user.s1d1.ir Open in urlscan Pro
185.143.234.120 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.s1d1.ir/
Submission: On December 16 via automatic, source certstream-suspicious (December 16th 2023, 11:18:25 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 185.143.234.120, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is user.s1d1.ir.
TLS certificate: Issued by R3 on December 14th 2023. Valid for: 3 months.

This is the only time user.s1d1.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	185.143.234.120 185.143.234.120		205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
9	1

9 185.143.234.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

user.s1d1.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	s1d1.ir user.s1d1.ir	313 KB
9	1

	Domain	Requested by
9	user.s1d1.ir	user.s1d1.ir
9	1

This site contains no links.

Subject Issuer	Validity	Valid
s1d1.ir R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://user.s1d1.ir/
Frame ID: 9BEE3CA81432AC2B0E91FD22376A1B40
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LUE

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

313 kB
Transfer

1665 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.s1d1.ir/ 3 KB
1 KB 1276ms
896ms Document
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5affa7f5e3ddd9e0a844efaed0b4fe11310ae24888cb3ecb32dd5ed71ed2aec7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 722
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 16 Dec 2023 11:18:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: ArvanCloud
server-timing: total;dur=452
vary: Accept-Encoding
x-cache: BYPASS
x-request-id: edf60d372c866625ddb51b1eb2d812fc
x-sid: 4106
x-xss-protection: 1; mode=block

GET
H2 200 feather-icon.css
user.s1d1.ir/assets/css/vendors/ 2 KB
1 KB 578ms
576ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/assets/css/vendors/feather-icon.css

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

8c91868eb38fdec93ca6ae61a33dba475360d1c6a841fe49b7808a75a4c20de4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:21 GMT
date: Sat, 16 Dec 2023 11:18:21 GMT
content-encoding: br
last-modified: Mon, 25 May 2020 18:39:12 GMT
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, max-age=604800
server-timing: total;dur=443
accept-ranges: bytes
content-length: 781
x-xss-protection: 1; mode=block
x-request-id: 171219206af2b9f0f2ab8d2ddd72f20a
x-sid: 4106

GET
H2 200 bootstrap.css
user.s1d1.ir/assets/css/vendors/ 422 KB
35 KB 715ms
713ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/assets/css/vendors/bootstrap.css

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

dacafb21f931d13129ae991db27ad95c05ddd533fd6cbf5657a0b5a2dbe1fdea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:21 GMT
date: Sat, 16 Dec 2023 11:18:21 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 02:33:38 GMT
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, max-age=604800
server-timing: total;dur=565
accept-ranges: bytes
content-length: 35881
x-xss-protection: 1; mode=block
x-request-id: 945ea74f275ce52a62c6bbc26aacdf3e
x-sid: 4106

GET
H2 200 style.css
user.s1d1.ir/assets/css/ 1 MB
110 KB 657ms
656ms Stylesheet
text/css 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/assets/css/style.css

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

92a01779b0fce57ae0cfaeb142acac2d8b0c0c94af8866b147455171acfdbee7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:21 GMT
date: Sat, 16 Dec 2023 11:18:21 GMT
content-encoding: br
last-modified: Thu, 02 Jun 2022 02:27:06 GMT
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/css
cache-control: public, max-age=604800
server-timing: total;dur=507
accept-ranges: bytes
content-length: 112122
x-xss-protection: 1; mode=block
x-request-id: 74ee6724a689704cf35ffbe7d0929c7b
x-sid: 4106

GET
H2 200 logo.png
user.s1d1.ir/assets/images/ 116 KB
116 KB 677ms
676ms Image
image/png 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.s1d1.ir/assets/images/logo.png

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

dd028750f6a91ec2a288ec6ad0451f9cdc0545ccdf34c09978be7343590d22b1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:21 GMT
date: Sat, 16 Dec 2023 11:18:21 GMT
last-modified: Fri, 08 Apr 2022 01:16:02 GMT
server: ArvanCloud
x-cache: BYPASS
content-type: image/png
cache-control: public, max-age=604800
server-timing: total;dur=511
accept-ranges: bytes
content-length: 118339
x-xss-protection: 1; mode=block
x-request-id: d20ba284fe5a3ba911b1bd2999dd8669
x-sid: 4106

GET
H2 404 logo_dark.png
user.s1d1.ir/assets/images/logo/ 708 B
708 B 603ms
602ms Image
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.s1d1.ir/assets/images/logo/logo_dark.png

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 11:18:21 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server-timing: total;dur=469
x-request-id: 6255f59d1159111c1b2292121052a0b1
x-sid: 4106

GET
H2 200 login.js Show response
user.s1d1.ir/assets/js/ 2 KB
958 B 588ms
587ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/assets/js/login.js

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fd2e1a40f4f3b37e52fde51a18507e73b3f59325b0c9359dadc3789e7eb71a4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:21 GMT
date: Sat, 16 Dec 2023 11:18:21 GMT
content-encoding: br
last-modified: Fri, 29 Apr 2022 06:06:20 GMT
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: application/javascript
cache-control: public, max-age=604800
server-timing: total;dur=453
accept-ranges: bytes
content-length: 618
x-xss-protection: 1; mode=block
x-request-id: 87984d71880e8fb8e065ac5ed3969e6a
x-sid: 4106

GET
H2 200 bg.jpg
user.s1d1.ir/assets/images/ 47 KB
47 KB 624ms
623ms Image
image/jpeg 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.s1d1.ir/assets/images/bg.jpg

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

4e2ac6b89e82a3b6636e6a006b3540e80dd56c2f3e3a41238fdd6f701657c689

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.s1d1.ir/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 11:18:22 GMT
date: Sat, 16 Dec 2023 11:18:22 GMT
last-modified: Fri, 02 Oct 2020 23:08:08 GMT
server: ArvanCloud
x-cache: BYPASS
content-type: image/jpeg
cache-control: public, max-age=604800
server-timing: total;dur=566
accept-ranges: bytes
content-length: 48056
x-xss-protection: 1; mode=block
x-request-id: 1cf008cc2ec406d2b30b5bf14281f31a
x-sid: 4106

GET
H2 404 Vazir.woff2
user.s1d1.ir/assets/css/assets/fonts/vazir/ 0
0 467ms
467ms Font
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://user.s1d1.ir/assets/css/assets/fonts/vazir/Vazir.woff2

Requested by

Host: user.s1d1.ir
URL: https://user.s1d1.ir/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://user.s1d1.ir/assets/css/style.css
Origin: https://user.s1d1.ir
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 11:18:22 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
server: ArvanCloud
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server-timing: total;dur=413
x-request-id: 76b62ee987b019ce477443dfc960187d
x-sid: 4106

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getCookie string| lang function| closewpopup

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			user.s1d1.ir/	1970-01-20 17:08:50	Name: PHPSESSID Value: s77ios95pag8iri6ocet0v48k7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://user.s1d1.ir/assets/images/logo/logo_dark.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.s1d1.ir/assets/css/assets/fonts/vazir/Vazir.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

user.s1d1.ir
185.143.234.120
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
4e2ac6b89e82a3b6636e6a006b3540e80dd56c2f3e3a41238fdd6f701657c689
5affa7f5e3ddd9e0a844efaed0b4fe11310ae24888cb3ecb32dd5ed71ed2aec7
8c91868eb38fdec93ca6ae61a33dba475360d1c6a841fe49b7808a75a4c20de4
92a01779b0fce57ae0cfaeb142acac2d8b0c0c94af8866b147455171acfdbee7
dacafb21f931d13129ae991db27ad95c05ddd533fd6cbf5657a0b5a2dbe1fdea
dd028750f6a91ec2a288ec6ad0451f9cdc0545ccdf34c09978be7343590d22b1
fd2e1a40f4f3b37e52fde51a18507e73b3f59325b0c9359dadc3789e7eb71a4e

user.s1d1.ir Open in urlscan Pro 185.143.234.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

313 kBTransfer

1665 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

user.s1d1.ir Open in urlscan Pro
185.143.234.120 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

313 kB
Transfer

1665 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions