urlscan.io logo urlscan.io
SecurityTrails logo

nexinfo.ir Open in urlscan Pro
2606:4700:3036::ac43:99a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://nexinfo.ir/
Submission: On March 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3036::ac43:99a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is nexinfo.ir.
TLS certificate: Issued by GTS CA 1P5 on March 31st 2023. Valid for: 3 months.
This is the only time nexinfo.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
10 185.143.234.122 205585 (ARVANCLOU...)
2 2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 185.143.233.122 205585 (ARVANCLOU...)
2 87.107.167.168 204544 (MOBINHOST)
1 185.147.178.24 44932 (SABAIDEA)
23 6
6    2606:4700:3036::ac43:99a1 (United States)

ASN13335 (CLOUDFLARENET, US)
nexinfo.ir
10    185.143.234.122 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)
cdn.yektanet.com
assets.najva.com
native-scripts.yektanet.com
audience.yektanet.com
ua.yektanet.com
2    2606:4700:e0::ac40:661f (United States)

ASN13335 (CLOUDFLARENET, US)
app.najva.com
2    185.143.233.122 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)
van.najva.com
2    87.107.167.168 (Tehran, Iran, Islamic Republic Of)

ASN204544 (MOBINHOST, IR)
PTR: 87.107.167.168.ptr.torob.com
bfetch.yektanet.com
1    185.147.178.24 (Iran, Islamic Republic Of)

ASN44932 (SABAIDEA, IR)
plus.sabavision.com
Apex Domain
Subdomains		 Transfer
11 yektanet.com
cdn.yektanet.com — Cisco Umbrella Rank: 44039
bfetch.yektanet.com — Cisco Umbrella Rank: 67575
native-scripts.yektanet.com — Cisco Umbrella Rank: 76353
nfetch.yektanet.com Failed
audience.yektanet.com — Cisco Umbrella Rank: 50911
ua.yektanet.com — Cisco Umbrella Rank: 49685
71 KB
6 nexinfo.ir
nexinfo.ir
50 KB
5 najva.com
app.najva.com — Cisco Umbrella Rank: 111666
assets.najva.com — Cisco Umbrella Rank: 122853
van.najva.com — Cisco Umbrella Rank: 72966
49 KB
1 sabavision.com
plus.sabavision.com — Cisco Umbrella Rank: 62299
837 B
23 4
Domain Requested by
6 nexinfo.ir nexinfo.ir
4 cdn.yektanet.com nexinfo.ir
cdn.yektanet.com
app.najva.com
3 ua.yektanet.com cdn.yektanet.com
ua.yektanet.com
2 bfetch.yektanet.com cdn.yektanet.com
2 van.najva.com nexinfo.ir
app.najva.com
2 app.najva.com 2 redirects
1 plus.sabavision.com
1 audience.yektanet.com cdn.yektanet.com
1 native-scripts.yektanet.com cdn.yektanet.com
1 assets.najva.com nexinfo.ir
0 nfetch.yektanet.com Failed cdn.yektanet.com
23 11

This site contains no links.

Subject Issuer Validity Valid
*.nexinfo.ir
GTS CA 1P5		 2023-03-31 -
2023-06-29		 3 months crt.sh
*.accounts.yektanet.com
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
bfetch.yektanet.com
R3		 2023-02-24 -
2023-05-25		 3 months crt.sh
van.najva.com
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
*.sabavision.com
Certum Domain Validation CA SHA2		 2023-01-24 -
2024-01-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nexinfo.ir/
Frame ID: A9D9FE253D99D2EED2DA9F735D35C51F
Requests: 19 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 55C2AB91541AAF42E81AB99347DA1CF2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

جوابگو

Page Statistics

23
Requests

83 %
HTTPS

33 %
IPv6

4
Domains

11
Subdomains

6
IPs

2
Countries

170 kB
Transfer

494 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://app.najva.com/static/css/local-messaging.css?v=202302031020 HTTP 301
  • https://assets.najva.com/webpush/static/css/local-messaging.css?v=202302031020
Request Chain 4
  • https://app.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020 HTTP 301
  • https://van.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nexinfo.ir/ 		32 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexinfo.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dfa36606a1817e1ca843f7a3226d8f0919972615e0db163662c2e8a5c0dbae57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b0b2ed39cec35e7-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 31 Mar 2023 20:01:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVFekBf0ekogAAv5ASBqzBYfzVYB7rK80BQqxmnkLGSVGXNyOn8EDnCPT6tY%2BKDs%2BcmhZU3t%2BAZu1gI5IxwABkz2EH7zYoEtT%2F4GFeUMIFNYtT6WvJ5DDTj%2BDsFmvB4bWd8vzVUGt%2Bj2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
style.rtl.css
nexinfo.ir/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nexinfo.ir/css/style.rtl.css
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d5b0dee170e973516eea0031557fba3ddbf2f263d51d1f8b959ad9969fa3a04f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 14 Jan 2022 13:57:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"61b9-17e58e12468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1Oyqy1kN8F5Dv4KBK%2BGXyJshQ%2BE4kGuXvTHLcbV5AgrTQPeWVVG2PY%2BmKnS4qo43UctWsGgtO3gQ2S0dMJUHGEiMlbTPOi4KHIGbC8z1SlAz%2Bigskt4zfSQYM%2FBAvZQVCYma7qLPE5y"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7b0b2ed3ed6835e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
nexinfo.ir/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexinfo.ir/js/main.js
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
59d537f5baca45bb59e2a5d466e1fee761af95cac15eb323df79b23b9e1a428d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 14 Jan 2022 13:57:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2128-17e58e12468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Ug%2FJnVEAIU0GaTqU%2BR70P9do2UZizdWzduZN5y%2FCdHQbt2T6g9uLH%2BEFEuhAKJE8ysWVc1i%2BuRDy3Qcu37LNdBSfVKspFG3r1EzqMcA4%2Bv8mm%2BQFvVju6qqc1c4aCm6%2BFOMkTqeGbN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7b0b2ed3ed6c35e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
native-getbyme.ir-13637.js
cdn.yektanet.com/js/getbyme.ir/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/js/getbyme.ir/native-getbyme.ir-13637.js?v=202302031020
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
99e1989c82c730b4330b1328bb8178e119ac8676e445224fb5ab13913b751f11
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
gzip
ar-request-id
efa60349c40d4c82293882df45a9ab08
ar-atime
0.095
ar-cache
MISS
x-cache-status
REVALIDATED
ar-sid
4103
x-xss-protection
1; mode=block
last-modified
Sat, 11 Mar 2023 23:02:21 GMT
server
ArvanCloud
etag
W/"a7868e49af3adb0619c2e33634fbded4"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
cache-control
max-age=3600
access-control-max-age
1728000
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Fri, 31 Mar 2023 21:01:12 GMT
local-messaging.css
assets.najva.com/webpush/static/css/
Redirect Chain
  • https://app.najva.com/static/css/local-messaging.css?v=202302031020
  • https://assets.najva.com/webpush/static/css/local-messaging.css?v=202302031020
10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202302031020
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Sat, 30 Mar 2024 20:01:12 GMT
date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
ar-request-id
d9f6ef9d3f5acd0a1152b764c64bd1a0
ar-atime
0.000
x-amz-request-id
tx000001f1f1809e84a7276-00640efe14-35ef92-ir-tbz-sh1
ar-cache
HIT
ar-sid
4101
x-xss-protection
1; mode=block
last-modified
Mon, 13 Feb 2023 15:10:16 GMT
server
ArvanCloud
etag
W/"20685ae09d2ce2a080031240f15c7725"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-rgw-object-type
Normal
cache-control
max-age=31536000
x-amz-meta-mtime
1674484809.295193216

Redirect headers

date
Fri, 31 Mar 2023 20:01:12 GMT
ar-request-id
14b00e1d1b06f8ea397a5dcb70d3ad20
cf-cache-status
HIT
ar-atime
0.000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
763
ar-sid
4103
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202302031020
access-control-allow-origin
*
cache-control
max-age=16070400
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiLw5g0eaPZP6%2BONz3vEBLWiU5cZm5DuVrtPzHAO0o%2BOmOv4CFILG6TKbgf17KAhyUQoHWtsFC6nN86n73P58wq4WfViJI6Q0OduTKommPbpRTe8JOXjkp1ayykTNZJatLRyyDaTxz1s%2BerE"}],"group":"cf-nel","max_age":604800}
cf-ray
7b0b2ed45c7091de-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js
van.najva.com/static/js/scripts/
Redirect Chain
  • https://app.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
  • https://van.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
180 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://van.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Server
185.143.233.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
8c6147e4ed922ea7123f26c0cbdd2836c7c8fc1f59cb4c1bd93b5558032aad50
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
ar-request-id
2c47a36542cc8c6aef8f983f02f4ec36
ar-atime
0.000
ar-cache
HIT
x-cache-status
HIT
ar-sid
2582
x-xss-protection
1; mode=block
last-modified
Fri, 14 Jan 2022 23:03:07 GMT
server
ArvanCloud
etag
W/"403956f4cbe38887e0fcd8c4655a621c"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

date
Fri, 31 Mar 2023 20:01:12 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFxSPQAVXbmnN9qq8ao8oH9GG7elQSi3BlWH63grc6vS9%2BJMR1%2Fpg%2Buxf9GodzQKClVwPenoRQO%2Fr%2FLBa3OU%2FGddJr54ZY56vUQJ7K3VSZga5ftZJR6Nq7zI3BvxobI4Sq1kN212Oi%2B%2FUH7R"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://van.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
cache-control
max-age=16070400
cf-ray
7b0b2ed45c7291de-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yn_bnr.min.js
cdn.yektanet.com/template/bnrs/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/template/bnrs/yn_bnr.min.js?v=202302031020
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
876d724fd73ebe52fb13452d5c7259152ccb4167ca39d9c6fa2ed7015d446dfc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
gzip
ar-request-id
8763b2ab233f31d5b9374db4a669f87c
last-modified
Wed, 15 Mar 2023 07:36:19 GMT
server
ArvanCloud
ar-atime
0.002
ar-cache
HIT
etag
W/"64117573-8286"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
ar-sid
4103
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Fri, 31 Mar 2023 21:01:12 GMT
IRANSansWeb.woff2
nexinfo.ir/font/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nexinfo.ir/font/IRANSansWeb.woff2
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/css/style.rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
224e0a53fcc1456dbe75f0ae0bd200131609055790eaa109222ac0d0b8045a5d

Request headers

Referer
https://nexinfo.ir/css/style.rtl.css
Origin
https://nexinfo.ir
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31320
last-modified
Fri, 14 Jan 2022 13:57:37 GMT
server
cloudflare
etag
W/"7a58-17e58e12468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVidv69bK1yf%2BhO29SOBUf3%2FmYHscxhbvDUzEHFBgnnKM1IyJppa71aGAyeoEXmBA6QzLsY7KZv9xMCmNVSE9IK0NEtlRFbsVD%2FsVmuzVlA74XV63Fwbx3SgE6hVSVdQ7Er3QOcPgtGW"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7b0b2ed42f6f3a74-FRA
backPix.png
nexinfo.ir/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexinfo.ir/backPix.png
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/css/style.rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
edb1c40315d54873a8390508cac30b452fe73732f7d429ee6b856305fb9dcb2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/css/style.rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
954
last-modified
Fri, 14 Jan 2022 13:57:37 GMT
server
cloudflare
etag
W/"3ba-17e58e12468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az0%2BFegA0ixwZw9TIzN%2F2PpyAe5K%2FXYA8FIrRuJH9bsQ2uN%2BR0VMOO%2FlUtEkKmSLl%2BsE21D0pctXyMISCikTEmsUpmjlPsDEYf5DP8y5qfPfk4%2BoWAPiUmBlPK59vt2xsDdr294d%2Fswh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7b0b2ed43f743a74-FRA
icomoon.ttf
nexinfo.ir/font/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nexinfo.ir/font/icomoon.ttf
Requested by
Host: nexinfo.ir
URL: https://nexinfo.ir/css/style.rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:99a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ea26f1349261679668cc6c6724d960e8b35dbda7604676a76714dc3a8300dd83

Request headers

Referer
https://nexinfo.ir/css/style.rtl.css
Origin
https://nexinfo.ir
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 14 Jan 2022 13:57:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"d90-17e58e12468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipTgRtipKisFjV8xrVs%2BooXHTS90eW%2FKYValccL5cvc779qPpHB4o1JhCK%2BL1gz%2Fm49KGIcHDwchNhieKVaRpePzFss817tR6O%2F6ISzT2XaO6LaBLX%2FJNwkTOXirCeIrySx%2Bz92P57RK"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7b0b2ed43f783a74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
bfetch.yektanet.com/ 		2 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bfetch.yektanet.com/
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/template/bnrs/yn_bnr.min.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.107.167.168 Tehran, Iran, Islamic Republic Of, ASN204544 (MOBINHOST, IR),
Reverse DNS
87.107.167.168.ptr.torob.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://nexinfo.ir/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 20:01:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nexinfo.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
2
expires
0
/
bfetch.yektanet.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bfetch.yektanet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.107.167.168 Tehran, Iran, Islamic Republic Of, ASN204544 (MOBINHOST, IR),
Reverse DNS
87.107.167.168.ptr.torob.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nexinfo.ir
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://nexinfo.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 31 Mar 2023 20:01:12 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Headers
utils.1.0.3.js
native-scripts.yektanet.com/public/chunk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native-scripts.yektanet.com/public/chunk/utils.1.0.3.js
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/js/getbyme.ir/native-getbyme.ir-13637.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
db12a44bea86d870c1e644f21f3911ec274adedc9f9fc9ba91df8ccfa159716c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
br
ar-request-id
b7412978ab4ac1704d3693d948e28a82
ar-atime
0.000
ar-cache
HIT
x-cache-status
MISS
ar-sid
4103
x-xss-protection
1; mode=block
last-modified
Wed, 01 Mar 2023 14:38:19 GMT
server
ArvanCloud
etag
W/"698666ede06b760c4fce5d9a3250120c"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
cache-control
max-age=31536000
access-control-max-age
1728000
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 30 Mar 2024 20:01:12 GMT
publisher.js
cdn.yektanet.com/rg_woebegone/scripts_v3/ApTFLbWT/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v3/ApTFLbWT/publisher.js?v=202302031020
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/js/getbyme.ir/native-getbyme.ir-13637.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
cce1ea5902e9fd8804a53ff0dd2f93be4ce0bdf85840db47ed1c79ea725ad0e6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:12 GMT
content-encoding
gzip
ar-request-id
e99579f53d347b3b4af92b58764675d9
ar-atime
0.120
ar-cache
MISS
ar-sid
4103
x-xss-protection
1; mode=block
last-modified
Mon, 13 Mar 2023 22:41:22 GMT
server
ArvanCloud
etag
W/"058a5444f051aeba4a50f2b98400f10a"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Fri, 31 Mar 2023 21:01:12 GMT
load
nfetch.yektanet.com/api/v2/ Frame 		0
0
load
nfetch.yektanet.com/api/v2/ 		0
0
nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.json
van.najva.com/static/js/scripts/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://van.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.json?v=2023-03-31T20
Requested by
Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
27645b72ec1d2374e45ee3847c72ff27304a94e01ce87a0900c11b2ea5e9fcc5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:13 GMT
content-encoding
br
ar-request-id
918b9ec80f3585408e5e51e79b62037b
ar-atime
0.260
ar-cache
BYPASS
x-cache-status
MISS
ar-sid
2582
x-xss-protection
1; mode=block
last-modified
Fri, 14 Jan 2022 23:03:08 GMT
server
ArvanCloud
etag
W/"eaa9710e36c4b1ad8b6a8e95b777eb94"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
audience.yektanet.com/api/v1/scripts/preview/validate/ 		5 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=dpT9YQyv
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ApTFLbWT/publisher.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:13 GMT
ar-request-id
416ab12ec171cf25db3bb24cce4a27c6
ar-atime
0.086
ar-cache
BYPASS
ar-sid
4103
content-length
5
x-xss-protection
1; mode=block
pragma
no-cache
server
ArvanCloud
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://nexinfo.ir
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Authorization
expires
0
/
ua.yektanet.com/cookie/iframe/ Frame 55C2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/cookie/iframe/
Requested by
Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/ApTFLbWT/publisher.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
e034d77a4185bdfcc5774e18b4f6405adcdac846ac647751ec816029440d302a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nexinfo.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ar-atime
0.080
ar-cache
BYPASS
ar-request-id
fbcbd68cfaff8db8cc95dabbf15c2a7f
ar-sid
4103
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
content-type
text/html
date
Fri, 31 Mar 2023 20:01:13 GMT
expires
0
last-modified
Friday, 31-Mar-2023 20:01:13 GMT
pragma
no-cache
server
ArvanCloud
vary
Accept-Encoding
x-xss-protection
1; mode=block
__fake.gif
ua.yektanet.com/ 		42 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=bfd85745-4867-4c75-b294-0a5ce83b74dc&abj=1&aed=pub&sv=3&st=publisher.js&psc=400&psi=501&ac=https%3A%2F%2Fnexinfo.ir%2F&ae=%7B%7D&ad=nexinfo.ir&as=%D8%AC%D9%88%D8%A7%D8%A8%DA%AF%D9%88&aef=dpT9YQyv&aec=40299&ai=a4a96f8f-0a15-0efb-213f-0da363e15a79&abw=1600&abb=3502&aby=1600&abz=1200&al=1600&am=1200&abk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 20:01:13 GMT
ar-request-id
e932d1fce061b13f3820fda1b9871145
last-modified
Friday, 31-Mar-2023 20:01:13 GMT
server
ArvanCloud
ar-atime
0.096
ar-cache
BYPASS
content-type
image/gif
ar-sid
4103
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
42
x-xss-protection
1; mode=block
expires
0
pixel
plus.sabavision.com/csync/3P/ 		597 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plus.sabavision.com/csync/3P/pixel?id=yektanet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software
nginx /
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-upstream-ct
0.001
pragma
no-cache
date
Fri, 31 Mar 2023 20:01:13 GMT
server
nginx
cache-directive
no-cache
x-upstream-ht
0.262
content-type
image/jpeg
x-upstream
0
x-cache
O-BYPASS
cache-control
no-cache
pragma-directive
no-cache
content-length
597
expires
0
set
ua.yektanet.com/cookie/ Frame 55C2 		74 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.yektanet.com/cookie/set
Requested by
Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
619f50a35aa87659aca54a4f9d1984f853f56c3283ac1349f0421e5139fced87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.yektanet.com/cookie/iframe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:13 GMT
content-encoding
br
ar-request-id
c24063abe943c69ac958dff0865b1d9c
ar-atime
0.082
ar-cache
BYPASS
ar-sid
4103
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Friday, 31-Mar-2023 20:01:13 GMT
server
ArvanCloud
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
expires
0
complete.js
cdn.yektanet.com/rg_woebegone/scripts_v4/dpT9YQyv/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yektanet.com/rg_woebegone/scripts_v4/dpT9YQyv/complete.js?v=2023-03-31T20
Requested by
Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/nexinfo-website-33125-76556cf3-0f61-4f82-9442-a77b72d0a91d.js?v=202302031020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
6b09617328f9e508950f21c0afb68e606fb41490d44f45b56590294099f8a902
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexinfo.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:01:13 GMT
content-encoding
gzip
ar-request-id
d78c9e6de354a57f033b6e809148d77d
ar-atime
0.213
ar-cache
MISS
ar-sid
4103
x-xss-protection
1; mode=block
last-modified
Mon, 13 Mar 2023 22:41:22 GMT
server
ArvanCloud
etag
W/"fa76634ab65d7d99dc0537e7dfc43421"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Fri, 31 Mar 2023 21:01:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nfetch.yektanet.com
URL
https://nfetch.yektanet.com/api/v2/load
Domain
nfetch.yektanet.com
URL
https://nfetch.yektanet.com/api/v2/load

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| head object| script string| script_address object| now string| jsEnterNickname string| jsEnterContent string| sendAnswerStr string| answerStr string| jsCancelAnswer string| jsDuplicateMsg string| jsAskForAnswerMsg string| jsUnknown string| jsSending string| jsEmptyContent string| jsLongContent function| $ function| $$ function| sleep function| request function| setCookie function| getCookie function| reply function| beforeSubmit function| isVisible function| bool function| submitCompletePost function| deleteComments function| fillAuthorValue function| commentsVote function| setVotesColor function| setAuthorsColorful object| yn_product_map function| docReady object| ynBannerVtsObserver object| ynBnrResponseIds function| ynBnrImgOnLoad object| ynBnrSentErrors function| ynBnrImgOnError object| bnr_content object| ynBnrPositions object| webpackChunknative_script boolean| yektanet_getbyme.ir_native-getbyme.ir-13637_is_loaded object| __core-js_shared__ object| core object| EventBus string| yn_uuid object| ynWebpackJsonp string| configFile boolean| yektanet_ua-script-dpT9YQyv_is_loaded function| yektanet object| Najva

11 Cookies

Domain/Path Name / Value
nexinfo.ir/ Name: analytics_token
Value: 22db4245-f8f7-64d2-3df7-efa5b6ef230f
nexinfo.ir/ Name: analytics_session_token
Value: a4a96f8f-0a15-0efb-213f-0da363e15a79
nexinfo.ir/ Name: yektanet_session_last_activity
Value: 3/31/2023
nexinfo.ir/ Name: _yngt_iframe
Value: 1
nexinfo.ir/ Name: _yngt_match
Value: {%22sabavision%22:1}
.yektanet.com/ Name: gearbox_ad_token
Value: 5cb1515d-91a1-4934-9dfc-9eae9dd7b95e
.yektanet.com/ Name: analytics_global_token
Value: 5cb1515d-91a1-4934-9dfc-9eae9dd7b95e
nexinfo.ir/ Name: _yngt
Value: 5cb1515d-91a1-4934-9dfc-9eae9dd7b95e
.bfetch.yektanet.com/ Name: yn_brgc
Value: AAAAAAE%3D.VTxdGogGJkGjnMTmrqid4VX5Zv1ARr7u3FgHoRPUpls
.yektanet.com/ Name: yn_lrgn
Value: RU1QVFk%3D.RZs3mj75GLaEpvmjaXBdUuuQurCz6ny%2Fv9hWekx5dt0
.yektanet.com/ Name: yn_sgs
Value: AAAAAAAAAAAB.isg5DVK%2Fjt%2Fuq2xxsaW5mWM7dI7G8cYh2stp8tXo9uI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.najva.com
assets.najva.com
audience.yektanet.com
bfetch.yektanet.com
cdn.yektanet.com
native-scripts.yektanet.com
nexinfo.ir
nfetch.yektanet.com
plus.sabavision.com
ua.yektanet.com
van.najva.com
nfetch.yektanet.com
185.143.233.122
185.143.234.122
185.147.178.24
2606:4700:3036::ac43:99a1
2606:4700:e0::ac40:661f
87.107.167.168
224e0a53fcc1456dbe75f0ae0bd200131609055790eaa109222ac0d0b8045a5d
27645b72ec1d2374e45ee3847c72ff27304a94e01ce87a0900c11b2ea5e9fcc5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
59d537f5baca45bb59e2a5d466e1fee761af95cac15eb323df79b23b9e1a428d
619f50a35aa87659aca54a4f9d1984f853f56c3283ac1349f0421e5139fced87
6b09617328f9e508950f21c0afb68e606fb41490d44f45b56590294099f8a902
876d724fd73ebe52fb13452d5c7259152ccb4167ca39d9c6fa2ed7015d446dfc
8c6147e4ed922ea7123f26c0cbdd2836c7c8fc1f59cb4c1bd93b5558032aad50
99e1989c82c730b4330b1328bb8178e119ac8676e445224fb5ab13913b751f11
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
cce1ea5902e9fd8804a53ff0dd2f93be4ce0bdf85840db47ed1c79ea725ad0e6
d5b0dee170e973516eea0031557fba3ddbf2f263d51d1f8b959ad9969fa3a04f
db12a44bea86d870c1e644f21f3911ec274adedc9f9fc9ba91df8ccfa159716c
dfa36606a1817e1ca843f7a3226d8f0919972615e0db163662c2e8a5c0dbae57
e034d77a4185bdfcc5774e18b4f6405adcdac846ac647751ec816029440d302a
ea26f1349261679668cc6c6724d960e8b35dbda7604676a76714dc3a8300dd83
edb1c40315d54873a8390508cac30b452fe73732f7d429ee6b856305fb9dcb2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa