manzeliot.ir Open in urlscan Pro
188.40.168.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dromissionfx.com/aittaj/redirection.php
Effective URL:
https://manzeliot.ir/abaupdateds/att/
Submission Tags: phishing
Submission: On May 11 via api (May 11th 2022, 1:29:10 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 188.40.168.93, located in Germany and belongs to HETZNER-AS, DE. The main domain is manzeliot.ir.
TLS certificate: Issued by R3 on April 3rd 2022. Valid for: 3 months.

This is the only time manzeliot.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3030::ac43:b0b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	188.40.168.93 188.40.168.93	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	185.105.185.25 185.105.185.25	25264 (AADP) (AADP)
28	4

2 2606:4700:3030::ac43:b0b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dromissionfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 188.40.168.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.168.40.188.clients.your-server.de

manzeliot.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.105.185.25 (Iran, Islamic Republic Of)

ASN25264 (AADP, IR)
PTR: server15.mihanmizban.net

cdn.webstart.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	manzeliot.ir manzeliot.ir	2 MB
2	dromissionfx.com 1 redirects dromissionfx.com	1 KB
1	webstart.ir cdn.webstart.ir	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	812 B
28	4

	Domain	Requested by
25	manzeliot.ir	dromissionfx.com manzeliot.ir
2	dromissionfx.com	1 redirects
1	cdn.webstart.ir	manzeliot.ir
1	fonts.googleapis.com	manzeliot.ir
28	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-06` - `2022-09-05`	a year	crt.sh
*.manzeliot.ir R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.webstart.ir R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://manzeliot.ir/abaupdateds/att/
Frame ID: 957FC40CF266CF22476A0014FA7B8176
Requests: 15 HTTP requests in this frame

Frame: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Frame ID: 1492030F276ACCFD9EFD6A4C2CAECDC4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Screen

Page URL History Show full URLs

http://dromissionfx.com/aittaj/redirection.php HTTP 301
https://dromissionfx.com/aittaj/redirection.php Page URL
https://manzeliot.ir/abaupdateds/att/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1773 kB
Transfer

1772 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dromissionfx.com/aittaj/redirection.php HTTP 301
https://dromissionfx.com/aittaj/redirection.php Page URL
https://manzeliot.ir/abaupdateds/att/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dromissionfx.com/aittaj/redirection.php HTTP 301
https://dromissionfx.com/aittaj/redirection.php

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirection.php
dromissionfx.com/aittaj/
Redirect Chain

http://dromissionfx.com/aittaj/redirection.php
https://dromissionfx.com/aittaj/redirection.php

218 B
698 B

420ms
364ms

Document
text/html

2606:4700:3030::ac43:b0b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dromissionfx.com/aittaj/redirection.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b0b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 709b42eea8cf5fb2-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 May 2022 13:29:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JryBayXJEXT1kY%2BTcjAwFQwyDxWbWCPnpzcUUoHXcIO2YI6goLUsHmNd8KkG1mOLfLIuVNID7%2F93v2T8XtUi6YjCfVRVZXgj1RSpgGKvjL8OJeYdbqxGea7i4K8xvIRk2uZjDN70A%2B%2F3LYnkcqJw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

Redirect headers

CF-RAY: 709b42eddacc5a13-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 11 May 2022 13:29:04 GMT
Expires: Wed, 11 May 2022 14:29:04 GMT
Location: https://dromissionfx.com/aittaj/redirection.php
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guWqo6ZARNVw4Fzayqdq5za0SlcHlBL8w3oGZUdy%2Fu%2BGIBbTgTOIFoVjk%2B7Ai2qL7kSZWM58X9yr76f5nMuXKs5v7oAC1y%2BlFGBI6kpg88RPHoSU3v5lsd5tHZTgTKznhnSL3zr5hFW2fyA4Yx6B"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK Primary Request / Show response
manzeliot.ir/abaupdateds/att/ 20 KB
20 KB 236ms
128ms Document
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/
Requested by: Host: dromissionfx.com
URL: https://dromissionfx.com/aittaj/redirection.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 5bb595fa968f8b7a16c1931342fb580bb11af0bdf2d5eca401956b6c9d336f4e

Request headers

Referer: https://dromissionfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 11 May 2022 13:29:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK styles.css
manzeliot.ir/abaupdateds/att/files/ 154 KB
154 KB 13ms
13ms Stylesheet
text/css 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 98607414db657e129003305c46e2b6cdcc612a7e770654894d72693bb9a75b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 05 May 2022 02:56:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 157684

GET
H/1.1 200
OK att-logo.svg
manzeliot.ir/abaupdateds/att/files/ 8 KB
8 KB 68ms
23ms Image
image/svg+xml 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manzeliot.ir/abaupdateds/att/files/att-logo.svg
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 05 May 2022 02:56:32 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8369

GET
H/1.1 200
OK checkmark.svg
manzeliot.ir/abaupdateds/att/files/ 350 B
595 B 78ms
14ms Image
image/svg+xml 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manzeliot.ir/abaupdateds/att/files/checkmark.svg
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 05 May 2022 02:56:32 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 350

GET
H/1.1 200
OK red-error-icon.svg
manzeliot.ir/abaupdateds/att/files/ 587 B
832 B 13ms
13ms Image
image/svg+xml 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manzeliot.ir/abaupdateds/att/files/red-error-icon.svg
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: f152943cdfffd1e8296d0a514477a884a8e9a4e1e5c445ba6eeb9e2a8fe4f2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 05 May 2022 03:28:02 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 587

GET
H/1.1 200
OK jquery.min.js Show response
manzeliot.ir/abaupdateds/att/files/ 156 KB
156 KB 50ms
15ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/jquery.min.js
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 12 Jul 2018 15:40:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 159536

GET
H/1.1 200
OK jquery.validate.min.js Show response
manzeliot.ir/abaupdateds/att/files/ 34 KB
34 KB 63ms
19ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/jquery.validate.min.js
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 19 Jul 2018 10:07:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 34429

GET
H/1.1 200
OK form.js Show response
manzeliot.ir/abaupdateds/att/files/ 5 KB
5 KB 63ms
19ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/form.js
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 0f0b14714de4a49890b28028fb936b189437db46369ab2c1f8def818f8306f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Last-Modified: Thu, 05 May 2022 04:09:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5232

GET
H/1.1 404
Not Found saved_resource.html Show response
manzeliot.ir/abaupdateds/att/files/ Frame 1492 35 KB
35 KB 313ms
280ms Document
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 9696794d34199f3abb2a31c7d2d3f9857e29c31c720c98b0095f815118984592

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 11 May 2022 13:29:05 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found ATTAleckSans_W_Rg.woff2
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ 0
0 298ms
298ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found ATTAleckSans_W_Md.woff2
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ 0
0 444ms
444ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:05 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK style.min.css
manzeliot.ir/wp-includes/css/dist/block-library/ Frame 1492 81 KB
82 KB 15ms
15ms Stylesheet
text/css 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Wed, 06 Apr 2022 00:00:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 83419

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
manzeliot.ir/wp-includes/js/ Frame 1492 18 KB
18 KB 20ms
19ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Sun, 27 Mar 2022 21:12:17 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18181

GET
H/1.1 200
OK settings.css
manzeliot.ir/wp-content/plugins/revslider/public/assets/css/ Frame 1492 39 KB
39 KB 13ms
12ms Stylesheet
text/css 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Mon, 08 Oct 2018 19:27:07 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 39750

GET
H2 200 css
fonts.googleapis.com/ Frame 1492 2 KB
812 B 49ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CRoboto+Condensed%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&ver=4.5

Requested by

Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e674e00aa0258890c6128fbcf137a4148cfecb790eca516fa6487aceb9cbf57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 11 May 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 11 May 2022 13:29:06 GMT

GET
H/1.1 200
OK style.css
manzeliot.ir/wp-content/themes/Newsmag/ Frame 1492 743 KB
743 KB 19ms
18ms Stylesheet
text/css 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-content/themes/Newsmag/style.css?ver=4.5
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 7f06d8f2fb26387e5fec71e051e02e49e530d50dea6a1bfbe4b608e4209c1567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Tue, 28 Aug 2018 07:03:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 760901

GET
H/1.1 200
OK jquery.min.js Show response
manzeliot.ir/wp-includes/js/jquery/ Frame 1492 87 KB
88 KB 27ms
17ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Sun, 27 Mar 2022 21:12:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89521

GET
H/1.1 200
OK jquery-migrate.min.js Show response
manzeliot.ir/wp-includes/js/jquery/ Frame 1492 11 KB
11 KB 28ms
15ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Sun, 27 Mar 2022 21:12:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11224

GET
H/1.1 200
OK jquery.themepunch.tools.min.js Show response
manzeliot.ir/wp-content/plugins/revslider/public/assets/js/ Frame 1492 108 KB
108 KB 27ms
13ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Mon, 08 Oct 2018 19:27:07 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110564

GET
H/1.1 200
OK jquery.themepunch.revolution.min.js Show response
manzeliot.ir/wp-content/plugins/revslider/public/assets/js/ Frame 1492 63 KB
64 KB 90ms
46ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: 27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Mon, 08 Oct 2018 19:27:07 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 64949

GET
H/1.1 200
OK td_100x75.png
manzeliot.ir/wp-content/themes/Newsmag/images/no-thumb/ Frame 1492 157 B
399 B 58ms
15ms Image
image/png 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manzeliot.ir/wp-content/themes/Newsmag/images/no-thumb/td_100x75.png
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: e68e3de6a40afeeb8b8063b71e44f98c638a48b02701d2dca5b0a073d7106ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Tue, 28 Aug 2018 07:03:47 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 157

GET
H2 200 haj.css
cdn.webstart.ir/ Frame 1492 4 KB
1 KB 297ms
77ms Stylesheet
text/css 185.105.185.25
AADP

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webstart.ir/haj.css
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.105.185.25 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS: server15.mihanmizban.net
Software: /
Resource Hash: bfc9b2de8b391502f50a7798b982866c72bc14ed05dbcb762602321ed4b74313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 11 May 2022 13:29:06 GMT
content-encoding: br
last-modified: Sat, 21 Nov 2020 15:56:15 GMT
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 928
expires: Fri, 10 Jun 2022 13:29:06 GMT

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
manzeliot.ir/wp-content/themes/Newsmag/js/ Frame 1492 203 KB
203 KB 35ms
35ms Script
application/javascript 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/wp-content/themes/Newsmag/js/tagdiv_theme.min.js?ver=4.5
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash: bd9a4afd0d0fcef6fd486162e2e4df65fcf31ee9e73332f90872d87f2b2f2339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Last-Modified: Tue, 28 Aug 2018 07:03:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 207372

GET
H/1.1 404
Not Found ATTAleckSans_W_Rg.woff
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ 0
0 274ms
271ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Rg.woff
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found ATTAleckSans_W_Md.woff
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ 0
0 190ms
189ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Md.woff
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=95
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found ATTAleckSans_W_Rg.ttf
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ 0
0 221ms
221ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Rg.ttf
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found ATTAleckSans_W_Md.ttf
manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ 0
0 195ms
195ms Font
text/html 188.40.168.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Md.ttf
Requested by: Host: manzeliot.ir
URL: https://manzeliot.ir/abaupdateds/att/files/styles.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.168.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.168.40.188.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Referer: https://manzeliot.ir/abaupdateds/att/files/styles.css
Origin: https://manzeliot.ir
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date: Wed, 11 May 2022 13:29:06 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://manzeliot.ir/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			manzeliot.ir/	1969-12-31 23:59:59	Name: PHPSESSID Value: a859f60935fd2c33be5c1ca31b3128e5

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/saved_resource.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Rg.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/woff/ATTAleckSans_W_Md.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Rg.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://manzeliot.ir/abaupdateds/att/files/assets/fonts/att/ATTAleckSans/ttf/ATTAleckSans_W_Md.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.webstart.ir
dromissionfx.com
fonts.googleapis.com
manzeliot.ir
185.105.185.25
188.40.168.93
2606:4700:3030::ac43:b0b8
2a00:1450:4001:830::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0f0b14714de4a49890b28028fb936b189437db46369ab2c1f8def818f8306f86
23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
5bb595fa968f8b7a16c1931342fb580bb11af0bdf2d5eca401956b6c9d336f4e
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
7f06d8f2fb26387e5fec71e051e02e49e530d50dea6a1bfbe4b608e4209c1567
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
9696794d34199f3abb2a31c7d2d3f9857e29c31c720c98b0095f815118984592
98607414db657e129003305c46e2b6cdcc612a7e770654894d72693bb9a75b72
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd9a4afd0d0fcef6fd486162e2e4df65fcf31ee9e73332f90872d87f2b2f2339
bfc9b2de8b391502f50a7798b982866c72bc14ed05dbcb762602321ed4b74313
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e674e00aa0258890c6128fbcf137a4148cfecb790eca516fa6487aceb9cbf57b
e68e3de6a40afeeb8b8063b71e44f98c638a48b02701d2dca5b0a073d7106ab5
f152943cdfffd1e8296d0a514477a884a8e9a4e1e5c445ba6eeb9e2a8fe4f2fe
f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a

manzeliot.ir Open in urlscan Pro 188.40.168.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1773 kBTransfer

1772 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

manzeliot.ir Open in urlscan Pro
188.40.168.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1773 kB
Transfer

1772 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!