payment.details.ahmadabedini.ir Open in urlscan Pro
88.99.160.209 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jambijambe.com/log.php
Effective URL:
https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN
Submission: On October 06 via manual (October 6th 2017, 7:42:15 pm UTC) from IN

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 88.99.160.209, located in Germany and belongs to HETZNER-AS, DE. The main domain is payment.details.ahmadabedini.ir.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 4th 2017. Valid for: 3 months.

This is the only time payment.details.ahmadabedini.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.229.72.95 103.229.72.95	55660 (MWN-AS-ID...) (MWN-AS-ID PT Master Web Network)
3 7	88.99.160.209 88.99.160.209	24940 (HETZNER-AS) (HETZNER-AS)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c366	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
3	2a02:26f0:122... 2a02:26f0:122:383::bfb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	3

1 103.229.72.95 (Jakarta, Indonesia) 1 redirects

ASN55660 (MWN-AS-ID PT Master Web Network, ID)
PTR: ip-229-72-95.masterweb.net

jambijambe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.99.160.209 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server4.dn-server.com

payment.details.ahmadabedini.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c366 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:122:383::bfb (European Union)

ASN20940 (AKAMAI-ASN1, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ahmadabedini.ir 3 redirects payment.details.ahmadabedini.ir	112 KB
3	nflxext.com assets.nflxext.com	154 KB
1	cloudflare.com cdnjs.cloudflare.com	78 KB
1	jambijambe.com 1 redirects jambijambe.com	248 B
8	4

	Domain	Requested by
7	payment.details.ahmadabedini.ir	3 redirects payment.details.ahmadabedini.ir
3	assets.nflxext.com	payment.details.ahmadabedini.ir
1	cdnjs.cloudflare.com	payment.details.ahmadabedini.ir
1	jambijambe.com	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid
payment.details.ahmadabedini.ir Let's Encrypt Authority X3	`2017-10-04` - `2018-01-02`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-05-27` - `2017-12-03`	6 months	crt.sh
secure.cdn.nflximg.net Symantec Class 3 Secure Server CA - G4	`2017-03-27` - `2019-03-27`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN
Frame ID: 13944.1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://jambijambe.com/log.php HTTP 302
https://payment.details.ahmadabedini.ir/index.php HTTP 302
https://payment.details.ahmadabedini.ir/users/userID-42249 HTTP 301
https://payment.details.ahmadabedini.ir/users/userID-42249/ HTTP 302
https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

343 kB
Transfer

522 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jambijambe.com/log.php HTTP 302
https://payment.details.ahmadabedini.ir/index.php HTTP 302
https://payment.details.ahmadabedini.ir/users/userID-42249 HTTP 301
https://payment.details.ahmadabedini.ir/users/userID-42249/ HTTP 302
https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response payment.details.ahmadabedini.ir/users/userID-42249/login/ Redirect Chain https://jambijambe.com/log.php https://payment.details.ahmadabedini.ir/index.php https://payment.details.ahmadabedini.ir/users/userID-42249 https://payment.details.ahmadabedini.ir/users/userID-42249/ https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN	6 KB 6 KB	286ms 286ms	Document text/html	88.99.160.209 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.160.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.dn-server.com Software Apache / PHP/5.3.29 Resource Hash `79f7f98037b16826d39735c31e3198a1e43a813ba52e90203ea6efe22b4e0a1c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host payment.details.ahmadabedini.ir Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Cookie PHPSESSID=4h9cpdbksnud8bgnrltha3b556 Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Fri, 06 Oct 2017 19:42:04 GMT Server Apache X-Powered-By PHP/5.3.29 Transfer-Encoding chunked Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=2, max=97 Expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers Pragma no-cache Date Fri, 06 Oct 2017 19:42:04 GMT Server Apache X-Powered-By PHP/5.3.29 Content-Type text/html location login/index.php?DE-EN Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive X-Robots-Tag noindex, nofollow Keep-Alive timeout=2, max=98 Content-Length 0 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	none.css payment.details.ahmadabedini.ir/users/userID-42249/css/	101 KB 101 KB	118ms 117ms	Stylesheet text/css	88.99.160.209 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.160.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.dn-server.com Software Apache / Resource Hash `1a06577e00a615695831554b7694dbd842b5d2ba3b3fffc1b6388bb497ace6ef` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host payment.details.ahmadabedini.ir User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Cookie PHPSESSID=4h9cpdbksnud8bgnrltha3b556 Connection keep-alive Cache-Control no-cache Referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 06 Oct 2017 19:42:05 GMT Last-Modified Fri, 06 Oct 2017 19:42:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=96 Content-Length 103013
GET H2	200	jquery.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/	258 KB 78 KB	35ms 11ms	Script application/javascript	2400:cb00:2048:1::6813:c366 CloudFlare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.js Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6813:c366 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9` Request headers :path /ajax/libs/jquery/3.1.0/jquery.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept / cache-control no-cache :authority cdnjs.cloudflare.com referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN :scheme https :method GET Referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Fri, 06 Oct 2017 19:42:05 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Jul 2016 22:01:41 GMT server cloudflare-nginx status 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 3a9b1a11edcf6445-FRA expires Wed, 26 Sep 2018 19:42:05 GMT
GET H/1.1	200 OK	logo.png payment.details.ahmadabedini.ir/users/userID-42249/images/	2 KB 2 KB	109ms 107ms	Image image/png	88.99.160.209 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.details.ahmadabedini.ir/users/userID-42249/images/logo.png Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.160.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.dn-server.com Software Apache / Resource Hash `208994e7418599fbe8296b8b5c8a69736b69e6915aacb9ce8077bb52ce752d11` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host payment.details.ahmadabedini.ir User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Cookie PHPSESSID=4h9cpdbksnud8bgnrltha3b556 Connection keep-alive Cache-Control no-cache Referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 06 Oct 2017 19:42:05 GMT Last-Modified Fri, 06 Oct 2017 19:42:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 2476
GET H/1.1	200 OK	fb.png payment.details.ahmadabedini.ir/users/userID-42249/images/	1 KB 1 KB	103ms 103ms	Image image/png	88.99.160.209 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.details.ahmadabedini.ir/users/userID-42249/images/fb.png Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.160.209 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.dn-server.com Software Apache / Resource Hash `3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host payment.details.ahmadabedini.ir User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Cookie PHPSESSID=4h9cpdbksnud8bgnrltha3b556 Connection keep-alive Cache-Control no-cache Referer https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 06 Oct 2017 19:42:05 GMT Last-Modified Fri, 06 Oct 2017 19:42:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=95 Content-Length 1455
GET H2	200	login-the-crown_2-1500x1000.jpg assets.nflxext.com/ffe/siteui/acquisition/login/	84 KB 84 KB	41ms 6ms	Image image/jpeg	2a02:26f0:122:383::bfb AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/login/login-the-crown_2-1500x1000.jpg Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:122:383::bfb , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash `baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04` Request headers :path /ffe/siteui/acquisition/login/login-the-crown_2-1500x1000.jpg pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority assets.nflxext.com referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css :scheme https :method GET Referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Fri, 06 Oct 2017 19:42:05 GMT last-modified Mon, 24 Oct 2016 20:49:51 GMT server Apache content-md5 5GY/BZWwL7HDlH/B8V64Eg== content-type image/jpeg status 200 cache-control public, max-age=79661875 accept-ranges bytes content-length 86226 expires Wed, 15 Apr 2020 20:00:00 GMT
GET H2	200	site-spinner-240.png assets.nflxext.com/ffe/siteui/common/	1 KB 1 KB	38ms 6ms	Image image/png	2a02:26f0:122:383::bfb AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/common/site-spinner-240.png Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:122:383::bfb , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash `075cbb4dbb8720d4c68dc18635cd630a12e98840a6151a0a62c08872aed2bde5` Request headers :path /ffe/siteui/common/site-spinner-240.png pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority assets.nflxext.com referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css :scheme https :method GET Referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Fri, 06 Oct 2017 19:42:05 GMT last-modified Fri, 24 Oct 2014 22:30:33 GMT server Apache content-md5 eQ/Ky3S+eni0uZb8Jeratw== content-type image/png status 200 cache-control public, max-age=79661875 accept-ranges bytes content-length 1138 expires Wed, 15 Apr 2020 20:00:00 GMT
GET H2	200	nf-icon-v1-88.woff assets.nflxext.com/ffe/siteui/fonts/	69 KB 69 KB	39ms 7ms	Font application/octet-stream	2a02:26f0:122:383::bfb AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-88.woff Requested by Host: payment.details.ahmadabedini.ir URL: https://payment.details.ahmadabedini.ir/users/userID-42249/login/index.php?DE-EN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:122:383::bfb , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash `ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a` Request headers :path /ffe/siteui/fonts/nf-icon-v1-88.woff pragma no-cache origin https://payment.details.ahmadabedini.ir accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept / cache-control no-cache :authority assets.nflxext.com referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css :scheme https :method GET User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Referer https://payment.details.ahmadabedini.ir/users/userID-42249/css/none.css Origin https://payment.details.ahmadabedini.ir Response headers date Fri, 06 Oct 2017 19:42:05 GMT content-encoding gzip last-modified Fri, 27 Jan 2017 22:53:52 GMT server Apache content-md5 ezBCotj2o1GiKPEVK1YDAg== status 200 vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control public, max-age=79661875 accept-ranges bytes expires Wed, 15 Apr 2020 20:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			payment.details.ahmadabedini.ir/	1970-01-01 00:00:00	Name: PHPSESSID Value: 4h9cpdbksnud8bgnrltha3b556

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
cdnjs.cloudflare.com
jambijambe.com
payment.details.ahmadabedini.ir
103.229.72.95
2400:cb00:2048:1::6813:c366
2a02:26f0:122:383::bfb
88.99.160.209
075cbb4dbb8720d4c68dc18635cd630a12e98840a6151a0a62c08872aed2bde5
1a06577e00a615695831554b7694dbd842b5d2ba3b3fffc1b6388bb497ace6ef
208994e7418599fbe8296b8b5c8a69736b69e6915aacb9ce8077bb52ce752d11
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
79f7f98037b16826d39735c31e3198a1e43a813ba52e90203ea6efe22b4e0a1c
b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9
ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04

payment.details.ahmadabedini.ir Open in urlscan Pro 88.99.160.209 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

343 kBTransfer

522 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

payment.details.ahmadabedini.ir Open in urlscan Pro
88.99.160.209 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

343 kB
Transfer

522 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!