| | 193.141.65.151 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1IP193.141.65.151:80 ASN#61173 Green Web Samaneh Novin PJSC
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | OpenPhish | phishing | Credit Mutuel | Quad9 DNS | malicious | Sinkholed |
GET /wpadmin/yy.php HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 10 May 2024 01:21:05 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kdlfu.ir/wpadmin/yy.php
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/images/telegram.png | 193.141.65.151 | 200 OK | 4.4 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/images/telegram.png IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, interlaced Hash426e0aff145f3cb416c248e20af78bd7 0bcc06de1a4a2e103049a232604a25d36daa5369 944dcebbf186dee8ec715cc3b66233fdbdf97e71702d1fec733a84091b4e73a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/images/telegram.png HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/png
content-length: 4387
last-modified: Tue, 17 Jan 2017 16:45:12 GMT
etag: "587e4a18-1123"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/images/instgram.png | 193.141.65.151 | 200 OK | 10 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/images/instgram.png IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash7f8c1f552cd0a8f2c17d92ebddb36665 4fa8f5dc0c6fed7e96c933b3d08107c702349cae 12a7f9b001f12cb3a25a3f9be6a66cb533bc9695838ad80410ed22aa7818d626
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/images/instgram.png HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/png
content-length: 10126
last-modified: Tue, 17 Jan 2017 16:43:41 GMT
etag: "587e49bd-278e"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/images/logo.png | 193.141.65.151 | 200 OK | 6.5 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/images/logo.png IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typePNG image data, 90 x 57, 8-bit/color RGBA, non-interlaced Hash3f8c0ee691062b44765c5112929e9239 63d84cc38c262fa828693a536b47759d664d564e 34a393c96ae238799e360d1fa242c749ca52fe7d4e0ba950ec83512ff65d2c30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/images/logo.png HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/png
content-length: 6542
last-modified: Mon, 29 Aug 2016 12:38:54 GMT
etag: "57c42cde-198e"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/images/404.jpg | 193.141.65.151 | 200 OK | 51 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/images/404.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=386, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=580], baseline, precision 8, 580x386, components 3 Hash8149c76e628df3ec2196df72d7562ae7 e0464b6f454b0b8ef8a55aceccb55e881b0f6c28 b33cd416e0edf24e354b5eeeca2cb8600a5aa3b9e33ba38c3a1c57ae9b865127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/images/404.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 50664
last-modified: Mon, 29 Aug 2016 12:56:46 GMT
etag: "57c4310e-c5e8"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.132 | 200 OK | 8.9 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.132:443
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
Hash2090cc793b0b59985bb753972c415fd3 979805a5fbef5d997931936e32e9fd70a0df53db 8063fd09b59db752ee9b6f8d980801737ced1cb7ac5c624d7fa8c45933871b8d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 01:21:12 GMT
date: Fri, 10 May 2024 01:21:12 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9 | 193.141.65.151 | 200 OK | 7.8 kB |
URL GET HTTP/2kdlfu.ir/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typegzip compressed data, max speed, from Unix Hasha9db78bdcbf0a95d2c16b371bf934ba0 c29b326d9a3abbf82256c75f0d833aa005a8acb2 293bec357966f9fcb5fd44af36cb3a370bf72823ce3354a812ecfccbeded1460
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Sun, 01 Oct 2017 10:01:50 GMT
vary: Accept-Encoding
etag: W/"59d0bd0e-3654"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.bootstrap.js | 193.141.65.151 | 200 OK | 17 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.bootstrap.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typegzip compressed data, max speed, from Unix Hashb6fd46707068f490825db4c0e098c3e6 0b806f82f4308f51a1ef392ed623462786346065 8650dd86db23e804df5e3549a10746f7530e2c4faf16f26e0d054c01a2f7d0de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.bootstrap.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2016 13:29:40 GMT
vary: Accept-Encoding
etag: W/"57b1c3c4-8f52"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-09-min.jpg | 193.141.65.151 | 200 OK | 105 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-09-min.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3 Size105 kB (105389 bytes) Hash35ebe876756b01a40ffc8d6789add3f8 8b3b172ae893844830c31c74edba946e634fc389 9e821c3ba7ba840f32ecf0514ab5e380370283685cf0b7da6eeba6e0b2bf3121
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/01/photo_2018-01-17_12-39-09-min.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 105389
last-modified: Thu, 18 Jan 2018 05:11:10 GMT
etag: "5a602c6e-19bad"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/fonts/WebYekan.woff | 193.141.65.151 | 200 OK | 22 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/fonts/WebYekan.woff IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeWeb Open Font Format, CFF, length 21500, version 2.0 Hash05727d32400b2008acbf7fc49251ede0 b6c1a82539a2531eb1aad7d1cf05554d5a999154 da78e001fab6f5d7b1c68e17d00fb1595c9b10085d6769a86aeb6a39dc7e43d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/fonts/WebYekan.woff HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wp-content/themes/kdlfu.ir/style.css?ver=3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: font/woff
content-length: 21500
last-modified: Sun, 14 Aug 2016 12:33:06 GMT
etag: "57b06502-53fc"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/fonts/fontawesome-webfont.woff2?v=4.5.0 | 193.141.65.151 | 200 OK | 72 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/fonts/fontawesome-webfont.woff2?v=4.5.0 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 71896, version 4.393 Hashe6cf7c6ec7c2d6f670ae9d762604cb0b 97e438cc545714309882fbceadbf344fcaddcec5 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.awesome.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: font/woff2
content-length: 71896
last-modified: Sun, 14 Aug 2016 12:33:02 GMT
etag: "57b064fe-118d8"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2016/08/backgroung-img1-min-1.jpg | 193.141.65.151 | 200 OK | 45 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2016/08/backgroung-img1-min-1.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1366x550, components 3 Hash087b91993410990794d469e96e63526b 2208847575387a02953f637d51c02b4ca7176ef3 d4ed49e09f4e440c634e2ed543c94e53fec80b797fb7169f287227fb70e05baf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2016/08/backgroung-img1-min-1.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 45275
last-modified: Mon, 29 Aug 2016 12:40:09 GMT
etag: "57c42d29-b0db"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-12-min.jpg | 193.141.65.151 | 200 OK | 107 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-12-min.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3 Size107 kB (107036 bytes) Hash081a5bc757344bf7e0047cd965a98c72 e38dea295a007fc50d48cea6369e34a0bb170d93 086c27f7ca2e4c7f27bc9b1a4ea28f031e8c3a4d417c873ef70b93d1e8ad582c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/01/photo_2018-01-17_12-39-12-min.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 107036
last-modified: Thu, 18 Jan 2018 05:11:55 GMT
etag: "5a602c9b-1a21c"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-16-min.jpg | 193.141.65.151 | 200 OK | 106 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/01/photo_2018-01-17_12-39-16-min.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3 Size106 kB (105849 bytes) Hashbcf8f577e3303adafd4af09f1dbcf77c 097dcae71d554847ad5ba367a4ede3e5a9f3dc78 06ce2ee40485dc43e7ab7fe31da3a7a4391e7ea539b37ea676c27efa582f7de9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/01/photo_2018-01-17_12-39-16-min.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 105849
last-modified: Thu, 18 Jan 2018 05:12:10 GMT
etag: "5a602caa-19d79"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180711_210245.jpg | 193.141.65.151 | 200 OK | 416 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180711_210245.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:11 21:02:45, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size416 kB (416399 bytes) Hash770399ed37adb07686cb53c1dc8f868a ee0e9b63560814a968d3fb034b199af5dfb5e60f 113f8c1df831feaf253e1135656bab9acf2e3b84762baaecf5498033518e1cdb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180711_210245.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 416399
last-modified: Sun, 05 Aug 2018 06:24:32 GMT
etag: "5b669820-65a8f"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180713_184005.jpg | 193.141.65.151 | 200 OK | 453 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180713_184005.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:13 18:40:05, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size453 kB (452604 bytes) Hashd0b51ddd10e1cfed7e14e1dae3afbb86 587129e8e77de0515db92a5014aff68ebe60d420 2cf1ba6fefc5f639af7f832c1ed96bbb6e90056d3a99876a7ca562a7297db57b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180713_184005.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 452604
last-modified: Sun, 05 Aug 2018 06:24:54 GMT
etag: "5b669836-6e7fc"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180713_220852.jpg | 193.141.65.151 | 200 OK | 468 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180713_220852.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:13 22:08:52, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size468 kB (468490 bytes) Hash0d67a6a05cf9b9a839b01f7cbf1f861e afc60eafca67b594faa2ca2d22de723c07cf951b b2eab35ca6f90083d590a4f1d96a9e33292747b5bef5b75df3de024adda7fe09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180713_220852.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 468490
last-modified: Sun, 05 Aug 2018 06:25:08 GMT
etag: "5b669844-7260a"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180711_210307.jpg | 193.141.65.151 | 200 OK | 572 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180711_210307.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:11 21:03:07, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size572 kB (572318 bytes) Hashf2b06fdaa6fa3df459fd408e6237f357 d9ff57605929e7691c6c3d0d76522abb602e106d 910043909c6dd9d9bce94e423bedd79f543a8aab48a064f53d80eb8e233035d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180711_210307.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 572318
last-modified: Sun, 05 Aug 2018 06:24:39 GMT
etag: "5b669827-8bb9e"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180714_214515.jpg | 193.141.65.151 | 200 OK | 544 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180714_214515.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:14 21:45:14, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size544 kB (544025 bytes) Hash8a3786b587fab2ba8c0bba993b380bd0 25139b4f4f825bd968b97dee565ba00ea5465956 6fc89d72d67087c6f86d90969ca8962820fa204bdc2583fa597588bbb33df73b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180714_214515.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 544025
last-modified: Sun, 05 Aug 2018 06:25:19 GMT
etag: "5b66984f-84d19"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/uploads/2018/08/P_20180712_202324.jpg | 193.141.65.151 | 200 OK | 530 kB |
URL GET HTTP/2kdlfu.ir/wp-content/uploads/2018/08/P_20180712_202324.jpg IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, datetime=2018:07:12 20:23:24, GPS-Data, model=P024, resolutionunit=2, yresolution=147, xresolution=155, manufacturer=asus], baseline, precision 8, 2560x1440, components 3 Size530 kB (530232 bytes) Hash3b1016dd68775909ed116605e8afa7ea dcd807c49a9f6260d994fa988ec2f3c67c668961 e26fd0d2f6bd729b2aa819477ae3544e4c997ef059c5607b7a1da035ea0ef5b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2018/08/P_20180712_202324.jpg HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: image/jpeg
content-length: 530232
last-modified: Sun, 05 Aug 2018 06:24:47 GMT
etag: "5b66982f-81738"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.cubeportfolio.js | 193.141.65.151 | 200 OK | 16 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.cubeportfolio.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (55343), with no line terminators Hash09a05d6d10e12df7f38db2fbddced501 2c9653bff166adb6cda69a76a5d912e63f7fe358 119e6d6254fef960b144990df35c5b0d8249bac63951d4cbd8385c69b6735f82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.cubeportfolio.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2016 13:29:25 GMT
vary: Accept-Encoding
etag: W/"57b1c3b5-d82f"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js | 142.250.74.35 | 200 OK | 204 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (632) Size204 kB (204445 bytes) Hashadd520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kdlfu.ir
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 292119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.bootstrap.css | 193.141.65.151 | 200 OK | 30 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.bootstrap.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typegzip compressed data, max speed, from Unix Hash338011483542c7b1ea4cf060e15f17dc 1e0962195363190d8d7cfea4e64b4624d25d960b bebd0bec27627fe5f65198ee7ebfc79b1d68f9eea1136f29a3bfdb22201df0a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.bootstrap.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:22:21 GMT
vary: Accept-Encoding
etag: W/"57c6bded-1c383"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.shortcodes.css | 193.141.65.151 | 200 OK | 10 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.shortcodes.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typegzip compressed data, max speed, from Unix Hash5bfcd1ff60fcff7bfdf89585c5340f6a 68ecacfe290b0da0c2b7ca8a8ef33cdeade60178 45cb69494e216022054859dac429f263a4d117aa143fe19a27e6b3d7b428ac57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.shortcodes.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:24:37 GMT
vary: Accept-Encoding
etag: W/"57c6be75-6009"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.main.js?ver=1 | 193.141.65.151 | 200 OK | 1.6 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.main.js?ver=1 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1613), with no line terminators Hash517cd13c3b68aaafd34fc7698a09aea8 21d7e918dbd49edbc6ab924b997e35c52b5e9380 f8ea9a9ebd64ac4fb16323c73c30a8bb96405a4af83bb88613c28d648755a6f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.main.js?ver=1 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Thu, 13 Apr 2017 06:41:24 GMT
vary: Accept-Encoding
etag: W/"58ef1d94-610"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-includes/js/wp-embed.min.js | 193.141.65.151 | 200 OK | 1.4 kB |
URL GET HTTP/2kdlfu.ir/wp-includes/js/wp-embed.min.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (1481), with no line terminators Hashf0094220dd55ecd9e7d0987c2f3bd2f1 9e7734d3e9be89e9d04cc3c585641810fca7f118 f149c73e5752d71f14a9ee8faedeecdfef4714ba1284c38a131a154df034572c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Tue, 04 Jul 2023 10:13:20 GMT
vary: Accept-Encoding
etag: W/"64a3f0c0-59e"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/form.css | 193.141.65.151 | 200 OK | 58 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/form.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (57599), with no line terminators Hashaecc30e93e190baf3e6331c9f2581a74 f09fc4d1d67f2b383bf4b50bc5a8a7afe9b4030b b51422390d730f2fe5365427fe069dc9ba45f4d99b6c94492296bb0e4c1eee26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/form.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:25:47 GMT
vary: Accept-Encoding
etag: W/"57c6bebb-e0ff"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/style.css?ver=3 | 193.141.65.151 | 200 OK | 7.7 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/style.css?ver=3 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (7917), with no line terminators Hash83a283d9e2f0dd186cedcb621dc36a62 c9c89aa7dfecb8841847d429f9dc6b1e3ad3690f 313dc40fb3681baadf18cb730d776922e11895914d2e27f40531feb6d6a25f61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/style.css?ver=3 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Thu, 16 Nov 2017 14:19:20 GMT
vary: Accept-Encoding
etag: W/"5a0d9e68-1e23"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.css | 193.141.65.151 | 200 OK | 32 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (32093), with no line terminators Hash2eb001468da707b716aa9ccc28b3b177 3c237cf9e0956b08065ef2b9d82dddb960f62b1a 85b59b79633c76d6c07d6016d0c630f3621198b9fecf26668e54c5c56bd0469e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:24:01 GMT
vary: Accept-Encoding
etag: W/"57c6be51-7d5d"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.responsive.css | 193.141.65.151 | 200 OK | 3.2 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.responsive.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (3515), with no line terminators Hash2b28258eadf1c2d48f6837512b963c3c f51a8a95c735468896899265d4ad312ea791c6d9 396b19a5597b88c36f11577a8a4640e5cee8dc4b25723408f3afdb744a75f565
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.responsive.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2016 12:32:48 GMT
vary: Accept-Encoding
etag: W/"57b064f0-c63"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.animate.css | 193.141.65.151 | 200 OK | 56 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.animate.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (55646), with no line terminators Hashd2a1dac64a18e3e5cbe82f44a625640c 31ba93b7af6adcc65c33f0bc6727cec9e164cbf9 93cab1de7cfe3536fd376298d47e630a86e2599e9b274f6b157721327609fbe2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.animate.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 17 Aug 2016 05:46:22 GMT
vary: Accept-Encoding
etag: W/"57b3fa2e-d95e"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9 | 193.141.65.151 | 200 OK | 1.6 kB |
URL GET HTTP/2kdlfu.ir/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (1766), with no line terminators Hashbc1c5f9ccd08776554665756a88699ee af79bc6c756c8c82c0e5fffb85389083ff03aa22 09e1cdc643953c2209988bb2e394b1d40150e6cae93581b418664acdc4eb4ea9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Sun, 01 Oct 2017 10:01:50 GMT
vary: Accept-Encoding
etag: W/"59d0bd0e-646"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=4.9 | 193.141.65.151 | 200 OK | 177 B |
URL GET HTTP/2kdlfu.ir/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=4.9 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with no line terminators Hashcf354d9fb05ce27aa863d41a5586f61d 48424541a0348cb0c532816174bae44066207864 3afea38e86073ac7290f699ac7b149157d404ef3ed7e12c716f6d981ec75ce04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=4.9 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Sun, 01 Oct 2017 10:01:50 GMT
vary: Accept-Encoding
etag: W/"59d0bd0e-b1"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 | 193.141.65.151 | 200 OK | 10 kB |
URL GET HTTP/2kdlfu.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (9959) Hash7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2016 09:35:33 GMT
vary: Accept-Encoding
etag: W/"57b18ce5-2748"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.js | 193.141.65.151 | 200 OK | 84 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash8ba16617a46a5eeee6b3914efc959d07 785f554fb74c79dc79b8b86c074a005f8f08a7e1 0aaa319d618b9978789c75bab3616aa464839f3e901f9deeaa089501f23154d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2016 13:30:04 GMT
vary: Accept-Encoding
etag: W/"57b1c3dc-1490a"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/plugins/advanced-access-manager/media/js/aam-login.js | 193.141.65.151 | 200 OK | 3.5 kB |
URL GET HTTP/2kdlfu.ir/wp-content/plugins/advanced-access-manager/media/js/aam-login.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (3612), with no line terminators Hash3f9d9814eec1b6d2017760c23f01e9d8 b3d08d6a87c98e358a500171116bb78eb3e789a0 f98e1c6bf10064b9df770e2e88cde4edddcf7da90e891ee037e3cbabe8757dc8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/advanced-access-manager/media/js/aam-login.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Sun, 10 Feb 2019 16:59:35 GMT
vary: Accept-Encoding
etag: W/"5c605877-dcc"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-includes/js/jquery/jquery.js?ver=1.12.4 | 193.141.65.151 | 200 OK | 97 kB |
URL GET HTTP/2kdlfu.ir/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (31997) Hashdc5ba5044fccc0297be7b262ce669a7c f137ff98ae379e35b0702967d3b6866a0a40e3be cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Thu, 05 Sep 2019 02:02:51 GMT
vary: Accept-Encoding
etag: W/"5d706ccb-17a6a"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.persianumber.js | 193.141.65.151 | 200 OK | 1.4 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.persianumber.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1497), with no line terminators Hash349a42d70b0840f3b9239df16ee91f13 96db70d353d5de57113d268be07580cf33243719 abff9cdd48a2da365502e301d73ebaba5aa1aba0ad4c6dcb600d547595125061
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.persianumber.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2016 12:33:18 GMT
vary: Accept-Encoding
etag: W/"57b0650e-59a"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/favicon.ico | 193.141.65.151 | 200 OK | 0 B |
IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:07 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
vary: User-Agent
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/plugins/wp-rocket/inc/front/js/lazyload.1.0.2.min.js | 193.141.65.151 | 200 OK | 4.7 kB |
URL GET HTTP/2kdlfu.ir/wp-content/plugins/wp-rocket/inc/front/js/lazyload.1.0.2.min.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (4774), with no line terminators Hash375bad8eca7aafae1003a902054ab60c a4bb199c997bc952782f9a8149a03b2d34ae5378 c7e32d0e5264013d2ad95113ad927c0b6d9ca6a708a6899073af1385e9fc2d28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-rocket/inc/front/js/lazyload.1.0.2.min.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:07 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2016 05:02:29 GMT
vary: Accept-Encoding
etag: W/"57eca065-1249"
expires: Sun, 09 Jun 2024 01:21:07 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.default.css?ver=2 | 193.141.65.151 | 200 OK | 117 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.default.css?ver=2 IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (359) Size117 kB (116958 bytes) Hashb47b3faccf8bb0bfbfb0b1849e9725fd 6606db5a5855139c531384f113f554ab913b6d9e 9305ce483bf55b869f420c26d32e1be670f1864ed06ea9715d1c4659e4305cda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.default.css?ver=2 HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Mon, 13 Feb 2017 09:20:09 GMT
vary: Accept-Encoding
etag: W/"58a17a49-1c8de"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.wow.js | 193.141.65.151 | 200 OK | 8.2 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.wow.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (8282), with no line terminators Hash9cf122a7fb817d7a3a5cdf708035ece5 732b635ebdec57f092ce2a54ad1c6184df817e78 dd540d8e4618c4aff959fe190129354fee86e9d19dfbe3d37cc3beb41f56dd76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.wow.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Wed, 17 Aug 2016 05:52:15 GMT
vary: Accept-Encoding
etag: W/"57b3fb8f-1ff6"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.font.css | 193.141.65.151 | 200 OK | 5.9 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.font.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (6176), with no line terminators Hashb3512eb8e529ec407b410c3c6aaa29ba 9c9c573e7bd6481082d0ffe49ac1c31121dee98e 035fcc3fc09937493b032854b2d11656fe177fdad1d4a12120ab7f8cadab79f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.font.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:24:14 GMT
vary: Accept-Encoding
etag: W/"57c6be5e-16ec"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.portfolio.css | 193.141.65.151 | 200 OK | 74 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.portfolio.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash00247cc2ae6c7dac18b0d2b3167107c3 d50891163b23490440034929abd6ad907c5a4dfa 988b61d772179e0b1beb1be5729e91b1a27e9a31a6caef37cdb7ff7b5e0bc729
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.portfolio.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2016 12:42:24 GMT
vary: Accept-Encoding
etag: W/"57b1b8b0-121f2"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.sticky.js | 193.141.65.151 | 200 OK | 4.8 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/js/jquery.sticky.js IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeJavaScript source, ASCII text, with very long lines (4785), with no line terminators Hash0a493e17a651334fc1973538267d9dc8 04917a4733004521cde92ae9225289a48401f42a 308a630a679274addf70e52aa76eb8bb603a19bf09377fdb99e3e26884778c82
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/js/jquery.sticky.js HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2016 13:22:23 GMT
vary: Accept-Encoding
etag: W/"57b1c20f-1295"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.awesome.css | 193.141.65.151 | 200 OK | 27 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.awesome.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (27279), with no line terminators Hash1013d3d9daa9a6dfca3f80af48fab7e8 0e675b1c8c490ecd109934fc79ee51dca37943a5 9b661de6d87337f9393cfe2c06a1af02bfb8a4e1d91f5470229c99b17dff2eb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.awesome.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2016 11:21:47 GMT
vary: Accept-Encoding
etag: W/"57c6bdcb-6a8f"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.yamm.css | 193.141.65.151 | 200 OK | 11 kB |
URL GET HTTP/2kdlfu.ir/wp-content/themes/kdlfu.ir/css/style.yamm.css IP193.141.65.151:443 ASN#61173 Green Web Samaneh Novin PJSC
Requested byhttps://kdlfu.ir/wpadmin/yy.php CertificateIssuerLet's Encrypt Subjectkdlfu.ir FingerprintFF:B8:E4:0D:2F:D3:3E:76:85:30:4A:DC:41:9C:8C:93:14:E3:79:6E ValidityWed, 13 Mar 2024 19:53:46 GMT - Tue, 11 Jun 2024 19:53:45 GMT
File typeASCII text, with very long lines (9604) Hasha074c324c6e42db6672b41647c93c7d3 f1d2819d4b05c4990512db776a53d60ee5f35975 b17c99b90b16df947a234b1fa99aca9e192ffc9d212c3e2b0bd9ba70225a6a85
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/kdlfu.ir/css/style.yamm.css HTTP/1.1
Host: kdlfu.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdlfu.ir/wpadmin/yy.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 01:21:06 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2016 08:59:54 GMT
vary: Accept-Encoding
etag: W/"5801f00a-2c6d"
expires: Sun, 09 Jun 2024 01:21:06 GMT
cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
|
|