URL: http://www.niniaxs.ir/cgi/confirm.html
Submission: On July 15 via automatic, source openphish

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 185.140.12.111, located in Iran, Islamic Republic Of and belongs to MAJDICT, IR. The main domain is www.niniaxs.ir.
This is the only time www.niniaxs.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
15 185.140.12.111 202663 (MAJDICT)
15 1
Apex Domain
Subdomains
Transfer
15 niniaxs.ir
www.niniaxs.ir
28 KB
15 1
Domain Requested by
15 www.niniaxs.ir www.niniaxs.ir
15 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.niniaxs.ir/cgi/confirm.html
Frame ID: 16574.1
Requests: 15 HTTP requests in this frame

Screenshot


Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

28 kB
Transfer

34 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request confirm.html
www.niniaxs.ir/cgi/
8 KB
2 KB
Document
General
Full URL
http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
b05611d1b5abf7f0d5df543bed1957bc0993d326cab2be3e8df1e3a6a7bdc73b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"21ee-5545f111f656a-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
2050
background.png
www.niniaxs.ir/cgi/images/
2 KB
2 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/background.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
e7f2eff8484a589a80333b8e1b6941e90ee3650cc5408132a859d91a782ee7c6

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"6d0-5545f111f5d9a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
1744
white.png
www.niniaxs.ir/cgi/images/
855 B
855 B
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/white.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
20026c7eec802f1c9dc9925fe63cd0fde87f04c2fb3711d57fcc91603e0ffc4b

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"357-5545f111f32a2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
855
header.png
www.niniaxs.ir/cgi/images/
4 KB
4 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/header.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
5a2e339fd5f9c1108b4daf30f91ed6a099927cb3a53b09aa5df17f1eaf5ca3a3

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"ef9-5545f111f5d9a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
3833
menu.png
www.niniaxs.ir/cgi/images/
2 KB
2 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/menu.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
1008e13bb844591360f69c4f5bdfd0c59e1d78a0a56194756e30d6b4303ac05a

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"66e-5545f111f1f1a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
1646
menu2.png
www.niniaxs.ir/cgi/images/
2 KB
2 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/menu2.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
fc0ea6961bbdeb5902ef50a19063d83cd2454c95eb4023fbde0e12b691b7bfe0

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"940-5545f111f1f1a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
2368
topic.png
www.niniaxs.ir/cgi/images/
2 KB
2 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/topic.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
6b7e2492ede25440059c1f49488560dd4471df2ba61bd7684e8ea36dac340b35

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"6fe-5545f111f4242"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
1790
instruct.png
www.niniaxs.ir/cgi/images/
4 KB
4 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/instruct.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
5e658a62316d7a4719b3362fa1dc753912a6d22c7226a04cd271c7655e52f710

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"1193-5545f111f4242"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
4499
horizontalline.png
www.niniaxs.ir/cgi/images/
194 B
194 B
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/horizontalline.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
befd7ed4f7c0b207e73b745e4474104426467af16714c6bcb5d48ac8ce136936

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"c2-5545f111f5d9a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
194
tinyhorizontalline.png
www.niniaxs.ir/cgi/images/
259 B
259 B
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/tinyhorizontalline.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
ef83bd61f55d0ae36de90c929a01c2a54769175def9a13d53f62c39e5febb56f

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"103-5545f111f5d9a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
259
verticalline.png
www.niniaxs.ir/cgi/images/
256 B
256 B
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/verticalline.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
b3797183c4e372257cbb5620479bbdc97eed2e462a540a53a47e1dad8e64c94b

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"100-5545f111f2eba"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
256
formlist.png
www.niniaxs.ir/cgi/images/
4 KB
4 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/formlist.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
432cd23df2b97fe0ee7ee8f76273ec4b15bb79d584900073a6438ed2fd4447df

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"fbc-5545f111f59b2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
4028
submitbox.png
www.niniaxs.ir/cgi/images/
1 KB
1 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/submitbox.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
762211f62ca1976afc6c149974f7f43ce38ab89853abbc68bb500f84fcbaeb40

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"4bb-5545f111f2ad2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
1211
conti.png
www.niniaxs.ir/cgi/images/
797 B
797 B
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/conti.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
14dadd3f4beaa8214f48acf476b8dcddd4101ccfdf6170b4d8da23b1904910b2

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"31d-5545f111f1f1a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
797
downmenu.png
www.niniaxs.ir/cgi/images/
3 KB
3 KB
Image
General
Full URL
http://www.niniaxs.ir/cgi/images/downmenu.png
Requested by
Host: www.niniaxs.ir
URL: http://www.niniaxs.ir/cgi/confirm.html
Protocol
HTTP/1.1
Server
185.140.12.111 , Iran, Islamic Republic Of, ASN202663 (MAJDICT, IR),
Reverse DNS
Software
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips /
Resource Hash
2f5afb6b4858c218df5dbdbec30aae9b62adbf3fb84ede48d528f5f0e2c00e62

Request headers

Referer
http://www.niniaxs.ir/cgi/confirm.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 15 Jul 2017 23:26:51 GMT
Last-Modified
Sat, 15 Jul 2017 18:09:29 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.1e-fips
ETag
"bb9-5545f111f1f1a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
3001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies