gir.nitugame.ir Open in urlscan Pro
88.135.68.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gir.nitugame.ir/
Submission: On January 03 via api (January 3rd 2024, 3:42:11 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 18 HTTP transactions. The main IP is 88.135.68.99, located in Iran, Islamic Republic Of and belongs to MIZBANFA, IR. The main domain is gir.nitugame.ir.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.

This is the only time gir.nitugame.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	88.135.68.99 88.135.68.99	212296 (MIZBANFA) (MIZBANFA)
1	2600:9000:201... 2600:9000:201e:b200:1c:bccb:f100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	79.127.127.78 79.127.127.78	43754 (ASIATECH) (ASIATECH)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
3	165.227.57.6 165.227.57.6	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	142.251.16.148 142.251.16.148	15169 (GOOGLE) (GOOGLE)
1 1	23.21.111.110 23.21.111.110	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:24f... 2600:9000:24f4:6400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24e... 2600:9000:24ef:9e00:7:4bc6:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
18	9

7 88.135.68.99 (Iran, Islamic Republic Of)

ASN212296 (MIZBANFA, IR)
PTR: vip1wp.mizbanfadns.net

gir.nitugame.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:b200:1c:bccb:f100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.127.127.78 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir

www.shahrsakhtafzar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 165.227.57.6 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ca-16.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.111.110 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-111-110.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f4:6400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24ef:9e00:7:4bc6:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

track.activemetering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	nitugame.ir gir.nitugame.ir	215 KB
3	carbonads.net srv.carbonads.net — Cisco Umbrella Rank: 91264	4 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190 static.adsafeprotected.com — Cisco Umbrella Rank: 988	694 B
2	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 199	957 B
2	gstatic.com fonts.gstatic.com	38 KB
1	activemetering.com track.activemetering.com — Cisco Umbrella Rank: 5505	313 B
1	shahrsakhtafzar.com www.shahrsakhtafzar.com	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	894 B
1	carbonads.com cdn.carbonads.com — Cisco Umbrella Rank: 92896	9 KB
18	9

	Domain	Requested by
7	gir.nitugame.ir	gir.nitugame.ir
3	srv.carbonads.net	cdn.carbonads.com gir.nitugame.ir
2	ad.doubleclick.net	1 redirects gir.nitugame.ir
2	fonts.gstatic.com	fonts.googleapis.com
1	track.activemetering.com	gir.nitugame.ir
1	static.adsafeprotected.com	gir.nitugame.ir
1	pixel.adsafeprotected.com	1 redirects
1	www.shahrsakhtafzar.com	gir.nitugame.ir
1	fonts.googleapis.com	gir.nitugame.ir
1	cdn.carbonads.com	gir.nitugame.ir
18	10

This site contains links to these domains. Also see Links.

Domain
srv.carbonads.net
carbonads.net
rubika.ir
t.me

Subject Issuer	Validity	Valid
www.gir.nitugame.ir R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
cdn.carbonads.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
shahrsakhtafzar.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2023-09-28` - `2024-10-28`	a year	crt.sh
track.activemetering.com Amazon RSA 2048 M02	`2023-10-03` - `2024-10-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gir.nitugame.ir/
Frame ID: F07A3C6C92A81157CA93F7F1630A719A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

گنگستر ایرانی

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Carbon Ads (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

carbonads\.com

Page Statistics

18
Requests

89 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

311 kB
Transfer

602 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://srv.carbonads.net/ads/click/x/GTND427ECE7DK27LCWB4YKQUCTBD4KQ7CABDVZ3JCAYDV27LCWBDE2JKCVSI52QWCA7ICKQICKADK5QJF6BDE2QKC6SIT23LF6BDTK3EHJNCLSIZ

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=getbootstrapcom&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: https://rubika.ir/Arj_official
Title: ارتباط با ما

Search URL Search Domain Scan URL

URL: https://rubika.ir/gir_official
Title: روبیکا

Search URL Search Domain Scan URL

URL: https://t.me/gangster_irani
Title: تلگرام

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_pre=CMC2o6jHwYMDFZwciAkddPgPxw;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1

Request Chain 15

https://pixel.adsafeprotected.com/rfw/st/1566594/73361141/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$ HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gir.nitugame.ir/ 16 KB
4 KB 1573ms
228ms Document
text/html 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: 67ba0a1ef290c6cd981ca2188459b34ac7939d8400fa2c3cb3135eb6f5841b15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4034
content-type: text/html
date: Wed, 03 Jan 2024 15:42:04 GMT
last-modified: Sun, 10 Dec 2023 11:10:40 GMT
vary: Accept-Encoding

GET
H2 404 color-modes.js
gir.nitugame.ir/assets/js/ 0
0 229ms
226ms Script
text/html 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/assets/js/color-modes.js
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 15:42:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H2 200 carbon.js Show response
cdn.carbonads.com/ 32 KB
9 KB 207ms
61ms Script
application/javascript 2600:9000:201e:b200:1c:bccb:f100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKKJL&placement=getbootstrapcom
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:b200:1c:bccb:f100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2af9dd87170e5b2a054119bfebf4fa527010bd908329e95fa906448be6b02151

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:46:29 GMT
content-encoding: br
via: 1.1 077b94dab77b8114aebf503be197d7d8.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 15:37:33 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 21694
x-amz-server-side-encryption: AES256
etag: W/"9e48052a1022f1a25d41b00cd651d117"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NER4nAb7KgPXpSzvfmKHdPSQ3smP0OyTtluQwPObbaRi_9CKFO_vOg==

GET
H2 200 bootstrap.min.css
gir.nitugame.ir/assets/dist/css/ 227 KB
28 KB 483ms
481ms Stylesheet
text/css 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/assets/dist/css/bootstrap.min.css
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: 7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:04 GMT
content-encoding: br
last-modified: Tue, 30 May 2023 15:02:54 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28362
expires: Wed, 10 Jan 2024 15:42:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
894 B 170ms
60ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Vazirmatn:wght@500&display=swap

Requested by

Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286bc889a2cf7b80559086c3bed1f689078f58cf10d1f85c7546205ee2906b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 15:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 15:42:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 15:42:04 GMT

GET
H2 200 navbars-offcanvas.css
gir.nitugame.ir/ 185 B
238 B 706ms
705ms Stylesheet
text/css 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/navbars-offcanvas.css
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: eae4f74c5c5678cc4a2e84225d46345a991ddd6654ca210fc64224ca3b77fd5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/css
date: Wed, 03 Jan 2024 15:42:04 GMT
cache-control: public, max-age=604800
last-modified: Sat, 02 Dec 2023 17:53:12 GMT
accept-ranges: bytes
content-length: 185
expires: Wed, 10 Jan 2024 15:42:04 GMT

GET
H2 200 carousel.css
gir.nitugame.ir/ 1 KB
606 B 706ms
704ms Stylesheet
text/css 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/carousel.css
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: 214bc98980c346f9b1c6f8e7c8b9da6f2304c5e12ffb1b5192f14d75a1292d64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:04 GMT
content-encoding: br
last-modified: Thu, 30 Nov 2023 11:01:20 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 551
expires: Wed, 10 Jan 2024 15:42:04 GMT

GET
H2 200 Social-media-app-icons-stock-1920.jpg
www.shahrsakhtafzar.com/fa/images/1401/09/09/social-media/ 43 KB
43 KB 1126ms
430ms Image
image/jpeg 79.127.127.78
ASIATECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shahrsakhtafzar.com/fa/images/1401/09/09/social-media/Social-media-app-icons-stock-1920.jpg
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 79.127.127.78 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS: hosted-by.hostdl.com.asiatech.ir
Software: LiteSpeed /
Resource Hash: 13f19bc162820b249bb5c46d634956b39f36054394748bba5be9e7a581a92ff8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:05 GMT
last-modified: Fri, 09 Dec 2022 20:09:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 44216
expires: Wed, 10 Jan 2024 15:42:05 GMT

GET
H2 200 0.jpg
gir.nitugame.ir/assets/ 160 KB
160 KB 483ms
482ms Image
image/jpeg 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gir.nitugame.ir/assets/0.jpg
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: bbf4dfeb52b63a60ae2a8fab7c1fc0f652c511701e0cd85d14c9f64e7c86c1ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/jpeg
date: Wed, 03 Jan 2024 15:42:04 GMT
cache-control: public, max-age=604800
last-modified: Sun, 10 Dec 2023 10:59:07 GMT
accept-ranges: bytes
content-length: 163431
expires: Wed, 10 Jan 2024 15:42:04 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
gir.nitugame.ir/assets/dist/js/ 79 KB
22 KB 701ms
701ms Script
application/javascript 88.135.68.99
MIZBANFA

General

Check archive.org

Show headers Download Go to

Full URL: https://gir.nitugame.ir/assets/dist/js/bootstrap.bundle.min.js
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.135.68.99 , Iran, Islamic Republic Of, ASN212296 (MIZBANFA, IR),
Reverse DNS: vip1wp.mizbanfadns.net
Software: /
Resource Hash: aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:05 GMT
content-encoding: br
last-modified: Tue, 30 May 2023 15:02:54 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22431
expires: Wed, 10 Jan 2024 15:42:05 GMT

GET
H2 200 Dxx78j6PP2D_kU2muijPEe1n2vVbfJRklVozCRWT7lDF.woff2
fonts.gstatic.com/s/vazirmatn/v13/ 21 KB
21 KB 210ms
103ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vazirmatn/v13/Dxx78j6PP2D_kU2muijPEe1n2vVbfJRklVozCRWT7lDF.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Vazirmatn:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a915425676d23cfde214604a98059b55a4907e1117da724401131e97122fd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gir.nitugame.ir
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:05 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21756
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:54:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 15:42:05 GMT

GET
H2 200 Dxx78j6PP2D_kU2muijPEe1n2vVbfJRklVozCRCT7g.woff2
fonts.gstatic.com/s/vazirmatn/v13/ 16 KB
16 KB 197ms
90ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vazirmatn/v13/Dxx78j6PP2D_kU2muijPEe1n2vVbfJRklVozCRCT7g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Vazirmatn:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb720576c967de24d64f87b82807ae8fa8fc77e6189f0cbd1df46208e3b11c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gir.nitugame.ir
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:05 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 15:42:05 GMT

OPTIONS
H2 200 CKYIKKJL.json
srv.carbonads.net/ads/ 0
0 448ms
99ms Preflight 165.227.57.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIKKJL.json?segment=placement:getbootstrapcom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.57.6 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client,x-origin
Access-Control-Request-Method: GET
Origin: https://gir.nitugame.ir
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-length: 23
date: Wed, 03 Jan 2024 15:42:05 GMT
server: //srv.buysellads.com
vary: Accept-Encoding

GET
H2 200 CKYIKKJL.json Show response
srv.carbonads.net/ads/ 2 KB
1 KB 94ms
94ms Fetch
application/json 165.227.57.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIKKJL.json?segment=placement:getbootstrapcom
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKKJL&placement=getbootstrapcom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.57.6 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 97b57d29050702efbfc6ab4ca1b98803c17b52b93b6cfd057a994249b3d79fa9

Request headers

Referer: https://gir.nitugame.ir/
x-origin: https://gir.nitugame.ir/
accept-language: en-US,en;q=0.9
x-client: carbon.js/20231113 (serveUrl:CKYIKKJL;serve:CKYIKKJL)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:05 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 996

GET
H2 200 f2d5d31fc61ac45219380769d2c4dfcda54f8f41
srv.carbonads.net/static/30242/ 3 KB
3 KB 279ms
93ms Image
image/png 165.227.57.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.carbonads.net/static/30242/f2d5d31fc61ac45219380769d2c4dfcda54f8f41
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.57.6 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ca-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 53403cadc3ec73b84fc4bb81954d9bbd246d9ecafe2d603b7b92c105f1ca4e6f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:06 GMT
content-encoding: gzip
server: //srv.buysellads.com
etag: f2d5d31fc61ac45219380769d2c4dfcda54f8f41
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800, immutable
content-length: 2584

GET
H2

200

B30182242.374033662;dc_pre=CMC2o6jHwYMDFZwciAkddPgPxw;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_pre=CMC2o6jHwYMDFZwciAkddPgPxw;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag...

42 B
349 B

72ms
71ms

Image
image/gif

142.251.16.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_pre=CMC2o6jHwYMDFZwciAkddPgPxw;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?

Requested by

Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/

Protocol

Server

142.251.16.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f148.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 15:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 15:42:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1224323.3091281BUYSELLADS/B30182242.374033662;dc_pre=CMC2o6jHwYMDFZwciAkddPgPxw;dc_trk_aid=564874079;dc_trk_cid=196977221;ord=170429653;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1566594/73361141/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$
https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$

43 B
482 B

188ms
54ms

Image
image/gif

2600:9000:24f4:6400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Server: 2600:9000:24f4:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 1980744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: JcjxtfjPFM7X9meprE916loM-m9X2aGZTU-MSubjT0ZshkDxdcvjDw==

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 15:42:06 GMT
server: nginx
x-server-name: app13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$
cache-control: no-cache
content-length: 0

GET
H2 200 pixel.gif
track.activemetering.com/pixel/v1/all/ 43 B
313 B 307ms
139ms Image
image/gif 2600:9000:24ef:9e00:7:4bc6:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.activemetering.com/pixel/v1/all/pixel.gif?cid=2d43deb9-b3c6-493a-9ff1-e5b8facb2580&creativeId=196977221&placementId=374033662
Requested by: Host: gir.nitugame.ir
URL: https://gir.nitugame.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24ef:9e00:7:4bc6:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gir.nitugame.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:42:06 GMT
via: 1.1 184a95922b126979aa787a0b813895fe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: BOS50-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: uwVGo2N_tJJBNWrb1K6NHZhBChK9-SQxP9EDiPM0V8Qxjp3N5LxCIg==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 21:44:08	Name: APC Value: AfxxVi7f3xVA9Z_MfH528DOCY_Z_FB4XRl_ebRvnqWWBhTqAvczAEA
			.doubleclick.net/	1970-01-20 17:24:57	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gir.nitugame.ir/assets/js/color-modes.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.carbonads.com
fonts.googleapis.com
fonts.gstatic.com
gir.nitugame.ir
pixel.adsafeprotected.com
srv.carbonads.net
static.adsafeprotected.com
track.activemetering.com
www.shahrsakhtafzar.com
142.251.16.148
165.227.57.6
23.21.111.110
2600:9000:201e:b200:1c:bccb:f100:93a1
2600:9000:24ef:9e00:7:4bc6:d200:93a1
2600:9000:24f4:6400:8:48e:53c0:93a1
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::5f
79.127.127.78
88.135.68.99
13f19bc162820b249bb5c46d634956b39f36054394748bba5be9e7a581a92ff8
214bc98980c346f9b1c6f8e7c8b9da6f2304c5e12ffb1b5192f14d75a1292d64
286bc889a2cf7b80559086c3bed1f689078f58cf10d1f85c7546205ee2906b81
2af9dd87170e5b2a054119bfebf4fa527010bd908329e95fa906448be6b02151
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
53403cadc3ec73b84fc4bb81954d9bbd246d9ecafe2d603b7b92c105f1ca4e6f
67ba0a1ef290c6cd981ca2188459b34ac7939d8400fa2c3cb3135eb6f5841b15
7a915425676d23cfde214604a98059b55a4907e1117da724401131e97122fd8a
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
97b57d29050702efbfc6ab4ca1b98803c17b52b93b6cfd057a994249b3d79fa9
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbf4dfeb52b63a60ae2a8fab7c1fc0f652c511701e0cd85d14c9f64e7c86c1ab
ceb720576c967de24d64f87b82807ae8fa8fc77e6189f0cbd1df46208e3b11c0
eae4f74c5c5678cc4a2e84225d46345a991ddd6654ca210fc64224ca3b77fd5f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

gir.nitugame.ir Open in urlscan Pro 88.135.68.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

9 IPs

2 Countries

311 kBTransfer

602 kBSize

2 Cookies

5 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

gir.nitugame.ir Open in urlscan Pro
88.135.68.99 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

311 kB
Transfer

602 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions