dl.tehranuniversity.website Open in urlscan Pro
146.70.161.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dl.tehranuniversity.website/auth/login
Submission Tags: c2 malware meduza Search All
Submission: On November 13 via api (November 13th 2023, 3:32:22 pm UTC) from US — Scanned from PL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 146.70.161.13, located in Warsaw, Poland and belongs to M247, RO. The main domain is dl.tehranuniversity.website.

This is the only time dl.tehranuniversity.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	146.70.161.13 146.70.161.13		9009 (M247) (M247)
9	2

9 146.70.161.13 (Warsaw, Poland)

ASN9009 (M247, RO)

dl.tehranuniversity.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tehranuniversity.website dl.tehranuniversity.website	5 MB
9	1

	Domain	Requested by
9	dl.tehranuniversity.website	dl.tehranuniversity.website
9	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://dl.tehranuniversity.website/auth/login
Frame ID: A487A7DA785A918628EA7DFFED20C09C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meduza

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

5280 kB
Transfer

5279 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request login Show response dl.tehranuniversity.website/auth/	563 B 867 B	118ms 57ms	Document text/html	146.70.161.13 M247
General Check archive.org Show headers Download Go to Full URL http://dl.tehranuniversity.website/auth/login Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `2777a1086f6957fffc47c23d1b18948750e31fb8feacc9fca8839d83c44a68d4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers cache-control public, max-age=43200 content-length 563 content-type text/html; charset=utf-8 date Mon, 13 Nov 2023 15:32:17 GMT etag "1692889370.502709-563-3873904712" expires Tue, 14 Nov 2023 03:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11
GET H/1.1	200	index-9d57ec6a.js Show response dl.tehranuniversity.website/assets/	2 MB 2 MB	36ms 35ms	Script application/javascript	146.70.161.13 M247
General Check archive.org Show headers Download Go to Full URL http://dl.tehranuniversity.website/assets/index-9d57ec6a.js Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/auth/login Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `e02bf9efd4b21e8113a55b3b3971eb8269f668cf8232f5350d7439bde6386aac` Request headers Referer http://dl.tehranuniversity.website/auth/login Origin http://dl.tehranuniversity.website accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.5037088-1935182-1609047284" content-type application/javascript; charset=utf-8 cache-control public, max-age=43200 content-length 1935182 expires Tue, 14 Nov 2023 03:32:17 GMT
GET H/1.1	200	index-d74faef2.css dl.tehranuniversity.website/assets/	131 KB 131 KB	67ms 38ms	Stylesheet text/css	146.70.161.13 M247
General Check archive.org Show headers Download Go to Full URL http://dl.tehranuniversity.website/assets/index-d74faef2.css Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/auth/login Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `d74faef20971173de9cba225f51fcb7b6fca421d025775d3f9dbb086aefcf09a` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.502709-133774-2131697035" content-type text/css; charset=utf-8 cache-control public, max-age=43200 content-length 133774 expires Tue, 14 Nov 2023 03:32:17 GMT
GET DATA	200 OK	truncated /	178 KB 178 KB		Other application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1e97cf58ff10c791041f2301ccb861ff12b069ccafa5638a4b5294efe7a3b051` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type application/octet-stream
GET H/1.1	200	logo-d9a9a462.svg dl.tehranuniversity.website/assets/	33 KB 33 KB	40ms 40ms	Image image/svg+xml	146.70.161.13 M247
General Check archive.org Show headers Download Go to Show image Full URL http://dl.tehranuniversity.website/assets/logo-d9a9a462.svg Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `d9a9a4629b103b0e87e0409c6f54b03fed44efdbbe8d2c2300cca5935444dff0` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.4997087-33287-1586830540" content-type image/svg+xml; charset=utf-8 cache-control public, max-age=43200 content-length 33287 expires Tue, 14 Nov 2023 03:32:17 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `be281dfcee41db752e433d1ec0b2c2fa5fda66c1c23989817ee134c6c75705da` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200	user-148f1bed.jpg dl.tehranuniversity.website/assets/	19 KB 20 KB	40ms 39ms	Image image/jpeg	146.70.161.13 M247
General Check archive.org Show headers Download Go to Show image Full URL http://dl.tehranuniversity.website/assets/user-148f1bed.jpg Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/assets/index-d74faef2.css Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `148f1bed0a1eb7be4c4c19b646963715602717c7b15becc835d49443d01f9c88` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/assets/index-d74faef2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.4997087-19831-1586044150" content-type image/jpeg cache-control public, max-age=43200 content-length 19831 expires Tue, 14 Nov 2023 03:32:17 GMT
GET H/1.1	200	medusa-a0c27a9c.svg dl.tehranuniversity.website/assets/	2 MB 2 MB	118ms 88ms	Image image/svg+xml	146.70.161.13 M247
General Check archive.org Show headers Download Go to Show image Full URL http://dl.tehranuniversity.website/assets/medusa-a0c27a9c.svg Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/assets/index-d74faef2.css Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `a0c27a9cfa9657c9fc5683b43d4fb1d85c1d6591b57e70951e3ec51cc537a70f` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/assets/index-d74faef2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.5037088-2560047-2621840832" content-type image/svg+xml; charset=utf-8 cache-control public, max-age=43200 content-length 2560047 expires Tue, 14 Nov 2023 03:32:17 GMT
GET H/1.1	200	medusa-stone-ca06887e.png dl.tehranuniversity.website/assets/	447 KB 447 KB	85ms 55ms	Image image/png	146.70.161.13 M247
General Check archive.org Show headers Download Go to Show image Full URL http://dl.tehranuniversity.website/assets/medusa-stone-ca06887e.png Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/assets/index-d74faef2.css Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `ca06887ecc45eabf90bb0147bbb046409de3c93fa5146f8461d367190f0f4475` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/assets/index-d74faef2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.502709-457873-1541873639" content-type image/png cache-control public, max-age=43200 content-length 457873 expires Tue, 14 Nov 2023 03:32:17 GMT
GET H/1.1	200	avatar-276529a4.svg dl.tehranuniversity.website/assets/	24 KB 25 KB	86ms 56ms	Image image/svg+xml	146.70.161.13 M247
General Check archive.org Show headers Download Go to Show image Full URL http://dl.tehranuniversity.website/assets/avatar-276529a4.svg Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/assets/index-d74faef2.css Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `276529a46d26b0f3747876c19fcedaca75e4838eae517d150bb3dd099cc5ddbb` Request headers accept-language pl-PL,pl;q=0.9 Referer http://dl.tehranuniversity.website/assets/index-d74faef2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Thu, 24 Aug 2023 15:02:50 GMT server hypercorn-h11 etag "1692889370.502709-24993-2540182842" content-type image/svg+xml; charset=utf-8 cache-control public, max-age=43200 content-length 24993 expires Tue, 14 Nov 2023 03:32:17 GMT
GET H/1.1	200	ds-greece.ttf dl.tehranuniversity.website/fonts/	54 KB 55 KB	91ms 63ms	Font application/octet-stream	146.70.161.13 M247
General Check archive.org Show headers Download Go to Full URL http://dl.tehranuniversity.website/fonts/ds-greece.ttf Requested by Host: dl.tehranuniversity.website URL: http://dl.tehranuniversity.website/assets/index-d74faef2.css Protocol HTTP/1.1 Server 146.70.161.13 Warsaw, Poland, ASN9009 (M247, RO), Reverse DNS Software hypercorn-h11 / Resource Hash `0695b533e71e5bfb83a90e99545c83c2019395dc21b22846a485b7ec878371bd` Request headers Referer http://dl.tehranuniversity.website/assets/index-d74faef2.css Origin http://dl.tehranuniversity.website accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:32:17 GMT last-modified Fri, 14 Jul 2023 17:31:22 GMT server hypercorn-h11 etag "1689355882.300113-55740-3549567934" content-type application/octet-stream cache-control public, max-age=43200 content-length 55740 expires Tue, 14 Nov 2023 03:32:17 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _global object| global function| Buffer object| libsodium

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.tehranuniversity.website
146.70.161.13
0695b533e71e5bfb83a90e99545c83c2019395dc21b22846a485b7ec878371bd
148f1bed0a1eb7be4c4c19b646963715602717c7b15becc835d49443d01f9c88
1e97cf58ff10c791041f2301ccb861ff12b069ccafa5638a4b5294efe7a3b051
276529a46d26b0f3747876c19fcedaca75e4838eae517d150bb3dd099cc5ddbb
2777a1086f6957fffc47c23d1b18948750e31fb8feacc9fca8839d83c44a68d4
a0c27a9cfa9657c9fc5683b43d4fb1d85c1d6591b57e70951e3ec51cc537a70f
be281dfcee41db752e433d1ec0b2c2fa5fda66c1c23989817ee134c6c75705da
ca06887ecc45eabf90bb0147bbb046409de3c93fa5146f8461d367190f0f4475
d74faef20971173de9cba225f51fcb7b6fca421d025775d3f9dbb086aefcf09a
d9a9a4629b103b0e87e0409c6f54b03fed44efdbbe8d2c2300cca5935444dff0
e02bf9efd4b21e8113a55b3b3971eb8269f668cf8232f5350d7439bde6386aac

dl.tehranuniversity.website Open in urlscan Pro 146.70.161.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

5280 kBTransfer

5279 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

dl.tehranuniversity.website Open in urlscan Pro
146.70.161.13 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

5280 kB
Transfer

5279 kB
Size

0
Cookies

9 HTTP transactions
2 data transactions