zarinp.al Open in urlscan Pro
45.89.138.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zarinp.al/126162
Submission Tags: @phishunt_io
Submission: On September 12 via api (September 12th 2020, 9:22:56 am UTC) from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 45.89.138.244, located in Iran, Islamic Republic Of and belongs to ZARINPAL, IR. The main domain is zarinp.al.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 2nd 2020. Valid for: 3 months.

This is the only time zarinp.al was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.89.138.244 45.89.138.244	208675 (ZARINPAL) (ZARINPAL)
5	45.89.138.199 45.89.138.199	208675 (ZARINPAL) (ZARINPAL)
1	45.89.138.195 45.89.138.195	208675 (ZARINPAL) (ZARINPAL)
8	3

2 45.89.138.244 (Iran, Islamic Republic Of)

ASN208675 (ZARINPAL, IR)

zarinp.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.89.138.199 (Iran, Islamic Republic Of)

ASN208675 (ZARINPAL, IR)

cdn.zarinpal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.89.138.195 (Iran, Islamic Republic Of)

ASN208675 (ZARINPAL, IR)

logoland.zarinpal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	zarinpal.com cdn.zarinpal.com logoland.zarinpal.com	192 KB
2	zarinp.al zarinp.al	10 KB
8	2

	Domain	Requested by
5	cdn.zarinpal.com	zarinp.al cdn.zarinpal.com
2	zarinp.al	cdn.zarinpal.com
1	logoland.zarinpal.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
zarinp.al Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh
*.zarinpal.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://zarinp.al/126162
Frame ID: 62699004842DCAD255461315E79342AB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

202 kB
Transfer

513 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 126162 Show response zarinp.al/	24 KB 9 KB	276ms 91ms	Document text/html	45.89.138.244 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://zarinp.al/126162 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.89.138.244 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `19c1bde23ef57a8ebeab05a612a4ed0de7663a6890ecaeab457efea24ddc4dd5` Request headers :method GET :authority zarinp.al :scheme https :path /126162 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Sat, 12 Sep 2020 09:22:35 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding last-modified Mon, 06 Apr 2020 12:54:51 GMT etag W/"5e8b269b-5f98" x-request-id 67843836a45e275c50f50bcc6f0e2c33 content-encoding gzip
GET H/1.1	200 OK	app.css cdn.zarinpal.com/zarinp-al/v1/assets/css/	13 KB 4 KB	402ms 99ms	Stylesheet text/css	45.89.138.199 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://cdn.zarinpal.com/zarinp-al/v1/assets/css/app.css?f9425173cc0a6bf753e61b952104729f8e3e22ef Requested by Host: zarinp.al URL: https://zarinp.al/126162 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `66554c643e283d0b7fa6cb3a5fd134eb033b960034e5c9191454bbb25150242a` Request headers Referer https://zarinp.al/126162 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:35 GMT Content-Encoding gzip Last-Modified Fri, 21 Aug 2020 07:40:32 GMT Server nginx ETag W/"5f3f7a70-35a2" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	checkout.js Show response cdn.zarinpal.com/zarinak/v1/	4 KB 2 KB	403ms 97ms	Script application/javascript	45.89.138.199 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://cdn.zarinpal.com/zarinak/v1/checkout.js?v0.2 Requested by Host: zarinp.al URL: https://zarinp.al/126162 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `3256fdffeb0a87a6cb5a4c86fa041e4287176da825b55703914a6141cfe122d8` Request headers Referer https://zarinp.al/126162 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:35 GMT Content-Encoding gzip Last-Modified Wed, 05 Feb 2020 09:48:56 GMT Server nginx ETag W/"5e3a8f88-f6b" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	app.js Show response cdn.zarinpal.com/zarinp-al/v1/assets/js/	395 KB 110 KB	517ms 208ms	Script application/javascript	45.89.138.199 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://cdn.zarinpal.com/zarinp-al/v1/assets/js/app.js?a9425173ca0a6bf753e61b952104729f8e3e22ef Requested by Host: zarinp.al URL: https://zarinp.al/126162 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `8199a567c611bb860857d0c22164ce05732a6413da8d2175e3c5185de1abf149` Request headers Referer https://zarinp.al/126162 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:35 GMT Content-Encoding gzip Last-Modified Fri, 21 Aug 2020 07:40:32 GMT Server nginx ETag W/"5f3f7a70-62a64" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	126162.json Show response zarinp.al/rest/v3/zarinLink/	1 KB 757 B	691ms 691ms	XHR application/json	45.89.138.244 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://zarinp.al/rest/v3/zarinLink/126162.json Requested by Host: cdn.zarinpal.com URL: https://cdn.zarinpal.com/zarinp-al/v1/assets/js/app.js?a9425173ca0a6bf753e61b952104729f8e3e22ef Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.89.138.244 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / PHP/7.0.7 Resource Hash `fcfacdda8c402fe984cf6a1b78ff6465b12689c3ccd4b233e2a6a6cc77e2c728` Request headers Accept application/json, text/plain, / Referer https://zarinp.al/126162 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Sep 2020 09:22:37 GMT content-encoding gzip server nginx x-powered-by PHP/7.0.7 vary Accept-Encoding, Accept-Encoding content-type application/json status 200 x-ratelimit-remaining 59 cache-control private, must-revalidate x-ratelimit-limit 60 x-request-id 94e7e121b23ab4aa477205db4b350114 expires -1
GET H/1.1	200 OK	125x125.png logoland.zarinpal.com/c6fca7c183da27570eb2bbeaae642f0a/	5 KB 5 KB	414ms 123ms	Image image/png	45.89.138.195 ZARINPAL
General Check archive.org Show headers Download Go to Show image Full URL https://logoland.zarinpal.com/c6fca7c183da27570eb2bbeaae642f0a/125x125.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.195 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `6b98273b1b35fcc380c7010b656a6afe82807eecb8b16e7e3e790bcc22b2e072` Request headers Referer https://zarinp.al/126162 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:36 GMT Last-Modified Tue, 21 Jul 2020 18:04:08 GMT Server nginx ETag W/"5f172e18-71fd" Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Keep-Alive timeout=60 Content-Length 4964 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	iransans_light.woff cdn.zarinpal.com/zarinp-al/v1/assets/fonts/	38 KB 38 KB	441ms 164ms	Font font/woff	45.89.138.199 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://cdn.zarinpal.com/zarinp-al/v1/assets/fonts/iransans_light.woff?1c7f779da0c3e054b7494cd74558f520 Requested by Host: cdn.zarinpal.com URL: https://cdn.zarinpal.com/zarinp-al/v1/assets/css/app.css?f9425173cc0a6bf753e61b952104729f8e3e22ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `32196b53764e035377badd39d4778c76684f6caabe5c680948d365d26ee6c908` Request headers Origin https://zarinp.al Referer https://cdn.zarinpal.com/zarinp-al/v1/assets/css/app.css?f9425173cc0a6bf753e61b952104729f8e3e22ef User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:36 GMT Last-Modified Fri, 21 Aug 2020 07:40:32 GMT Server nginx ETag "5f3f7a70-97d0" Content-Type font/woff Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 38864
GET H/1.1	200 OK	IRANSansWeb_Medium.woff cdn.zarinpal.com/zarinp-al/v1/assets/fonts/	33 KB 33 KB	492ms 184ms	Font font/woff	45.89.138.199 ZARINPAL
General Check archive.org Show headers Download Go to Full URL https://cdn.zarinpal.com/zarinp-al/v1/assets/fonts/IRANSansWeb_Medium.woff?7bfa046de6ec101d790ba8a54886dc9a Requested by Host: cdn.zarinpal.com URL: https://cdn.zarinpal.com/zarinp-al/v1/assets/css/app.css?f9425173cc0a6bf753e61b952104729f8e3e22ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR), Reverse DNS Software nginx / Resource Hash `c06f5ba33faed5d98361df0ea9335b7e5a1b932d5bd9781d84e157de98d35599` Request headers Origin https://zarinp.al Referer https://cdn.zarinpal.com/zarinp-al/v1/assets/css/app.css?f9425173cc0a6bf753e61b952104729f8e3e22ef User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 09:22:36 GMT Last-Modified Fri, 21 Aug 2020 07:40:32 GMT Server nginx ETag "5f3f7a70-8405" Content-Type font/woff Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=60 Content-Length 33797

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| Zarinak function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.zarinpal.com/zarinp-al/v1/assets/js/app.js?a9425173ca0a6bf753e61b952104729f8e3e22ef(Line 2) Message: [object HTMLDivElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.zarinpal.com
logoland.zarinpal.com
zarinp.al
45.89.138.195
45.89.138.199
45.89.138.244
19c1bde23ef57a8ebeab05a612a4ed0de7663a6890ecaeab457efea24ddc4dd5
32196b53764e035377badd39d4778c76684f6caabe5c680948d365d26ee6c908
3256fdffeb0a87a6cb5a4c86fa041e4287176da825b55703914a6141cfe122d8
66554c643e283d0b7fa6cb3a5fd134eb033b960034e5c9191454bbb25150242a
6b98273b1b35fcc380c7010b656a6afe82807eecb8b16e7e3e790bcc22b2e072
8199a567c611bb860857d0c22164ce05732a6413da8d2175e3c5185de1abf149
c06f5ba33faed5d98361df0ea9335b7e5a1b932d5bd9781d84e157de98d35599
fcfacdda8c402fe984cf6a1b78ff6465b12689c3ccd4b233e2a6a6cc77e2c728

zarinp.al Open in urlscan Pro 45.89.138.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

202 kBTransfer

513 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

zarinp.al Open in urlscan Pro
45.89.138.244 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

202 kB
Transfer

513 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions