noorayi.lxb.ir Open in urlscan Pro
185.173.105.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://noorayi.lxb.ir/
Submission: On January 26 via api (January 26th 2024, 8:20:03 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 16 HTTP transactions. The main IP is 185.173.105.107, located in Iran, Islamic Republic Of and belongs to HOSTIRAN-NETWORK, IR. The main domain is noorayi.lxb.ir.

This is the only time noorayi.lxb.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.173.105.107 185.173.105.107	59441 (HOSTIRAN-...) (HOSTIRAN-NETWORK)
2 3	2a01:4f8:c012... 2a01:4f8:c012:b293::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3037::ac43:c214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.157.56.124 78.157.56.124	62442 (DADE-SAMA...) (DADE-SAMANE-FANAVA www.Fanavaidc.com)
1	185.10.72.168 185.10.72.168	61055 (IRANHOST-AS) (IRANHOST-AS)
1	185.141.213.248 185.141.213.248	43754 (ASIATECH) (ASIATECH)
1	199.59.243.225 199.59.243.225	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4f8:1c1b... 2a01:4f8:1c1b:1b4d::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f9:c010... 2a01:4f9:c010:c8::1	24940 (HETZNER-AS) (HETZNER-AS)
1	149.56.240.131 149.56.240.131	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
16	14

2 185.173.105.107 (Iran, Islamic Republic Of)

ASN59441 (HOSTIRAN-NETWORK, IR)
PTR: 185-173-105-107.static.hostiran.name

noorayi.lxb.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:c012:b293::1 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

v1.fontapi.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fontcdn.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c214 (United States)

ASN13335 (CLOUDFLARENET, US)

evazzadeh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.157.56.124 (Iran, Islamic Republic Of)

ASN62442 (DADE-SAMANE-FANAVA www.Fanavaidc.com, IR)

static.neshanmap.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.10.72.168 (Iran, Islamic Republic Of)

ASN61055 (IRANHOST-AS, IR)
PTR: mail.orana.ir

sanandaj.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.141.213.248 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: rosha.shetabanhost.com

parmatik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.59.243.225 (United States)

ASN16509 (AMAZON-02, US)

www.loxbazar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:1c1b:1b4d::1 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)

de03.cdn.servr.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f9:c010:c8::1 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)

fl05.cdn.servr.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
2	servr.ir de03.cdn.servr.ir fl05.cdn.servr.ir	86 KB
2	fontcdn.ir 2 redirects cdn.fontcdn.ir — Cisco Umbrella Rank: 595511	397 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	5 KB
2	lxb.ir noorayi.lxb.ir	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	82 KB
1	loxbazar.com www.loxbazar.com
1	parmatik.com parmatik.com	596 KB
1	sanandaj.ir sanandaj.ir	85 KB
1	neshanmap.ir static.neshanmap.ir — Cisco Umbrella Rank: 504565	590 KB
1	evazzadeh.com evazzadeh.com	17 KB
1	fontapi.ir v1.fontapi.ir — Cisco Umbrella Rank: 568933	723 B
16	12

	Domain	Requested by
2	cdn.fontcdn.ir	2 redirects
2	www.google-analytics.com	noorayi.lxb.ir www.google-analytics.com
2	noorayi.lxb.ir	noorayi.lxb.ir
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	s4.histats.com	s10.histats.com
1	fl05.cdn.servr.ir	v1.fontapi.ir
1	de03.cdn.servr.ir	v1.fontapi.ir
1	s10.histats.com	noorayi.lxb.ir
1	www.loxbazar.com	noorayi.lxb.ir
1	parmatik.com	noorayi.lxb.ir
1	sanandaj.ir	noorayi.lxb.ir
1	static.neshanmap.ir	noorayi.lxb.ir
1	evazzadeh.com	noorayi.lxb.ir
1	v1.fontapi.ir	noorayi.lxb.ir
16	15

This site contains links to these domains. Also see Links.

Domain
www.nouraei9.ir
eitaa.com
www.histats.com

Subject Issuer	Validity	Valid
v1.fontapi.ir R3	`2023-12-30` - `2024-03-29`	3 months	crt.sh
evazzadeh.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.neshanmap.ir Certum Domain Validation CA SHA2	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.sanandaj.ir Certum Domain Validation CA SHA2	`2023-03-28` - `2024-03-27`	a year	crt.sh
parmatik.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://noorayi.lxb.ir/
Frame ID: 68D7CD7B3485B8A464F2F1E2B49714E7
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

دبیرستان دوره ی اول شهید نورائی

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

16
Requests

56 %
HTTPS

57 %
IPv6

12
Domains

15
Subdomains

14
IPs

5
Countries

1488 kB
Transfer

1679 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nouraei9.ir/MSchool/Teacher.aspx?TID=772944415D004C013854540C54434221#/THome
Title: گروه عربی

Search URL Search Domain Scan URL

URL: https://www.nouraei9.ir/MSchool/Teacher.aspx?TID=772944415D004C013854540C54424221#/THome
Title: گروه زبان انگلیسی

Search URL Search Domain Scan URL

URL: https://www.nouraei9.ir/MSchool/Teacher.aspx?TID=772944415D004C013854540C55364221#/THome
Title: گروه علوم تجربی

Search URL Search Domain Scan URL

URL: https://www.nouraei9.ir/MSchool/Teacher.aspx?TID=772944415D004C013854540C55374221#/THome
Title: گروه ریاضی

Search URL Search Domain Scan URL

URL: https://www.nouraei9.ir/MSchool/Teacher.aspx?TID=772944415D014C01382E540C54454221754A054B#/THome
Title: انجمن تست

Search URL Search Domain Scan URL

URL: https://eitaa.com/nouraei9
Title: کانال ایتا

Search URL Search Domain Scan URL

URL: http://www.histats.com/
Title: try {Histats.start(1,1408941,4,0,0,0,'00000000');Histats.track_hits();} catch(err){};

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 9

https://cdn.fontcdn.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2 HTTP 302
https://de03.cdn.servr.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2

Request Chain 10

https://cdn.fontcdn.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2 HTTP 302
https://fl05.cdn.servr.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
noorayi.lxb.ir/ 12 KB
4 KB 627ms
102ms Document
text/html 185.173.105.107
HOSTIRAN-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: http://noorayi.lxb.ir/
Protocol: HTTP/1.1
Server: 185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS: 185-173-105-107.static.hostiran.name
Software: nginx/1.18.0 /
Resource Hash: f18e05047747daa4ae4b75eed6e4d75b0da2270328ed6304a6b42c8285976515

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Jan 2024 08:19:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0
Transfer-Encoding: chunked

GET
H2 200 Vazir
v1.fontapi.ir/css/ 2 KB
723 B 116ms
33ms Stylesheet
text/css 2a01:4f8:c012:b293::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.fontapi.ir/css/Vazir
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c012:b293::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9eeb133eb328cfe706b63108a5129e56f832843bcb2ecb837c3c86194d575821

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:19:58 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, stale-while-revalidate=172800

GET
H2 200 Iran_Allah.png
evazzadeh.com/dl/2013/12/ 17 KB
17 KB 289ms
198ms Image
image/png 2606:4700:3037::ac43:c214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evazzadeh.com/dl/2013/12/Iran_Allah.png
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56a2c3cc7ba86f95605400803932312e6ce81b891451c720e7e80cdb84d2e396

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id: 46884fc7ec9010ae2292382c5915b0b53e6664c0
date: Fri, 26 Jan 2024 08:19:58 GMT
via: 1.1 varnish
expires: Fri, 26 Jan 2024 08:29:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 17123
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Sun, 26 Feb 2023 21:29:49 GMT
server: cloudflare
x-github-request-id: 32FE:0DEA:108DE87:10D860B:65B36B2E
x-timer: S1706257199.567023,VS0,VE110
etag: "63fbcf4d-42e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZDv7248HP2vN%2Ftf2qLzML1mF0Rs1qTPOK%2B0eL20j5rmOewXQRgnkuHthDfMx9sn7bbf7hoGPo4gYTtPKhHKg6rmEqFNVnEtBGPIWDStsyxRUnvEgTjgv1JEfJtXGaJHanByU7Y%2FdrEwk4n3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84b75582dc9b3c99-CDG
x-cache-hits: 0

GET
H2 200 296342_709037--%D9%85%D8%AF%D8%B1%D8%B3%D9%87-%D8%B4%D9%87%DB%8C%D8%AF-%D9%86%D9%88%D8%B1%D8%A7%DB%8C%DB%8C.jpeg
static.neshanmap.ir/places/images/794/ 589 KB
590 KB 318ms
104ms Image
image/png 78.157.56.124
DADE-SAMANE-FANAV...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.neshanmap.ir/places/images/794/296342_709037--%D9%85%D8%AF%D8%B1%D8%B3%D9%87-%D8%B4%D9%87%DB%8C%D8%AF-%D9%86%D9%88%D8%B1%D8%A7%DB%8C%DB%8C.jpeg
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.157.56.124 , Iran, Islamic Republic Of, ASN62442 (DADE-SAMANE-FANAVA www.Fanavaidc.com, IR),
Reverse DNS
Software: nginx /
Resource Hash: 6f172e1282ae167427e592ab958ec7cfa9fdd90ae7fc058b76ca49a11ad26252

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:19:58 GMT
nsh-region: rg-1
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 08:50:43 GMT
server: nginx
nsh-request-id: 9a28284e2a9748a3130043155dbe7ebe
etag: W/"64fc31e3-93581"
vary: Accept-Encoding, Accept-Encoding
x-serve-via: ost2
content-type: image/jpeg, image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
nsh-cache: MISS

GET
H2 200 comming-soon.gif
sanandaj.ir/uploads/1/2023/Aug/15/ 85 KB
85 KB 633ms
191ms Image
image/gif 185.10.72.168
IRANHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sanandaj.ir/uploads/1/2023/Aug/15/comming-soon.gif

Requested by

Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.10.72.168 , Iran, Islamic Republic Of, ASN61055 (IRANHOST-AS, IR),

Reverse DNS

mail.orana.ir

Software

Resource Hash

48cdffb1197112a3767f149a30ac01d93bac98a047b01af34b21f6063f0077fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:19:58 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Aug 2023 08:28:01 GMT
etag: "2f58a26752cfd91:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000
feature-policy: sync-xhr 'self'
accept-ranges: bytes
content-length: 86550
x-xss-protection: 1; mode=block

GET
H2 200 design-logo-motion.gif
parmatik.com/wp-content/uploads/2020/06/ 596 KB
596 KB 410ms
100ms Image
image/gif 185.141.213.248
ASIATECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://parmatik.com/wp-content/uploads/2020/06/design-logo-motion.gif
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.141.213.248 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS: rosha.shetabanhost.com
Software: /
Resource Hash: 214e0c93529fa2087e22d76475f7f79b0eab11ba649f8e253c8dd0095f49a521

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:19:58 GMT
last-modified: Sat, 11 Jul 2020 10:51:02 GMT
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 610035
expires: Fri, 02 Feb 2024 08:19:58 GMT

GET
H/1.1 200
OK sckie.php
www.loxbazar.com/ 0
0 329ms
203ms Image
text/html 199.59.243.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.loxbazar.com/sckie.php?wid=976639
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: HTTP/1.1
Server: 199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1 200
OK livecounter.php Show response
noorayi.lxb.ir/important/ 19 B
236 B 94ms
94ms XHR
text/html 185.173.105.107
HOSTIRAN-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: http://noorayi.lxb.ir/important/livecounter.php?wid=976639&ads=1
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: HTTP/1.1
Server: 185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS: 185-173-105-107.static.hostiran.name
Software: nginx/1.18.0 /
Resource Hash: 7d20b81f0f18f8ca5a598f985fc31d316efbccb902a4bfc4c85c8d3e02347112

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 08:19:58 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

71ms
21ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/

Protocol

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 07:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1909
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 09:48:09 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK js15.js Show response
s10.histats.com/ 11 KB
5 KB 74ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15.js
Requested by: Host: noorayi.lxb.ir
URL: http://noorayi.lxb.ir/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://noorayi.lxb.ir/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 26 Jan 2024 08:19:58 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Server: cloudflare
Age: 75349
ETag: "980881274"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 84b755833c163801-FRA
Content-Length: 4405

GET
H/1.1

200
OK

3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2
de03.cdn.servr.ir/Fonts/Vazir/
Redirect Chain

https://cdn.fontcdn.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2
https://de03.cdn.servr.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2

43 KB
44 KB

133ms
44ms

Font
application/octet-stream

2a01:4f8:1c1b:1b4d::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de03.cdn.servr.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2
Requested by: Host: v1.fontapi.ir
URL: https://v1.fontapi.ir/css/Vazir
Protocol: HTTP/1.1
Server: 2a01:4f8:1c1b:1b4d::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v1.fontapi.ir/css/Vazir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 08:19:58 GMT
Last-Modified: Thu, 30 Mar 2023 19:28:29 GMT
Server: nginx/1.14.1
ETag: "6425e2dd-acf0"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, stale-while-revalidate=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44272

Redirect headers

location: https://de03.cdn.servr.ir/Fonts/Vazir/3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b.woff2
access-control-allow-origin: *
date: Fri, 26 Jan 2024 08:19:58 GMT
server: nginx
x-proper-cdn: de03
x-client-region: #ir
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2
fl05.cdn.servr.ir/Fonts/Vazir/
Redirect Chain

https://cdn.fontcdn.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2
https://fl05.cdn.servr.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2

42 KB
43 KB

254ms
112ms

Font
application/octet-stream

2a01:4f9:c010:c8::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fl05.cdn.servr.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2
Requested by: Host: v1.fontapi.ir
URL: https://v1.fontapi.ir/css/Vazir
Protocol: HTTP/1.1
Server: 2a01:4f9:c010:c8::1 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://v1.fontapi.ir/css/Vazir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 08:19:58 GMT
Last-Modified: Thu, 30 Mar 2023 19:28:29 GMT
Server: nginx/1.14.1
ETag: "6425e2dd-a9b0"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, stale-while-revalidate=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43440

Redirect headers

location: https://fl05.cdn.servr.ir/Fonts/Vazir/d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8.woff2
access-control-allow-origin: *
date: Fri, 26 Jan 2024 08:19:58 GMT
server: nginx
x-proper-cdn: fl05
x-client-region: #ir
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 47 B
181 B 340ms
111ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?1408941&@f16&@g1&@h1&@i1&@j1706257198622&@k0&@l1&@m%D8%AF%D8%A8%DB%8C%D8%B1%D8%B3%D8%AA%D8%A7%D9%86%20%D8%AF%D9%88%D8%B1%D9%87%20%DB%8C%20%D8%A7%D9%88%D9%84%20%D8%B4%D9%87%DB%8C%D8%AF%20%D9%86%D9%88%D8%B1%D8%A7%D8%A6%DB%8C&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-184077961&@b3:1706257199&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fnoorayi.lxb.ir%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 08:19:58 GMT
Connection: close
Content-Length: 47
Content-Type: text/html;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 30ms
29ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1534548573&t=pageview&_s=1&dl=http%3A%2F%2Fnoorayi.lxb.ir%2F&ul=en-us&de=UTF-8&dt=%D8%AF%D8%A8%DB%8C%D8%B1%D8%B3%D8%AA%D8%A7%D9%86%20%D8%AF%D9%88%D8%B1%D9%87%20%DB%8C%20%D8%A7%D9%88%D9%84%20%D8%B4%D9%87%DB%8C%D8%AF%20%D9%86%D9%88%D8%B1%D8%A7%D8%A6%DB%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=463627125&gjid=1126894599&cid=227530813.1706257199&tid=UA-52170159-2&_gid=2015749374.1706257199&_r=1&_slc=1&z=367808619

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5de801aa9e0f734ad995493897db37f9fd9c6741ad6c27ca587ae836ed79cd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://noorayi.lxb.ir/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 08:19:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://noorayi.lxb.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KEGS4GD4V2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01d398fb05474ac0331150dc265daf48d677f892e183f8afec19041761484d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:19:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 08:19:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 80ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KEGS4GD4V2&gtm=45je41o0v9120758012&_p=1706257198670&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=227530813.1706257199&_eu=ABAI&_s=1&dl=http%3A%2F%2Fnoorayi.lxb.ir%2F&dt=%D8%AF%D8%A8%DB%8C%D8%B1%D8%B3%D8%AA%D8%A7%D9%86%20%D8%AF%D9%88%D8%B1%D9%87%20%DB%8C%20%D8%A7%D9%88%D9%84%20%D8%B4%D9%87%DB%8C%D8%AF%20%D9%86%D9%88%D8%B1%D8%A7%D8%A6%DB%8C&sid=1706257198&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1016
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEGS4GD4V2&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://noorayi.lxb.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 08:19:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://noorayi.lxb.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
noorayi.lxb.ir/	1970-01-20 17:59:03	Name: lxbmobitel6first Value: 1706257198
noorayi.lxb.ir/	1969-12-31 23:59:59	Name: PHPSESSID Value: p02fvu9igdg99h4gq44bldfqv1
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstCfa1408941 Value: 1706257198622
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstCla1408941 Value: 1706257198622
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstCmu1408941 Value: 1706257198622
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstPn1408941 Value: 1
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstPt1408941 Value: 1
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstCnv1408941 Value: 1
noorayi.lxb.ir/	1970-01-21 02:43:13	Name: HstCns1408941 Value: 1
.lxb.ir/	1970-01-21 03:33:37	Name: _ga Value: GA1.2.227530813.1706257199
.lxb.ir/	1970-01-20 17:59:03	Name: _gid Value: GA1.2.2015749374.1706257199
.lxb.ir/	1970-01-20 17:57:37	Name: _gat Value: 1
.lxb.ir/	1970-01-21 03:33:37	Name: _ga_KEGS4GD4V2 Value: GS1.2.1706257198.1.0.1706257198.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://noorayi.lxb.ir/(Line 442) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://noorayi.lxb.ir/(Line 442) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fontcdn.ir
de03.cdn.servr.ir
evazzadeh.com
fl05.cdn.servr.ir
noorayi.lxb.ir
parmatik.com
region1.google-analytics.com
s10.histats.com
s4.histats.com
sanandaj.ir
static.neshanmap.ir
v1.fontapi.ir
www.google-analytics.com
www.googletagmanager.com
www.loxbazar.com
149.56.240.131
185.10.72.168
185.141.213.248
185.173.105.107
199.59.243.225
2001:4860:4802:32::36
2606:4700:10::6814:4f63
2606:4700:3037::ac43:c214
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
2a01:4f8:1c1b:1b4d::1
2a01:4f8:c012:b293::1
2a01:4f9:c010:c8::1
78.157.56.124
01d398fb05474ac0331150dc265daf48d677f892e183f8afec19041761484d56
214e0c93529fa2087e22d76475f7f79b0eab11ba649f8e253c8dd0095f49a521
3b2277e82a583c9f91de41aa9e198a14d7ef7f4ccd04828abdd623acd116a88b
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
48cdffb1197112a3767f149a30ac01d93bac98a047b01af34b21f6063f0077fa
56a2c3cc7ba86f95605400803932312e6ce81b891451c720e7e80cdb84d2e396
5de801aa9e0f734ad995493897db37f9fd9c6741ad6c27ca587ae836ed79cd80
6f172e1282ae167427e592ab958ec7cfa9fdd90ae7fc058b76ca49a11ad26252
7d20b81f0f18f8ca5a598f985fc31d316efbccb902a4bfc4c85c8d3e02347112
9eeb133eb328cfe706b63108a5129e56f832843bcb2ecb837c3c86194d575821
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
d783603a0dd07db6896ecd8a3460e2256a48dca62373a0478706a05490c1a2d8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f18e05047747daa4ae4b75eed6e4d75b0da2270328ed6304a6b42c8285976515

noorayi.lxb.ir Open in urlscan Pro 185.173.105.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

56 %HTTPS

57 %IPv6

12 Domains

15 Subdomains

14 IPs

5 Countries

1488 kBTransfer

1679 kBSize

13 Cookies

7 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

13 Cookies

2 Console Messages

Indicators

noorayi.lxb.ir Open in urlscan Pro
185.173.105.107 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

56 %
HTTPS

57 %
IPv6

12
Domains

15
Subdomains

14
IPs

5
Countries

1488 kB
Transfer

1679 kB
Size

13
Cookies

16 HTTP transactions
0 data transactions