Submitted URL: http://u.em6.zkm.co.ir//
Effective URL: http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
Submission: On September 10 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 109.206.254.85, located in Iran, Islamic Republic Of and belongs to AADP, IR. The main domain is u.em6.zkm.co.ir.
This is the only time u.em6.zkm.co.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 109.206.254.85 25264 (AADP)
2 1
Apex Domain
Subdomains
Transfer
2 righnet.com
righnet.com
980 KB
2 zkm.co.ir
u.em6.zkm.co.ir
3 KB
2 2
Domain Requested by
2 righnet.com 1 redirects u.em6.zkm.co.ir
2 u.em6.zkm.co.ir 1 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
*.righnet.com
R3
2021-07-15 -
2021-10-13
3 months crt.sh

This page contains 1 frames:

Primary Page: http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
Frame ID: CB6D2AE865AE5ABFA1A54FA809B7534F
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Righnet: Account Suspended

Page URL History Show full URLs

  1. http://u.em6.zkm.co.ir// HTTP 302
    http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

982 kB
Transfer

985 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u.em6.zkm.co.ir// HTTP 302
    http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://righnet.com/server/1.jpg HTTP 301
  • https://righnet.com/server/1.jpg

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request suspendedpage.cgi
u.em6.zkm.co.ir/cgi-sys/
Redirect Chain
  • http://u.em6.zkm.co.ir//
  • http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
5 KB
3 KB
Document
General
Full URL
http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
Protocol
HTTP/1.1
Server
109.206.254.85 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS
maknanet.com
Software
Apache /
Resource Hash
434f9b65a03c4326bf940748d6c5a9b974a82a5cc4fb4f6458d34a71e563ec11

Request headers

Host
u.em6.zkm.co.ir
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 10 Sep 2021 16:16:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
2384
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Fri, 10 Sep 2021 16:16:03 GMT
Server
Apache
Location
http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
Content-Length
232
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
1.jpg
righnet.com/server/
Redirect Chain
  • http://righnet.com/server/1.jpg
  • https://righnet.com/server/1.jpg
979 KB
979 KB
Image
General
Full URL
https://righnet.com/server/1.jpg
Requested by
Host: u.em6.zkm.co.ir
URL: http://u.em6.zkm.co.ir/cgi-sys/suspendedpage.cgi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.206.254.85 , Iran, Islamic Republic Of, ASN25264 (AADP, IR),
Reverse DNS
maknanet.com
Software
Apache /
Resource Hash
8de75dfa00f05985101421cf4938fec15c25bfe46d04e3ec973ad09a57dd6b91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u.em6.zkm.co.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 16:16:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Jan 2020 12:00:00 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1002613
Expires
Sat, 10 Sep 2022 16:16:04 GMT

Redirect headers

Date
Fri, 10 Sep 2021 16:16:03 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://righnet.com/server/1.jpg
Cache-Control
max-age=3600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
240
Expires
Fri, 10 Sep 2021 17:16:03 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| style string| keyFrames number| end number| a number| b number| timer function| startTimer

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

righnet.com
u.em6.zkm.co.ir
109.206.254.85
434f9b65a03c4326bf940748d6c5a9b974a82a5cc4fb4f6458d34a71e563ec11
8de75dfa00f05985101421cf4938fec15c25bfe46d04e3ec973ad09a57dd6b91