.ninifarda.ir/as/jsLog

Domain: www.ninifarda.ir
URL: https://www.ninifarda.ir/assets/images/global/s.gif?log=1&pageUrl=https%3A%2F%2Fwww.ninifarda.ir%2F%25d0%25bf%25d0%25be%25d0%25bb%25d0%25b8%25d0%25be%25d0%25bb%25d0%25b5%25d1%2584%25d0%25b8%25d0%25bd%25d0%25be%25d0%25b2%25d0%25b0%25d1%258f%2Fa%25d0%25be%25d1%2582%25d1%2580%25d0%25b0%25d0%25bb%25d1%258f%25d1%2585.php%3Fuser%3Dredacted%2540threatwave.com&cb=1637112334466&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=84-146961-16~91-146911-32

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ninifarda.ir/assets/images/global/s.gif?log=1&pageUrl=https%3A%2F%2Fwww.ninifarda.ir%2F%25d0%25bf%25d0%25be%25d0%25bb%25d0%25b8%25d0%25be%25d0%25bb%25d0%25b5%25d1%2584%25d0%25b8%25d0%25bd%25d0%25be%25d0%25b2%25d0%25b0%25d1%258f%2Fa%25d0%25be%25d1%2582%25d1%2580%25d0%25b0%25d0%25bb%25d1%258f%25d1%2585.php%3Fuser%3Dredacted%2540threatwave.com&cb=1637112334467&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=84-147031-16~91-146912-32 Message: Failed to load resource: the server responded with a status of 508 (Loop Detected)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

technelec.be
www.ninifarda.ir
www.ninifarda.ir
91.121.88.59
95.217.59.29
00fbe29b6a7657692ebdf269643d991692e88f769e772729167b4a9b49dbc799
0652ffedee86a18d2589f86dbb1dbb15c81dcdaea054292ee46023f7d64e1c79
09504bdecbf274d2b3322b86c6cc699a186b4656cc220d563fcbfb08df220b08
1054b2050bae74d4d2125a1748d48dfc0cf544c82158a316ca950e8a505e75f0
14ebe41c047e0cfca8e17b68f81bc0f980b75321c35d784360cf3491b1f9a06d
259d6ea28712a17bd489318ef6a3f0918dce2eb375010354b4317bd387ec221c
2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc
34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1
37822f946f1b79d00138a6e027d921492874dc7a79882dc5934277cccbd194b9
3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e
42902bf802de1e0edd9d13d02216ec6fb579ebbdc9f8ce045cc1ad37a699e481
4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947
53f20554e5a8e812764c7e8241e14c9117d2197e00f1b87248bf458aa8e55caa
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66
5e9f0fbd4d08bae0eeece3a7339f6c91351bb3f4a2591440c9e1f6a8d13612dc
6982504188eb62c9716bc1ee4f7794c4b8171c65224a7a66bb62e7af9c64ae91
6fa97281c327dc009a7f495c0208a550b23f8ed5825e9e4d9017fba2e299b036
7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe
ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f
aee5245049750ff1e0f9368e3f69e0804e637539bb95c22db5325f884fbe5e9e
bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594
c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c
d3cffe9f37702e95b3702696987f93ab39922a033e06610275a82a7aae14c96a
d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
dd341c514417a21a4cde2405765138bc4b0bfbf8cf0b8ca9ca6e468a30977640
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61
eb38bf6136b9b597e78c4a80f041d4e3bbc9231b348e999ba5aa1e52ec2bbd0f
f329c554677be8d85cacb58ad1cae1ff95f1cff8340c4de80150a8d273ee92d0
fbe240520ac06a89f4bc6dd3bd580d5ee2ffa5c2adcf8f5934abf16ac8eeccd3

www.ninifarda.ir Open in urlscan Pro 95.217.59.29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

39 Requests

95 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

820 kBTransfer

811 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ninifarda.ir Open in urlscan Pro
95.217.59.29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

820 kB
Transfer

811 kB
Size

0
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!