east.unknawdictskyjal.tk

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3035::ac43:99c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is east.unknawdictskyjal.tk.
TLS certificate: Issued by E1 on August 15th 2023. Valid for: 3 months.

This is the only time east.unknawdictskyjal.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::ac43:99c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.143.234.102 185.143.234.102	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
1	194.225.222.146 194.225.222.146	43965 (TUMS-IR-AS) (TUMS-IR-AS)
1	2606:4700::68... 2606:4700::6812:1f96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.225.137.121 3.225.137.121	14618 (AMAZON-AES) (AMAZON-AES)
5	5

1 2606:4700:3035::ac43:99c7 (United States)

ASN13335 (CLOUDFLARENET, US)

east.unknawdictskyjal.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.143.234.102 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

media.mehrnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.225.222.146 (Iran, Islamic Republic Of)

ASN43965 (TUMS-IR-AS, IR)
PTR: gsia.tums.ac.ir

educationiran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f96 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-137-121.compute-1.amazonaws.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	placeholder.com via.placeholder.com — Cisco Umbrella Rank: 32087	606 B
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 2192	138 KB
1	educationiran.com educationiran.com
1	mehrnews.com media.mehrnews.com — Cisco Umbrella Rank: 364426	70 KB
1	unknawdictskyjal.tk east.unknawdictskyjal.tk	16 KB
5	5

	Domain	Requested by
1	via.placeholder.com	east.unknawdictskyjal.tk
1	i.pinimg.com	east.unknawdictskyjal.tk
1	educationiran.com	east.unknawdictskyjal.tk
1	media.mehrnews.com	east.unknawdictskyjal.tk
1	east.unknawdictskyjal.tk
5	5

This site contains no links.

Subject Issuer	Validity	Valid
unknawdictskyjal.tk E1	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.mehrnews.com Certum Domain Validation CA SHA2	`2022-10-13` - `2023-10-13`	a year	crt.sh
WMSvc-WIN-KN0ADMIC99B WMSvc-WIN-KN0ADMIC99B	`2015-01-07` - `2025-01-04`	10 years	crt.sh
*.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-09` - `2024-07-09`	a year	crt.sh
placeholder.com Amazon RSA 2048 M01	`2023-01-25` - `2024-02-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://east.unknawdictskyjal.tk/
Frame ID: 8E7DD6F1ACB41360EA82B0FBE481A8F5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

پایگاه خبری و تحلیلی ایلام

Page Statistics

5
Requests

80 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

224 kB
Transfer

254 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
east.unknawdictskyjal.tk/ 47 KB
16 KB 676ms
223ms Document
text/html 2606:4700:3035::ac43:99c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://east.unknawdictskyjal.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:99c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dd5024c438aa897524306360b9b73bf0e32d7a3b51a01a7d43546119e14748

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f937e0f8e2943c7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 15:39:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI7x0TKZf7d7xASRFTa5umrIJd2XO3PA%2FYIzDENHCWMyUdcnWDRgiBf3%2F5OWqVEKygDKtDcm9wblo6HXdALBEY6p6mpGrJB6imsnB7JnaGH4sPcFX9nnEskENpRrBpv%2FXJkICKl5cnKCW%2FtygXKwCEpL%2B%2BH%2FSgU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 IMG08491480.JPG
media.mehrnews.com/old/Original/1392/10/18/ 70 KB
70 KB 967ms
298ms Image
image/jpeg 185.143.234.102
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.mehrnews.com/old/Original/1392/10/18/IMG08491480.JPG

Requested by

Host: east.unknawdictskyjal.tk
URL: https://east.unknawdictskyjal.tk/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.102 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

9bfeba775098909f9cbdcb3a46efd82c84d3d23694d765b5e88e020d8345c92f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://east.unknawdictskyjal.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Mon, 18 Sep 2023 15:40:00 GMT
date: Sat, 19 Aug 2023 15:40:00 GMT
last-modified: Wed, 08 Jan 2014 05:19:14 GMT
server: ArvanCloud
etag: "52ccdfd2-1165b"
x-cache: BYPASS
content-type: image/jpeg
cache-control: max-age=2592000
server-timing: total;dur=178
accept-ranges: bytes
content-length: 71259
x-xss-protection: 1; mode=block
x-request-id: cb1719275986b1b78cb2002b406a470a
x-sid: 4100

GET
H/1.1 404
Not Found %D8%A7%D9%84%D9%85%D8%A7%D9%86_%DA%AF%D8%B1%DA%AF%D8%A7%D9%86.jpg
educationiran.com/Images/UserFiles/20460/image/ 0
0 1685ms
183ms Image
text/html 194.225.222.146
TUMS-IR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://educationiran.com/Images/UserFiles/20460/image/%D8%A7%D9%84%D9%85%D8%A7%D9%86_%DA%AF%D8%B1%DA%AF%D8%A7%D9%86.jpg
Requested by: Host: east.unknawdictskyjal.tk
URL: https://east.unknawdictskyjal.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 194.225.222.146 , Iran, Islamic Republic Of, ASN43965 (TUMS-IR-AS, IR),
Reverse DNS: gsia.tums.ac.ir
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://east.unknawdictskyjal.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 bd1a3bf9dad7ca231e90e6821e89dc8c.jpg
i.pinimg.com/originals/bd/1a/3b/ 137 KB
138 KB 228ms
187ms Image
image/jpeg 2606:4700::6812:1f96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/bd/1a/3b/bd1a3bf9dad7ca231e90e6821e89dc8c.jpg
Requested by: Host: east.unknawdictskyjal.tk
URL: https://east.unknawdictskyjal.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a28a50916b3521d117f834a080a6e94834cded60e50aacccbc5d6150cb52a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://east.unknawdictskyjal.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:39:59 GMT
x-cdn: cloudflare
server: cloudflare
etag: "fb2050f4326b882ea57878ac2e3512cb"
edge-start: 1692459599563
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 7f937e113fbb42b9-EWR
alt-svc: h3=":443"; ma=600
content-length: 140657
origin-latency: 177

GET
H2 200 50x50
via.placeholder.com/ 480 B
606 B 1815ms
1760ms Image
image/png 3.225.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/50x50
Requested by: Host: east.unknawdictskyjal.tk
URL: https://east.unknawdictskyjal.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-137-121.compute-1.amazonaws.com
Software: Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash: 3575eeb164c9c40529fd0f26fa91ca3cb1002a99dd3420486fded18662b10d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://east.unknawdictskyjal.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:40:01 GMT
cache-control: public, max-age=31557600
server: Werkzeug/2.2.2 Python/3.9.16
content-length: 480
content-type: image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			east.unknawdictskyjal.tk/	1969-12-31 23:59:59	Name: ch1c Value: b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://east.unknawdictskyjal.tk/ Message: Mixed Content: The page at 'https://east.unknawdictskyjal.tk/' was loaded over HTTPS, but requested an insecure element 'http://media.mehrnews.com/old/Original/1392/10/18/IMG08491480.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://east.unknawdictskyjal.tk/ Message: Mixed Content: The page at 'https://east.unknawdictskyjal.tk/' was loaded over HTTPS, but requested an insecure element 'http://educationiran.com/Images/UserFiles/20460/image/%D8%A7%D9%84%D9%85%D8%A7%D9%86_%DA%AF%D8%B1%DA%AF%D8%A7%D9%86.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://east.unknawdictskyjal.tk/(Line 94) Message: Mixed Content: The page at 'https://east.unknawdictskyjal.tk/' was loaded over HTTPS, but requested an insecure element 'http://media.mehrnews.com/old/Original/1392/10/18/IMG08491480.JPG'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://east.unknawdictskyjal.tk/(Line 94) Message: Mixed Content: The page at 'https://east.unknawdictskyjal.tk/' was loaded over HTTPS, but requested an insecure element 'http://educationiran.com/Images/UserFiles/20460/image/%D8%A7%D9%84%D9%85%D8%A7%D9%86_%DA%AF%D8%B1%DA%AF%D8%A7%D9%86.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://educationiran.com/Images/UserFiles/20460/image/%D8%A7%D9%84%D9%85%D8%A7%D9%86_%DA%AF%D8%B1%DA%AF%D8%A7%D9%86.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

east.unknawdictskyjal.tk
educationiran.com
i.pinimg.com
media.mehrnews.com
via.placeholder.com
185.143.234.102
194.225.222.146
2606:4700:3035::ac43:99c7
2606:4700::6812:1f96
3.225.137.121
33a28a50916b3521d117f834a080a6e94834cded60e50aacccbc5d6150cb52a5
3575eeb164c9c40529fd0f26fa91ca3cb1002a99dd3420486fded18662b10d3d
9bfeba775098909f9cbdcb3a46efd82c84d3d23694d765b5e88e020d8345c92f
e1dd5024c438aa897524306360b9b73bf0e32d7a3b51a01a7d43546119e14748
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

east.unknawdictskyjal.tk Open in urlscan Pro 2606:4700:3035::ac43:99c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

80 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

224 kBTransfer

254 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

5 Console Messages

Indicators

east.unknawdictskyjal.tk Open in urlscan Pro
2606:4700:3035::ac43:99c7 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

224 kB
Transfer

254 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions