{"report_id":"8db4d871-7704-48ed-a57f-3273f4f5422f","version":6,"status":"done","tags":[],"date":"2025-12-10T04:09:44Z","url":{"schema":"http","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":0,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"title":"开启未来，安心交易 | OK交易平台官网（OKX）——您安全可靠的数字资产交易伙伴","dom":{"size":14896,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (671)","md5":"f56d845bbb2627477f5b01d934a8f1dc","sha1":"6591b3497527cc336dee1ca1f487aa6d062f6721","sha256":"150f9a7f92aa237b6db78f1e539a0b90c5c12632240689b207c52b822f8d36eb","sha512":"c5a25f31d185b0f40d56776759e8ffb81fd2cef4e23ff1ca3c7f11b24f227073371c09631e26727e126448e191ce05ca605b4e746ee1053611f2c353289598da","ssdeep":"384:UOcxSY1NhHEPZHM57eyuP0YhEF+qwwKMAAByr02q:ncxSY1N2257eVP0FQ+Ur02q","tlshash":"a762952b9881982f04a351e5b7306b5f71d0ee22e9179905b6fbcbdc17c1ec6cd09509","dom_hash":"domhash2313e1d976e934cfcd19c077e092564c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":0,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-14T04:09:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.dumage.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.dumage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.dumage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.novinpayamak.com","ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-10-09","domain_rank":0,"first_seen":"2025-10-12T03:54:15.667039Z","last_seen":"2025-10-12T03:54:15.667039Z","alert_count":69,"request_count":23,"received_data":921131,"sent_data":14483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"t.gateia.com","ip":{"addr":"91.195.240.12","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-12-05","domain_rank":0,"first_seen":"2025-08-29T06:06:49.23915Z","last_seen":"2025-10-12T03:54:16.538908Z","alert_count":0,"request_count":1,"received_data":128,"sent_data":726,"comment":"","tags":null,"fingerprints":null},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2025-12-08T02:30:35.897418Z","alert_count":0,"request_count":2,"received_data":729,"sent_data":1024,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.dumage.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2010-04-01","domain_rank":0,"first_seen":"2012-06-19T13:59:54Z","last_seen":"2025-10-12T03:54:16.244601Z","alert_count":3,"request_count":1,"received_data":0,"sent_data":485,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.slicknav.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"abb6ece52a5d3b908359c3dfa21d08a2","sha1":"cdd58421d34de7c63034acb2726a678c55a546f5","sha256":"190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9","sha512":"5e1cc5c6c4831a0affa634cc8b4ad8bc4299976a62e2690f91ecef8d5d5db732232688afee634767c016402288f635a4bbbb4d7bac10b6456120414d85ec8b53","ssdeep":"96:8B5ftaVYApggJKmapO684YBtzcmJycbeKkiKk4rB0KGtZYqxq3FWMrutqGcVtVho:kBt6YAUmW8PFMeRQR1Un1q3Ikuty7dW","tlshash":"6b023358b1103ab371fb7bea4237880ae233512dc50b40793963daa55d3a46d3613f7e","size":8415,"data":"","first_seen":"2023-03-07T01:11:41Z","last_seen":"2026-04-03T15:34:26.945386Z","times_seen":1466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/s.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8208c3643c5326ed301d4853192cb512","sha1":"9b48e50a021cf93402ea1b95b160a1c28178bafe","sha256":"2e94b02b36d21cf2c765a90c974390673836b759e4f8e160b2fddcc60c347b34","sha512":"1c450a60ed0504c900ce4cb678840ba328aff9cb3c0fbd01fd706750fe1dc7d49a405314e158860b6290f422697bc911ecb3031913ee4eba1d467bd4aecb0833","ssdeep":"","tlshash":"6ec08c3a521519782aaf949a929a209e98a1320fdd6ea18419020a907b90db70646aaa","size":162,"data":"","first_seen":"2025-08-29T06:06:54.485202Z","last_seen":"2026-03-06T14:49:37.544816Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.firefly.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"87235938cd020ae0a8b9fe9508e798ae","sha1":"0f85046782eac6cb7aa807c826be05945a393838","sha256":"4e8a2eefb288d8b3b4a534eeeccd8ca8c91c288e46561216c4f7d1e15559e213","sha512":"3cc4f8c0b395ab19840b0a7261e3421f523985a36d026f7379de97c9f05bdf2d1ff52c3c6bdf58abf5e4f5ce391e32a4dc8519b6a3b886ee3259f53589efccc3","ssdeep":"","tlshash":"a851e67e67a300196de671790f7e510867f144131d0ac87e385ca5c94ff6a63127aef8","size":2966,"data":"","first_seen":"2024-10-18T02:34:59.530301Z","last_seen":"2026-03-29T09:28:34.014849Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"88dd26298cc26a2d9f8c9d953a7a2ef8","sha1":"5aa403774475a23ee7765c0b85e99ac6470ed53f","sha256":"8aea2c56efecff9f71f449ea629934172e9e20489729fd7ccd0d49a3ff0f63cb","sha512":"a135642a7f13ce66c74817ee7cfc52203b60b7b0ae312c14816608a453e7b8ff90ca29c0487bccec007be314f4a9122037fa8cd3fdf92382f613ce252c81cea3","ssdeep":"","tlshash":"c0e07d687e931d23c1b23d752b6d720c217c40306c290041484d4cc08d926a40cb3cdd","size":300,"data":"","first_seen":"2025-10-12T03:54:21.498917Z","last_seen":"2026-03-06T14:49:37.555329Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/bootstrap.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","size":48944,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-03T19:25:34.060133Z","times_seen":103139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"32362060cf842ed6659bd30a873cae8f","sha1":"93e1cbc1f0611c38c7cb2f7cded16a83515b655e","sha256":"75dfccc6b4fb7f8fc17f08697f9c79ee1f051e277522056f81d2642e78c2321b","sha512":"4f2ce27d80d002d2dd08b7a12e8616826029c23eda79dd59f284fd4101ef44b42bfdd64ffe59da0ed40980436391f0f1c8ceed14d5b53e8306f243e180f74340","ssdeep":"","tlshash":"bdf09eaeac45b55856d334f85bebd649d16f142c900ae417a4d6c4ce2e38fd8142534c","size":499,"data":"","first_seen":"2025-12-10T04:09:49.196193Z","last_seen":"2025-12-10T04:09:49.196193Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/58.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e31d379a7d3f1e3fa1a91a2bd2e66383","sha1":"43b270f96fd3f1ed7998f7ab3679d37bb3d0b148","sha256":"ba82f7808450b0663234584a3461cebe114d0a91e5cf5a6e1779995972bd04ea","sha512":"6c0f956b770b703ac49a2c12a87c6889a2e3d013f66f7abec0b01c7df47c0d55ea0f520276e69afbd3ee6e0911440126bff7b39208dfcf7c66fc71dc471f38d6","ssdeep":"","tlshash":"7cf0c04ebc0df2146652386627bbdaac99af10251009e80664dbc4ae2d28ffc4116a0c","size":554,"data":"","first_seen":"2025-12-10T04:09:49.15493Z","last_seen":"2025-12-10T04:09:49.15493Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6ec15e557d49512fd142cf947e86a72e","sha1":"6d3c51c18461414db6489bbe50edfbe1f72699ea","sha256":"d4af2f95c07162ac836181dda879b5e59424eb9ae9f76569198a6a266311b77d","sha512":"107cd5eb13078065f0119326d8da33a508457293f4a0553e9dc292cc60828dd9b4e64b7a59f7a7d7a2543c6391d6cf0824bcf8a2bcfeb76434b9694481c468e0","ssdeep":"","tlshash":"db9000b00ac20cab80080c030a32b2c200e202802a2c800c0c0b80f80c88e08ac3ae0a","size":54,"data":"","first_seen":"2025-11-14T10:46:06.572917Z","last_seen":"2026-03-01T00:55:52.822445Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.zoomslider.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c6592dca288a98e4394c418134c2c0b","sha1":"c43da1627765de667716f25305b024f5b0d68aae","sha256":"3b21de964d29552982e5138ce5d974bdc6661669691c142a8294b35348cafa9d","sha512":"b197ed6fe8217d0100d459121ad209ccfef41d09f146fb5a493023679b555a15a258143a1b9b13efee66e68ec5c6314f297d687dcbea835c39a654ea5d2c1808","ssdeep":"96:mkFZoPO3XDmnO0kkbK3uXlm/OJWZ6BsAvsq+E1p/0QEJRo4c:mQZ4O3XDkdRU6BjnJ9F","tlshash":"35a1c74df375241849df51b060eaaa01803fa5599913f1ac7678a1cae9d5dcc303bbfe","size":4998,"data":"","first_seen":"2023-03-10T13:09:50Z","last_seen":"2026-04-03T01:47:48.57038Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-03T19:27:53.291523Z","times_seen":81051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery-2.2.4.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T19:30:26.380819Z","times_seen":261062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-03T19:27:53.291523Z","times_seen":81051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"dd0cc5e4e47c17dcfcb16e18d80687ad","sha1":"65e6e801e11cf1954beeb9a578b9582acf905bae","sha256":"48dbf3949c9cdf38268831b5e8f099e5d0a16956949935bd1455edb38a36bf58","sha512":"95c478a4a84407d7a53ac27406af59a62e95479a573586b4add523140ca3fa907a9fac07e000fe705355d11ee811806b50eb37581cecdf193047e45cd28411e3","ssdeep":"","tlshash":"36f059ae6c45f9585ad324985babd24dc16f1428100ae416b4d6c4ce2e28fe8182534c","size":508,"data":"","first_seen":"2025-12-10T04:09:49.199662Z","last_seen":"2025-12-10T04:09:49.199662Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.slicknav.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/jquery.slicknav.min.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1661-20e2\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8418,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8320)","md5":"abb6ece52a5d3b908359c3dfa21d08a2","sha1":"cdd58421d34de7c63034acb2726a678c55a546f5","sha256":"190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9","sha512":"5e1cc5c6c4831a0affa634cc8b4ad8bc4299976a62e2690f91ecef8d5d5db732232688afee634767c016402288f635a4bbbb4d7bac10b6456120414d85ec8b53","ssdeep":"96:8B5ftaVYApggJKmapO684YBtzcmJycbeKkiKk4rB0KGtZYqxq3FWMrutqGcVtVho:kBt6YAUmW8PFMeRQR1Un1q3Ikuty7dW","tlshash":"6b023358b1103ab371fb7bea4237880ae233512dc50b40793963daa55d3a46d3613f7e","first_seen":"2023-03-07T01:11:41Z","last_seen":"2026-04-03T15:34:26.945386Z","times_seen":1466,"resource_available":true,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.firefly.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/jquery.firefly.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1660-b99\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2969,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"87235938cd020ae0a8b9fe9508e798ae","sha1":"0f85046782eac6cb7aa807c826be05945a393838","sha256":"4e8a2eefb288d8b3b4a534eeeccd8ca8c91c288e46561216c4f7d1e15559e213","sha512":"3cc4f8c0b395ab19840b0a7261e3421f523985a36d026f7379de97c9f05bdf2d1ff52c3c6bdf58abf5e4f5ce391e32a4dc8519b6a3b886ee3259f53589efccc3","ssdeep":"","tlshash":"a851e67e67a300196de671790f7e510867f144131d0ac87e385ca5c94ff6a63127aef8","first_seen":"2024-10-18T02:34:59.530301Z","last_seen":"2026-03-29T09:28:34.014849Z","times_seen":27,"resource_available":true,"data":null}},"time_used":1282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t.gateia.com/p.gif?k=%20%20%E9%80%89%E6%8B%A9OK%E4%BA%A4%E6%98%93%E5%B9%B3%E5%8F%B0%E5%AE%98%E7%BD%91%EF%BC%9B%E4%BD%93%E9%AA%8C%E5%AE%89%E5%85%A8%E3%80%81%E9%AB%98%E6%95%88%E3%80%81%E4%BE%BF%E6%8D%B7%E7%9A%84%E6%95%B0%E5%AD%97%E8%B5%84%E4%BA%A7%E4%BA%A4%E6%98%93%E3%80%82%E3%80%82","fqdn":"t.gateia.com","domain":"gateia.com","tld":"com"},"ip":{"addr":"91.195.240.12","port":443,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:27.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"t.gateia.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 04 Dec 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"90:B4:D7:43:91:E7:4C:6E:75:7F:31:2E:F0:73:42:BA:65:33:10:A1","sha256":"CE:29:8E:25:04:30:DB:66:40:33:DC:E9:2B:1F:4D:53:C8:EB:78:E0:A6:24:15:31:37:FF:0E:B6:7D:10:33:23"}}},"request":{"raw":"GET /p.gif?k=%20%20%E9%80%89%E6%8B%A9OK%E4%BA%A4%E6%98%93%E5%B9%B3%E5%8F%B0%E5%AE%98%E7%BD%91%EF%BC%9B%E4%BD%93%E9%AA%8C%E5%AE%89%E5%85%A8%E3%80%81%E9%AB%98%E6%95%88%E3%80%81%E4%BE%BF%E6%8D%B7%E7%9A%84%E6%95%B0%E5%AD%97%E8%B5%84%E4%BA%A7%E4%BA%A4%E6%98%93%E3%80%82%E3%80%82 HTTP/1.1\r\nHost: t.gateia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 441 No Reason Phrase\r\ndate: Wed, 10 Dec 2025 04:09:27 GMT\r\nserver: Parking/1.0\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"441","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":1229,"timings":{"blocked":596,"dns":59,"connect":36,"send":0,"wait":37,"receive":0,"ssl":497},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/58.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/58.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 554\r\nlast-modified: Mon, 20 Oct 2025 07:16:58 GMT\r\netag: \"68f5e1ea-22a\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":554,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (554), with no line terminators","md5":"e31d379a7d3f1e3fa1a91a2bd2e66383","sha1":"43b270f96fd3f1ed7998f7ab3679d37bb3d0b148","sha256":"ba82f7808450b0663234584a3461cebe114d0a91e5cf5a6e1779995972bd04ea","sha512":"6c0f956b770b703ac49a2c12a87c6889a2e3d013f66f7abec0b01c7df47c0d55ea0f520276e69afbd3ee6e0911440126bff7b39208dfcf7c66fc71dc471f38d6","ssdeep":"","tlshash":"7cf0c04ebc0df2146652386627bbdaac99af10251009e80664dbc4ae2d28ffc4116a0c","first_seen":"2025-12-10T04:09:49.15493Z","last_seen":"2025-12-10T04:09:49.15493Z","times_seen":1,"resource_available":true,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/images/video-poster-2.jpg","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /images/video-poster-2.jpg HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/html\r\ncontent-length: 548\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T16:27:04.894813Z","times_seen":16112,"resource_available":true,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1028,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/images/video-poster-1.jpg","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:26.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /images/video-poster-1.jpg HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b; __vtins__3NoITl9uOrrGPqIb=%7B%22sid%22%3A%20%22ad963a36-efe1-55e3-8b8d-ee4918fb02f5%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201765341566387%2C%20%22ct%22%3A%201765339766387%7D; __51uvsct__3NoITl9uOrrGPqIb=1; __51vcke__3NoITl9uOrrGPqIb=10d1a6e7-82fe-5dac-b279-a75edb04ae3b; __51vuft__3NoITl9uOrrGPqIb=1765339766391\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/html\r\ncontent-length: 548\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T16:27:04.894813Z","times_seen":16112,"resource_available":true,"data":null}},"time_used":777,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":736,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-10T04:09:23.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:25 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 04 Dec 2025 08:04:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6931409b-38ad\"\r\nset-cookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":14509,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e2d3b35dea72b9bea2aa676aaca45e87","sha1":"51c400ef4254ea97355050cba032f43fb75ec274","sha256":"ffc1d65d1c2009055c6f6e0232c8db62dc303e954b90343f0b6f36f89443c0d2","sha512":"8c97f45798c7245d8c7e11f48dd9db0c1a61bdc9760f79ab96b6f16838d8734d7bfed68531687fd7481b53ba544038ef2b513d5ec757d48d87169771579be600","ssdeep":"384:w5GHEPZHMh7eyuP0YhEF+qw1KMAFBG002y:i2h7eVP0FXHY002y","tlshash":"6652852b9485a82b08a391e5b7302b5f71c0ee32e927594476fbcbdc17c1ec6ce19106","first_seen":"2025-12-10T04:09:49.159158Z","last_seen":"2025-12-10T04:09:49.159158Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2741,"timings":{"blocked":685,"dns":163,"connect":257,"send":0,"wait":1371,"receive":0,"ssl":262},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/bootstrap.min.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/bootstrap.min.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea163f-235f0\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":144880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65325)","md5":"450fc463b8b1a349df717056fbb3e078","sha1":"895125a4522a3b10ee7ada06ee6503587cbf95c5","sha256":"2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d","sha512":"93bf1ed5f6d8b34f53413a86efd4a925d578c97abc757ea871f3f46f340745e4126c48219d2e8040713605b64a9ecf7ad986aa8102f5ea5ecf9228801d962f5d","ssdeep":"1536:GcoqwrUPyDHU7c7TcDEBi82NcuSELL4d/+oENM6HN26Q:VoPgPard2oENM6HN26Q","tlshash":"f6e37667f591322da097ca1851c0bbfa466f8156d6221ffbf4273b604b8a6c70a73d0d","first_seen":"2023-04-05T03:09:34Z","last_seen":"2026-04-03T19:21:24.820903Z","times_seen":53119,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1031,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/styles.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/styles.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea164a-2c5f\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11359,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"327942ee751b0e568cb89b951aa820cc","sha1":"b0670fcc8658868e857e85400e03498ee4101cb0","sha256":"6980c546b93b1938cf78734336cf8e90b93341de38cdc1ee55ef1bc78aa0dcc6","sha512":"b61969a51eb6342c695ed1853e366969454ab2d424a371225b82d2df2c81df731aaac5d40534c1b6d01fc8648c188ee5c573f76c747b4f3a39f4e2b9a77a7b1a","ssdeep":"192:KeccWOeWyoG6bDcnE5O4FF1uh6rFhK5FlcNi5jYx4F7EgeeX/p:K7cReWyoBBF7ucrFiFleyJFFeGp","tlshash":"b0326481bfa16151752bc23973d6ab15e3bca142960acd7c7fa9201caec13ec119fb4d","first_seen":"2025-10-12T03:54:21.467197Z","last_seen":"2025-12-10T04:09:49.163382Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1030,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery-2.2.4.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/jquery-2.2.4.min.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea165e-14e4d\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85581,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-03T19:30:26.380819Z","times_seen":261062,"resource_available":true,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/video/v_3.mp4","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:26.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/video/v_3.mp4 HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 1377247\r\nlast-modified: Sat, 11 Oct 2025 08:33:45 GMT\r\netag: \"68ea1669-1503df\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-1377246/1377247\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42472,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"937d851e6c4a2b24c9efd0e9dcb6a494","sha1":"d5f1a51f1c3e573b4004723d2141f4fffa85e40d","sha256":"ce653140a6558a287c1dd82648b87fe2e2cbd99cf3bf5b86ad28a46068d6c10c","sha512":"3cda201404c12cfd7f42a9c429c85496e097e00436fe972644e1dbb07fef885852142d1f84709f0687d9f69c74d74d0fd558a4d93278572ddd9964128459f6e3","ssdeep":"768:1vmWhEee+UeC5KGpPpHyGZKv4eTfq8JZtGhEaVEHPK7u4n9sBUNQkvZ7:XEeehKg9yGZKvhy8whbVEiu4n9sBUikt","tlshash":"c113f26a2cd105a9d16b4a380b1b0f2e4e8ba015546819dbe578cdffc548a8377ff317","first_seen":"2025-12-10T04:09:49.168159Z","last_seen":"2025-12-10T04:09:49.168159Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1024,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":730,"receive":294,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/video/v_1.webm","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:26.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/video/v_1.webm HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: video/webm\r\ncontent-length: 475896\r\nlast-modified: Sat, 11 Oct 2025 08:33:44 GMT\r\netag: \"68ea1668-742f8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-475895/475896\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":475896,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"ee9a1be909c939789acc435fd8f12abd","sha1":"c3612a70cdfd759aafd85ab4c8c200adccfa3472","sha256":"a4b0e743f968997fbee0dd24bcf3e5c224209230a60f2ce87bcd2973129e08f1","sha512":"d572ca51bd004cac12d73b2dddc3b089235d44ffc67f80ea67fb2e54c1e4ffe1034fab82b0b040e2209dbef90c4cb9d2b8549dd1b68418585090e63d9c32dda1","ssdeep":"12288:tYrq3/LtGrS0sMEej+QBtqMH4DgWXK9jz8s:tY2hGrSWEej5MMH4NK9j3","tlshash":"60a423466511ed80d32b9eb9cb1b66fa7b7e0670e0f6e326c7158072fca0e141a5f11b","first_seen":"2025-07-26T07:28:31.506833Z","last_seen":"2026-04-01T09:43:11.914144Z","times_seen":796,"resource_available":false,"data":null}},"time_used":1769,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":730,"receive":1039,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/typography.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/typography.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea164c-d75\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3445,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"57926eb65e34aacaf530c1788684d165","sha1":"f2bd11a53c1c5a13984b350cb63d6a611a5cdbf9","sha256":"4dbcb847e937e202ed99f5eec9ec9772e8599a7db272f10c1541a97cdfb189d1","sha512":"0a56233e4f5434709a5ebb06acfff93a1014ec2a2c5680a1ed0dbf7184bf176275c4286e2b11d924fa45be24e6aeb051deb45ab033a3f9a275803018c66058e1","ssdeep":"","tlshash":"d061104b8eb35840f519d869bb9ffb54b19ca027480eccb4bb85770cdf851e8125a35d","first_seen":"2025-08-29T06:06:54.483124Z","last_seen":"2026-03-06T14:49:37.532972Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1031,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/image/logo-white.png","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/image/logo-white.png HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 11 Oct 2025 08:33:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1653-df8\"\r\nexpires: Fri, 09 Jan 2026 04:09:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3576,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 164 x 72, 8-bit/color RGBA, non-interlaced","md5":"bcebd1a89afd2297fd02d186c9c112cf","sha1":"6e9bb0aca6a6232799be4f76705156c516e1d9ea","sha256":"a2b2949f9eca58962e39184f988582b2f897edc82ccf11b3b0926555165e87a7","sha512":"9f8b3ee5afa761fdd76e50bfe48297e51a7a7a48a8b52672db160a6c67435673a516c127d55957708a7875ed836262eff460a93cc346c98ac5216e7e0ef343a0","ssdeep":"","tlshash":"c1714c4df9795280524caaa68cd3501efaba1861998cc519b8ebc488553a7f9112f9c3","first_seen":"2025-10-12T03:54:21.454211Z","last_seen":"2026-03-06T14:49:37.552568Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1029,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:26.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 470\r\nOrigin: https://www.novinpayamak.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 211 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.novinpayamak.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\neo-log-uuid: 14778392404445752212\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"211","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":470,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/bootstrap.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/bootstrap.min.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea165c-bf33\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48947,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (48664)","md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-03T19:25:34.060133Z","times_seen":103139,"resource_available":true,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.dumage.com/images/bg/appvideo-bg.jpg","fqdn":"www.dumage.com","domain":"dumage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:26.761Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/bg/appvideo-bg.jpg HTTP/1.1\r\nHost: www.dumage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":7151,"timings":{"blocked":7151,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.dumage.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.dumage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.dumage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:27.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 471\r\nOrigin: https://www.novinpayamak.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.novinpayamak.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 10 Dec 2025 04:09:27 GMT\r\neo-log-uuid: 7633443850250692102\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/video/v_3.mp4","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:27.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/video/v_3.mp4 HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=1343488-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b; __vtins__3NoITl9uOrrGPqIb=%7B%22sid%22%3A%20%22ad963a36-efe1-55e3-8b8d-ee4918fb02f5%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201765341566387%2C%20%22ct%22%3A%201765339766387%7D; __51uvsct__3NoITl9uOrrGPqIb=1; __51vcke__3NoITl9uOrrGPqIb=10d1a6e7-82fe-5dac-b279-a75edb04ae3b; __51vuft__3NoITl9uOrrGPqIb=1765339766391; __vtins__3NnA4pZq34zykNfw=%7B%22sid%22%3A%20%224d3e9b10-5a34-5d95-b709-c5ce5f827781%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201765341567143%2C%20%22ct%22%3A%201765339767143%7D; __51uvsct__3NnA4pZq34zykNfw=1; __51vcke__3NnA4pZq34zykNfw=1e4af6d6-a74f-50c5-b018-153192f84b98; __51vuft__3NnA4pZq34zykNfw=1765339767147\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:27 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 33759\r\nlast-modified: Sat, 11 Oct 2025 08:33:45 GMT\r\netag: \"68ea1669-1503df\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 1343488-1377246/1377247\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33759,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"8a3994bf1ab34d79409df84eea430573","sha1":"22d9dccbd3e2f3286e845ac06095ada5e56a33a4","sha256":"b9658a3e8045e45200b2e64bd6a915cd153f0c9a6dafc2293a4c8f6f32094b40","sha512":"12dd2a046beb80de281620911f749f8feb9d97e8fc6cf83a45de82345e22e1429dd6e5e574ce491640a35eaf072382a7689b716eacf8c37d5a98b82d92f2fdfb","ssdeep":"384:iVB4GdfhFUOJ7MofHZYc2TpagE8v14vzM2zv6rGpNjbu0K5ehFPtenbYckhPpxJU:i8GFXwoMFH/14vo2owNjiVIhibYn/xWb","tlshash":"7ae2056823eeb119ed3ca438b4965799af25cc4ecfc00bdf16164ad3bc50690bd996c8","first_seen":"2025-09-09T17:41:01.022207Z","last_seen":"2026-04-03T19:46:41.904978Z","times_seen":105,"resource_available":false,"data":null}},"time_used":741,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":740,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/default-css.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/default-css.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1640-16d9\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5849,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"059f312b388d29fa18d3b9f67393689f","sha1":"e3b255766b3cddaabe89d1dbca160a5441b1900a","sha256":"d7a9c57f78ca257017a5301207e04cd10c725ee9406e810d3005e9a8c2ff01c0","sha512":"bb96fe7c34a509a4748e96752b8fa312d74dbb56951fe079d7c78dfe8f6f3875a5f07c8fb1e3b893d616c6e49b25d8674ee576b02cee24975172ead37c4e92d5","ssdeep":"96:17FcFGFA4hMj4rcJ4hMj9mvN0mh9aYk8IkCoKgG6hCAWIX88b4aAohwlO:1igFG8rcbwhLhbhAohwlO","tlshash":"01c168537e672409111ae5a0cbffbad4c32c6253450ab9fabbc81086cf841dc569fe5d","first_seen":"2025-10-12T03:54:21.424731Z","last_seen":"2025-12-10T04:09:49.182493Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1030,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/images/video-poster-1.jpg","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /images/video-poster-1.jpg HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/html\r\ncontent-length: 548\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T16:27:04.894813Z","times_seen":16112,"resource_available":true,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1028,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/noad.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/noad.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1663-b3b\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2875,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"af01e14ae80759553f68d231e5b461d5","sha1":"3e0bb6aea7339297b2542ab0d3d3ecddcf57067b","sha256":"c1fced1da276fc0d10e16cef79c4cb21aa9f45c0833e48edfb451038335bb2dd","sha512":"eb3aa69095c4e210fd2c2f8ccc736069b881f7c09db7268056ee8a2b59ab405a3efc0030354ef178198b73ec68bea4e721df7ea814936bb4a804f6fb81894bac","ssdeep":"","tlshash":"7b5110bd5df62050196f6139eb3fa2093136460728d8ee277d9c4b25afc4c184171eda","first_seen":"2025-08-29T06:06:54.490924Z","last_seen":"2026-03-06T14:49:37.546826Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/s.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/s.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 165\r\nlast-modified: Sat, 11 Oct 2025 08:33:41 GMT\r\netag: \"68ea1665-a5\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":165,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"8208c3643c5326ed301d4853192cb512","sha1":"9b48e50a021cf93402ea1b95b160a1c28178bafe","sha256":"2e94b02b36d21cf2c765a90c974390673836b759e4f8e160b2fddcc60c347b34","sha512":"1c450a60ed0504c900ce4cb678840ba328aff9cb3c0fbd01fd706750fe1dc7d49a405314e158860b6290f422697bc911ecb3031913ee4eba1d467bd4aecb0833","ssdeep":"","tlshash":"6ec08c3a521519782aaf949a929a209e98a1320fdd6ea18419020a907b90db70646aaa","first_seen":"2025-08-29T06:06:54.485202Z","last_seen":"2026-03-06T14:49:37.544816Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1281,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/favicon.ico","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:28.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b; __vtins__3NoITl9uOrrGPqIb=%7B%22sid%22%3A%20%22ad963a36-efe1-55e3-8b8d-ee4918fb02f5%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201765341566387%2C%20%22ct%22%3A%201765339766387%7D; __51uvsct__3NoITl9uOrrGPqIb=1; __51vcke__3NoITl9uOrrGPqIb=10d1a6e7-82fe-5dac-b279-a75edb04ae3b; __51vuft__3NoITl9uOrrGPqIb=1765339766391; __vtins__3NnA4pZq34zykNfw=%7B%22sid%22%3A%20%224d3e9b10-5a34-5d95-b709-c5ce5f827781%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201765341567143%2C%20%22ct%22%3A%201765339767143%7D; __51uvsct__3NnA4pZq34zykNfw=1; __51vcke__3NnA4pZq34zykNfw=1e4af6d6-a74f-50c5-b018-153192f84b98; __51vuft__3NnA4pZq34zykNfw=1765339767147\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:28 GMT\r\ncontent-type: text/html\r\ncontent-length: 548\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T16:27:04.894813Z","times_seen":16112,"resource_available":true,"data":null}},"time_used":354,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/slicknav.min.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/slicknav.min.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1646-9cc\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2508,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2414)","md5":"cb0567a8e6fa8a2786dec28833cb1ce9","sha1":"c54e46ca2b58657ce9b9af788c4c71db2f258768","sha256":"2c48050a1280b38ee66b4122dc30f7b8d0d89776c80f76f213dca958e701f45d","sha512":"85eca889e0079a900bdc175a40cb1b20e855bc66f8fa9978686099a96cd7fdfd410a1440aeb072fd75190c75bd5958b9a7aa5ff76a57e328e47e675a2186b641","ssdeep":"","tlshash":"4951af76a5ec0154713ad2246fc0e6cbe4e7310348310a99f99976b1c7be06d7ce1db9","first_seen":"2023-04-07T07:32:13Z","last_seen":"2026-04-03T15:34:26.935794Z","times_seen":1062,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1031,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/css/responsive.css","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/css/responsive.css HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 11 Oct 2025 08:33:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1642-3dd4\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15828,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"87d815b82d4fe32e99f09986c04daba9","sha1":"99a223ec259a319598b2f78d51570e305533d802","sha256":"69edea8de8fcca7ce3dc84a54f1f57a737f1812e352864fc1c4e3daee2d4c543","sha512":"c44c7c4282290538eb9a09d82e54f8b45ccfc87f3c54226aaf559ccc733c47a4c169729087810886fb8425cd7db79c9f2a2debaa1bf2c9264527e3dc7bb7e012","ssdeep":"192:IKsfSKjk+t455zaUX25V4CjTQG3nIADuRM+2ibwlfRsSffnebwMwnkN53RfRIAaF:I/fnLDqCw55+H10wdjFl","tlshash":"7d62899f2ae300056d57b9796bba7a507274e413e18deca57dcca14ccfc86e588c1b4c","first_seen":"2025-08-29T06:06:54.495714Z","last_seen":"2026-03-06T14:49:37.537391Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1029,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.novinpayamak.com/static/js/jquery.zoomslider.min.js","fqdn":"www.novinpayamak.com","domain":"novinpayamak.com","tld":"com"},"ip":{"addr":"154.23.100.4","port":443,"asn":139646,"as":"HONG KONG Megalayer Technology Co.,Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.novinpayamak.com/","date":"2025-12-10T04:09:25.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novinpayamak.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 16:58:18 GMT","end":"Mon, 09 Mar 2026 16:58:17 GMT"},"fingerprint":{"sha1":"E6:D5:8F:85:A9:25:54:30:C7:31:E9:AC:3D:21:91:A9:AD:4E:78:6F","sha256":"E4:A2:21:36:D0:79:C5:E3:02:09:6B:71:A4:8E:99:28:75:0E:2D:BA:83:11:53:8B:12:D6:65:DE:8E:ED:71:E8"}}},"request":{"raw":"GET /static/js/jquery.zoomslider.min.js HTTP/1.1\r\nHost: www.novinpayamak.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.novinpayamak.com/\r\nCookie: server_name_session=5f96c7b5d416504275f188bbeb1e585b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 10 Dec 2025 04:09:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Oct 2025 08:33:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ea1662-1389\"\r\nexpires: Wed, 10 Dec 2025 16:09:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5001,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4998), with no line terminators","md5":"7c6592dca288a98e4394c418134c2c0b","sha1":"c43da1627765de667716f25305b024f5b0d68aae","sha256":"3b21de964d29552982e5138ce5d974bdc6661669691c142a8294b35348cafa9d","sha512":"b197ed6fe8217d0100d459121ad209ccfef41d09f146fb5a493023679b555a15a258143a1b9b13efee66e68ec5c6314f297d687dcbea835c39a654ea5d2c1808","ssdeep":"96:mkFZoPO3XDmnO0kkbK3uXlm/OJWZ6BsAvsq+E1p/0QEJRo4c:mQZ4O3XDkdRU6BjnJ9F","tlshash":"35a1c74df375241849df51b060eaaa01803fa5599913f1ac7678a1cae9d5dcc303bbfe","first_seen":"2023-03-10T13:09:50Z","last_seen":"2026-04-03T01:47:48.57038Z","times_seen":73,"resource_available":true,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-10","alert":"Phishing Block","trigger":"www.novinpayamak.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-10","alert":"Sinkholed","trigger":"www.novinpayamak.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}