urlscan.io logo urlscan.io
SecurityTrails logo

applearea.tk Open in urlscan Pro
2606:4700:30::681b:a977  Public Scan

Go To Rescan Add Verdict Report
URL: https://applearea.tk/
Submission: On April 20 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::681b:a977, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is applearea.tk.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 20th 2019. Valid for: a year.
This is the only time applearea.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 5.144.133.146 59441 (IR-AS)
2 185.49.85.22 43754 (ASIATECH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.154.244.106 20860 (IOMART-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.147.178.24 44932 (SABAIDEA)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 11
1    2606:4700:30::681b:a977 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
applearea.tk
2    5.144.133.146 (Iran, Islamic Republic Of)

ASN59441 (IR-AS, IR)
PTR: 5-144-133-146.static.hostiran.name
static.mihanblog.com
file.mihanblog.com
2    185.49.85.22 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
uupload.ir
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
1    95.154.244.106 (United Kingdom)

ASN20860 (IOMART-AS, GB)
smtpjs.com
1    2a02:26f0:6c00:185::1aca (European Union)

ASN20940 (AKAMAI-ASN1, US)
www.apple.com
1    2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
3    185.147.178.24 (Iran, Islamic Republic Of)

ASN44932 (SABAIDEA, IR)
api.sabavision.com
2    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81e::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
3 api.sabavision.com applearea.tk
api.sabavision.com
2 ssl.google-analytics.com 1 redirects applearea.tk
2 cdn.jsdelivr.net applearea.tk
2 uupload.ir applearea.tk
1 www.google.de applearea.tk
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ajax.googleapis.com applearea.tk
1 www.apple.com applearea.tk
1 file.mihanblog.com applearea.tk
1 smtpjs.com applearea.tk
1 static.mihanblog.com applearea.tk
1 applearea.tk
16 13

This site contains links to these domains. Also see Links.

Domain
www.bartarkafsab.com
www.apple.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-20 -
2020-04-20		 a year crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-06 -
2019-10-13		 6 months crt.sh
smtpjs.com
Let's Encrypt Authority X3		 2019-04-19 -
2019-07-18		 3 months crt.sh
www.apple.com
DigiCert SHA2 Extended Validation Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-26 -
2019-06-18		 3 months crt.sh
*.sabavision.com
COMODO RSA Domain Validation Secure Server CA		 2018-01-28 -
2020-03-28		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-26 -
2019-06-18		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-03-26 -
2019-06-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://applearea.tk/
Frame ID: 5336BC1F68039257C625942E09F52734
Requests: 14 HTTP requests in this frame

Frame: https://api.sabavision.com/pox/?id=93&w=120&h=240
Frame ID: 601768D09740EB2017D0E47EE11BF2DB
Requests: 1 HTTP requests in this frame

Frame: https://api.sabavision.com/pox/?id=95&w=120&h=40
Frame ID: 955E52935178E9CF1ED521AA51873A0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^swal$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

16
Requests

69 %
HTTPS

67 %
IPv6

12
Domains

13
Subdomains

11
IPs

5
Countries

252 kB
Transfer

425 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1274610&utmhn=applearea.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Apple&utmhid=1316624645&utmr=-&utmp=%2F&utmht=1555783071989&utmac=UA-153829-18&utmcc=__utma%3D159751277.292448281.1555783072.1555783072.1555783072.1%3B%2B__utmz%3D159751277.1555783072.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=930493398&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610&slf_rd=1&random=1713934968

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
applearea.tk/ 		44 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://applearea.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a977 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a95cf0a5d70d70a5976b7d52c818ad324c03f51ea409180aa1731ae873433d

Request headers

:method
GET
:authority
applearea.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 20 Apr 2019 17:57:51 GMT
content-type
text/html
set-cookie
__cfduid=d7a6ea697285b50de4c99275e017723b51555783071; expires=Sun, 19-Apr-20 17:57:51 GMT; path=/; domain=.applearea.tk; HttpOnly appleicloud_ads_cnt=1; expires=Sun, 21-Apr-2019 17:57:51 GMT; Max-Age=86400 mib_lb_id=m0; path=/; domain=.mihanblog.com
cache-control
no-cache, must-revalidate
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ca900c3eed8c2c4-FRA
content-encoding
br
advert_close.gif
static.mihanblog.com//public/images/publish/ 		281 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mihanblog.com//public/images/publish/advert_close.gif
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Server
5.144.133.146 , Iran, Islamic Republic Of, ASN59441 (IR-AS, IR),
Reverse DNS
5-144-133-146.static.hostiran.name
Software
Toofun/1.0.1 /
Resource Hash
841a15c57af7f10aa34f4c309392f2d902218d4a9031c44d3a4c63af7389e05d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:57:51 GMT
Last-Modified
Wed, 27 Apr 2011 10:52:17 GMT
Server
Toofun/1.0.1
Accept-Ranges
bytes
ETag
"4db7f561-119"
Content-Length
281
Content-Type
image/gif
69e_iphone_xs_large.jpg
uupload.ir/files/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uupload.ir/files/69e_iphone_xs_large.jpg
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Server
185.49.85.22 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
nginx /
Resource Hash
4bd1f80a0a4b8f09da275b0b83ba207eb51c34003fe0b556edca27f68a9f9542

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:57:55 GMT
Last-Modified
Thu, 13 Dec 2018 14:02:11 GMT
Server
nginx
ETag
"5c126663-1a175"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106869
sweetalert2.min.js
cdn.jsdelivr.net/npm/sweetalert2@8.8.5/dist/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@8.8.5/dist/sweetalert2.min.js
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fff451121b3aa2245cd061328870dc1fd3bd57d2084651f3ae9cf6b1233c61e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 20 Apr 2019 17:57:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4ca900c6792cc305-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21036-AMS, cache-hhn1533-HHN
server
cloudflare
etag
W/"9131-9QsmtcArpwuE7WRdJfg+fAWb0oA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@8.8.5/dist/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@8.8.5/dist/sweetalert2.min.css
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fc9b80c0b535fcecedb61a09ee0985786e2daac40ec77c455acb202f703cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 20 Apr 2019 17:57:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4ca900c668f9c305-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21048-AMS, cache-hhn1542-HHN
server
cloudflare
etag
W/"68a5-+RhFqLMH3LRP9rn2iXBNERBjJyw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
smtp.js
smtpjs.com/v3/ 		871 B
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smtpjs.com/v3/smtp.js
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
95.154.244.106 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:58:00 GMT
Content-Encoding
gzip
ETag
"80e556c5dfead41:0"
Last-Modified
Thu, 04 Apr 2019 12:13:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
603
apple.png
file.mihanblog.com//public/user_data/user_files/742/2224823/ 		687 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://file.mihanblog.com//public/user_data/user_files/742/2224823/apple.png
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Server
5.144.133.146 , Iran, Islamic Republic Of, ASN59441 (IR-AS, IR),
Reverse DNS
5-144-133-146.static.hostiran.name
Software
Toofun/1.0.1 /
Resource Hash
f320e4f998945b5c5bdc85568e9ca86c16813123c22e4b7367d3532327a7f4b9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:57:51 GMT
Last-Modified
Thu, 18 Apr 2019 16:59:38 GMT
Server
Toofun/1.0.1
Accept-Ranges
bytes
ETag
"5cb8acfa-2af"
Content-Length
687
Content-Type
image/png
hero-iphone-xr_large.jpg
www.apple.com/v/iphone/home/y/images/overview/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/v/iphone/home/y/images/overview/hero-iphone-xr_large.jpg
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:185::1aca , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
3d86ef48e167137ef7ba895554995f49185b1ba2b1e454d5bb2610fd776c7a4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 20 Apr 2019 17:57:51 GMT
x-content-type-options
nosniff
last-modified
Sat, 08 Sep 2018 00:07:00 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=1597
accept-ranges
bytes
content-length
68009
nncoection
close
expires
Sat, 20 Apr 2019 18:24:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 20:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3706115
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33434
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Mar 2020 20:29:16 GMT
g.other.v3.js
static.mihanblog.com//public/scripts/run/ 		0
0
wfnq_2.png
uupload.ir/files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uupload.ir/files/wfnq_2.png
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Server
185.49.85.22 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
nginx /
Resource Hash
0ae7ffcf725196084be0b5f1e0a99d5ad4f419fcd8f1646fef97fcdb332ca524

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:57:55 GMT
Last-Modified
Thu, 13 Dec 2018 14:22:56 GMT
Server
nginx
ETag
"5c126b40-77a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1914
poxjs.js
api.sabavision.com/pox/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sabavision.com/pox/poxjs.js
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software
nginx /
Resource Hash
2eeb0e29e56bf466798143ac76a5e6adcbf26873a8d941dac03100db24cd34f3

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 20 Apr 2019 17:57:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Sep 2018 09:39:50 GMT
Server
nginx
ETag
W/"5b978d66-149f"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
0
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Expires
Mon, 20 May 2019 17:57:52 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6205
date
Sat, 20 Apr 2019 16:14:26 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Sat, 20 Apr 2019 18:14:26 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1274610&utmhn=applearea.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Apple&utmh...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610&slf_rd=1&random=1713934968
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610&slf_rd=1&random=1713934968
Requested by
Host: applearea.tk
URL: https://applearea.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://applearea.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Apr 2019 17:57:52 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Apr 2019 17:57:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153829-18&cid=292448281.1555783072&jid=930493398&_v=5.7.2&z=1274610&slf_rd=1&random=1713934968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.sabavision.com/pox/ Frame 6017 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sabavision.com/pox/?id=93&w=120&h=240
Requested by
Host: api.sabavision.com
URL: https://api.sabavision.com/pox/poxjs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
api.sabavision.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://applearea.tk/
Accept-Encoding
gzip, deflate, br
Cookie
svapi_lb_id=m3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://applearea.tk/

Response headers

Date
Sat, 20 Apr 2019 17:57:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Last-Modified
Tue, 22 Jan 2019 12:35:06 GMT
Vary
Accept-Encoding
ETag
W/"5c470dfa-195"
Expires
Mon, 20 May 2019 17:57:52 GMT
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Server
nginx
X-Upstream-CT
0.080
X-Upstream-HT
0.161
X-Upstream
0
/
api.sabavision.com/pox/ Frame 955E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sabavision.com/pox/?id=95&w=120&h=40
Requested by
Host: api.sabavision.com
URL: https://api.sabavision.com/pox/poxjs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.147.178.24 , Iran, Islamic Republic Of, ASN44932 (SABAIDEA, IR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
api.sabavision.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://applearea.tk/
Accept-Encoding
gzip, deflate, br
Cookie
svapi_lb_id=m3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://applearea.tk/

Response headers

Date
Sat, 20 Apr 2019 17:57:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Last-Modified
Tue, 22 Jan 2019 12:35:06 GMT
Vary
Accept-Encoding
ETag
W/"5c470dfa-195"
Expires
Mon, 20 May 2019 17:57:52 GMT
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Server
nginx
X-Upstream-CT
0.081
X-Upstream-HT
0.162
X-Upstream
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.mihanblog.com
URL
http://static.mihanblog.com//public/scripts/run/g.other.v3.js

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| c_$ function| setTodayDate number| sabavisionZonesCnt object| sabavisionZones object| commentCnt function| newComment function| setCommentCnt object| statInfo function| setStatVar function| getStatVar function| messageForm function| linkdailyForm object| MihanblogShopAdsArray function| GetMihanBlogShowAds function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| Email function| sendMail function| $ function| jQuery object| _gaq object| _gat object| gaGlobal object| sabavisionPoxJs number| sabavisionQueueInterval

8 Cookies

Domain/Path Name / Value
.api.sabavision.com/ Name: svapi_lb_id
Value: m3
.applearea.tk/ Name: __utmt
Value: 1
.applearea.tk/ Name: __utma
Value: 159751277.292448281.1555783072.1555783072.1555783072.1
.applearea.tk/ Name: __utmz
Value: 159751277.1555783072.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.applearea.tk/ Name: __utmb
Value: 159751277.1.10.1555783072
applearea.tk/ Name: appleicloud_ads_cnt
Value: 1
.applearea.tk/ Name: __utmc
Value: 159751277
.applearea.tk/ Name: __cfduid
Value: d7a6ea697285b50de4c99275e017723b51555783071

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.sabavision.com
applearea.tk
cdn.jsdelivr.net
file.mihanblog.com
smtpjs.com
ssl.google-analytics.com
static.mihanblog.com
stats.g.doubleclick.net
uupload.ir
www.apple.com
www.google.com
www.google.de
static.mihanblog.com
185.147.178.24
185.49.85.22
2606:4700:30::681b:a977
2606:4700::6810:5814
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9d
2a02:26f0:6c00:185::1aca
5.144.133.146
95.154.244.106
0ae7ffcf725196084be0b5f1e0a99d5ad4f419fcd8f1646fef97fcdb332ca524
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
1fff451121b3aa2245cd061328870dc1fd3bd57d2084651f3ae9cf6b1233c61e
2eeb0e29e56bf466798143ac76a5e6adcbf26873a8d941dac03100db24cd34f3
3d86ef48e167137ef7ba895554995f49185b1ba2b1e454d5bb2610fd776c7a4f
4bd1f80a0a4b8f09da275b0b83ba207eb51c34003fe0b556edca27f68a9f9542
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
59fc9b80c0b535fcecedb61a09ee0985786e2daac40ec77c455acb202f703cc3
841a15c57af7f10aa34f4c309392f2d902218d4a9031c44d3a4c63af7389e05d
a6a95cf0a5d70d70a5976b7d52c818ad324c03f51ea409180aa1731ae873433d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f320e4f998945b5c5bdc85568e9ca86c16813123c22e4b7367d3532327a7f4b9