Exposing a Currently Active Domain Portfolio Managed and Operated by Members of the Ashiyane Digital Security Team - An OSINT Analysis | WhoisXML API

White Papers

Read other articles

Exposing a Currently Active Domain Portfolio Managed and Operated by Members of the Ashiyane Digital Security Team - An OSINT Analysis

Exposing a Currently Active Domain Portfolio Managed and Operated by Members of the Ashiyane Digital Security Team - An OSINT Analysis

We’ve decided to take a closer look at the current and historical domain portfolio managed and operated by members of Iran’s Ashiyane Digital Security Team using Maltego in combination with WhoisXML API’s integration for the purpose of providing actionable threat intelligence including to assist fellow researchers vendors and organization on their way to track down and monitor the Internet connected infrastructure of key members of Iran’s Ashiyane Digital Security Team for the purpose of monitoring it and attempting to take it offline.

In this article, we’ll provide actionable intelligence on some of the currently active domains managed run and operated by Iran’s Ashiyane Digital Security Team with the idea to assist fellow researchers vendors and organizations on their way to track down and monitor the infrastructure managed run and operated by Iran’s Ashiyane Digital Security Team.

A list of currently active domain portfolio known to be managed and operated by members of Iran’s Ashiyane Digital Security Team:

  • life-guard[.]ir
  • sepahan-trans[.]ir
  • kashanit[.]ir
  • websazangroup[.]ir
  • namvarnameybastan[.]ir
  • ashiyane-ads[.]com
  • tamamkar-chalous[.]ir
  • padidehafagh[.]com
  • padideafagh[.]com
  • bahmanshahreza[.]com
  • vatanpaydar[.]com
  • pkpersian[.]net
  • xn--wgba3di6y7p[.]com
  • jonoobhost[.]net
  • mahmoudbahmani[.]ir
  • piremehr[.]ir
  • shahrepars[.]ir
  • 3diamond[.]ir
  • mhdcard[.]com
  • ashiyanecrm[.]com
  • tabta2[.]com
  • ashiyane-bot[.]ir
  • projejob[.]ir
  • rizone[.]ir
  • iedb[.]ir
  • unmobile[.]ir
  • razmaraa[.]ir
  • tabrizigold[.]ir
  • galleryfirozeh[.]ir
  • foroozanborj[.]ir
  • unicornart[.]ir
  • rahnamayeiran[.]ir
  • iranhack[.]ir
  • shomalbeauty[.]ir
  • andishehig[.]ir
  • meelk[.]ir
  • tamamkar-sari[.]ir
  • namehybastan[.]ir
  • chemiiran[.]ir
A list of currently active domain portfolio known to have been registered managed and operated by members of Iran’s Ashiyane Digital Security Team

A list of currently active domain portfolio known to have been registered managed and operated by members of Iran’s Ashiyane Digital Security Team:

  • websazanco[.]ir
  • rahnamayeiran[.]ir
  • maz-laa[.]ir
  • esnikan[.]ir
  • foroozanborj[.]ir
  • royall-shop[.]ir
  • ashiyane[.]ir
  • chemiiran[.]ir
  • account-yahoo[.]com
  • arshiasanat-babol[.]ir
  • ashiyane-ads[.]com
  • jahandarco[.]ir
  • momtazbarbari[.]ir
  • pouyaandishan-mazand[.]ir
  • shomalbeauty[.]ir
  • tractorsazi[.]com
  • aleyaasin[.]com
  • farsmarket[.]com
  • englishdl[.]com
  • zproje[.]ir
  • projejob[.]ir
  • songdownload[.]ir
  • ashiyanesms[.]com
  • ihybrid[.]us
  • drsjalili[.]com
  • ashiyane[.]org
  • ashiyanecrm[.]com
  • ashiyanehost[.]com
  • ashiyanex[.]com
  • rasht-samacollege[.]ir
  • instapacks[.]ir
  • bahmanshahreza[.]com
  • shaahreza[.]com
  • shahrezanews[.]com
  • taktaweb[.]net
  • javannovin[.]com
  • padidehafagh[.]com
  • padideafagh[.]com
  • sahebnews[.]com
  • nasiri[.]info
  • taktaweb[.]org
  • bamemar[.]com
  • talakesht[.]com
  • sepahan-trans[.]ir
  • opencart5[.]ir
  • rasulsh[.]ir
  • kashanit[.]ir
  • facebooktu[.]com
  • life-guard[.]ir
  • pr0grammers[.]ir
  • lammer[.]ir
  • sepahantrans[.]ir
  • facecode[.]ir
  • iranhack[.]org
  • aryanenergy[.]org
  • khsmt-sabzevar[.]com
  • orveh[.]com
  • tipec[.]org
  • iranhack[.]ir
  • shantya3d[.]ir
  • razmaraa[.]ir
  • soroshland[.]ir
  • galleryfirozeh[.]ir
  • unicornart[.]ir
  • shahrepars[.]ir
  • 3diamond[.]ir
  • ashiyane-bot[.]ir
  • mahmoudbahmani[.]ir
  • piremehr[.]ir
  • dcligner[.]com
  • tabta2[.]com
  • chipiran[.]org
  • ashiyanebot[.]ir
  • bnls[.]ir
  • lamroid[.]com
  • persiandutyfree[.]com
  • iran3erver[.]com
  • hivacom[.]com
  • irantwitter[.]com
  • persian-pasargad[.]com
  • chatafg[.]com
  • kasraprofile[.]com
  • gharnict[.]com
  • minachoob[.]com
  • gigmeg[.]com
  • shoka-chat[.]com
  • serajmehr[.]com
  • asrarweb[.]com
  • niazezamuneh[.]com
  • sana-mobile[.]com
  • rizone[.]ir
  • iedb[.]ir
  • unmobile[.]ir
  • progmans[.]com
  • design84u[.]com
  • istgah-salavati[.]com
  • iranhack[.]net
  • shantya3d[.]com
  • kamelannews[.]com
  • rangeshab[.]com
  • dihim[.]com
  • hdphysics[.]com
  • cgsolar[.]net
  • vahidelmi[.]ir
  • maincoretechnology[.]com
  • bastanteam[.]com
  • vvfa[.]com
  • Irsecteam[.]org

We’ll continue to monitor for new domain registrations courtesy of Iran’s Ashiyane Digital Security Team and we’ll post updates as soon as new developments take place.

Read other articles
Try our WhoisXML API for free
Get started
Have questions?

We are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.

Or shoot us an email to