urlscan.io logo urlscan.io
SecurityTrails logo

ns2.damirall.com Open in urlscan Pro
185.204.197.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://ns2.damirall.com/
Submission: On December 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 185.204.197.13, located in Tehran, Iran, Islamic Republic Of and belongs to PARVASYSTEM, IR. The main domain is ns2.damirall.com.
TLS certificate: Issued by R3 on November 25th 2023. Valid for: 3 months.
This is the only time ns2.damirall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.204.197.13 60631 (PARVASYSTEM)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a04:4e42::347 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
10 4
4    185.204.197.13 (Tehran, Iran, Islamic Republic Of)

ASN60631 (PARVASYSTEM, IR)
ns2.damirall.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::ac43:4aa3 (United States)

ASN13335 (CLOUDFLARENET, US)
picsum.photos
3    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
fastly.picsum.photos
2    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 picsum.photos
picsum.photos — Cisco Umbrella Rank: 67384
fastly.picsum.photos — Cisco Umbrella Rank: 106797
472 KB
4 damirall.com
ns2.damirall.com
18 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
10 4
Domain Requested by
4 ns2.damirall.com ns2.damirall.com
3 fastly.picsum.photos ns2.damirall.com
3 picsum.photos 3 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ns2.damirall.com
10 5

This site contains links to these domains. Also see Links.

Domain
goldio.net
Subject Issuer Validity Valid
gloud.ir
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ns2.damirall.com/
Frame ID: 9B006F52DA573A1363344820237B87E7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gloud | گلود

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

30 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

521 kB
Transfer

588 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://picsum.photos/1920/900 HTTP 302
  • https://fastly.picsum.photos/id/642/1920/900.jpg?hmac=9g_LsMdg0zWPdbo3-YROViV-kdZSb20KI7GzzHaElgI
Request Chain 5
  • https://picsum.photos/1920/880 HTTP 302
  • https://fastly.picsum.photos/id/63/1920/880.jpg?hmac=punXSpJ4eZQI0U2ScGU2gaBTmBDB0zLuffgH6V45X7E
Request Chain 6
  • https://picsum.photos/1920/850 HTTP 302
  • https://fastly.picsum.photos/id/234/1920/850.jpg?hmac=7_Ws6ov173J4B37MjdPtCBGjP_7zc6uePFheLZgq9uA

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ns2.damirall.com/ 		2 KB
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ns2.damirall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.204.197.13 Tehran, Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a1e09c7a8dd9adc66670129ab99671728c39d82deba82c7d98471c58f4a8b8b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 21 Dec 2023 15:39:57 GMT
etag
W/"61481eed-620"
last-modified
Mon, 20 Sep 2021 05:41:01 GMT
server
nginx
x-powered-by
PleskLin
main.css
ns2.damirall.com/assets/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ns2.damirall.com/assets/css/main.css
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.204.197.13 Tehran, Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
81999c21c4eed50e39317363613d76eb3b11f5f235a2e2d9b7161bcfd0056392

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:39:57 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2019 15:17:22 GMT
server
nginx
etag
W/"5d56c902-5911"
x-powered-by
PleskLin
content-type
text/css
main.js
ns2.damirall.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ns2.damirall.com/assets/js/main.js
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.204.197.13 Tehran, Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a436ff7e3ca181d3a68e5998ef4f0a0f2ab8019b43a26456e7d6edf8059815c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:39:57 GMT
content-encoding
br
last-modified
Wed, 11 Nov 2020 18:16:56 GMT
server
nginx
etag
W/"5fac2a98-148e"
x-powered-by
PleskLin
content-type
application/javascript
fontawesome-all.min.css
ns2.damirall.com/assets/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ns2.damirall.com/assets/css/fontawesome-all.min.css
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.204.197.13 Tehran, Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:39:57 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2019 15:17:22 GMT
server
nginx
etag
W/"5d56c902-da9f"
x-powered-by
PleskLin
content-type
text/css
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 15:33:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 15:50:18 GMT
900.jpg
fastly.picsum.photos/id/642/1920/
Redirect Chain
  • https://picsum.photos/1920/900
  • https://fastly.picsum.photos/id/642/1920/900.jpg?hmac=9g_LsMdg0zWPdbo3-YROViV-kdZSb20KI7GzzHaElgI
129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/642/1920/900.jpg?hmac=9g_LsMdg0zWPdbo3-YROViV-kdZSb20KI7GzzHaElgI
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3e2c3231abff9f6470557a7e4f1eb986185542d781a6b0b86544313722afce3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 21 Dec 2023 15:50:20 GMT
via
1.1 varnish
picsum-id
642
age
0
x-timer
S1703173819.860257,VS0,VE1171
vary
Origin
x-cache
MISS
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="642-1920x900.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
132586
x-served-by
cache-mia-kmia1760098-MIA

Redirect headers

date
Thu, 21 Dec 2023 15:50:18 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNFlrmNg8qOG20lns%2F6OgnZsJP3BHH7LQPKwD56Hg%2FMJS072eJhT%2FRGId3bcoUB99htdx2ff6ns3yy3QgoLAYV%2B1ui4uIaaSw5G%2BI34B3adNaDr53g0Hk5mVd1Af2MinPiu3Ar%2FcRCoNYSc%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/642/1920/900.jpg?hmac=9g_LsMdg0zWPdbo3-YROViV-kdZSb20KI7GzzHaElgI
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
839147ae8e5d8da9-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
880.jpg
fastly.picsum.photos/id/63/1920/
Redirect Chain
  • https://picsum.photos/1920/880
  • https://fastly.picsum.photos/id/63/1920/880.jpg?hmac=punXSpJ4eZQI0U2ScGU2gaBTmBDB0zLuffgH6V45X7E
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/63/1920/880.jpg?hmac=punXSpJ4eZQI0U2ScGU2gaBTmBDB0zLuffgH6V45X7E
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb21d826a065f97dab1a3102b0fe151dd654761cf551a0efd2cc421700eb2055

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 21 Dec 2023 15:50:19 GMT
via
1.1 varnish
picsum-id
63
age
0
x-timer
S1703173819.860409,VS0,VE991
vary
Origin
x-cache
MISS
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="63-1920x880.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
39985
x-served-by
cache-mia-kmia1760098-MIA

Redirect headers

date
Thu, 21 Dec 2023 15:50:18 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIYy%2BLIsQiqHScDES9H47BecadlY3Rf%2Bw2EFv%2BWDbRfiIQk7chPKGAgrnYUBEmQAGxXlpAXzXcg1Kq%2F4P68vdANwXxB%2BdYQwXB4BGgE7eve1NAFO1d80kBeVwDsKRcRzYX4YvcpPUtvN6Uw%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/63/1920/880.jpg?hmac=punXSpJ4eZQI0U2ScGU2gaBTmBDB0zLuffgH6V45X7E
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
839147ae8e5e8da9-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
850.jpg
fastly.picsum.photos/id/234/1920/
Redirect Chain
  • https://picsum.photos/1920/850
  • https://fastly.picsum.photos/id/234/1920/850.jpg?hmac=7_Ws6ov173J4B37MjdPtCBGjP_7zc6uePFheLZgq9uA
301 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly.picsum.photos/id/234/1920/850.jpg?hmac=7_Ws6ov173J4B37MjdPtCBGjP_7zc6uePFheLZgq9uA
Requested by
Host: ns2.damirall.com
URL: https://ns2.damirall.com/
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1aada2d5136b34b2a48239ea7c6c77481498aee60fdd63c8f5187c2fa4ea39d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ns2.damirall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 21 Dec 2023 15:50:20 GMT
via
1.1 varnish
picsum-id
234
age
0
x-timer
S1703173819.860412,VS0,VE1428
vary
Origin
x-cache
MISS
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
content-disposition
inline; filename="234-1920x850.jpg"
accept-ranges
bytes
timing-allow-origin
*
content-length
308344
x-served-by
cache-mia-kmia1760098-MIA

Redirect headers

date
Thu, 21 Dec 2023 15:50:18 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecudR%2FnucGhZDuy0ikg0OeI06lc%2F2nYsjRe02M5QharjTq6qShw%2BUYagu7cepRtJWd7wBZJTc%2Fqglz1GUflcpPU30GuavGjJQeWJ30%2FZWUfV6hQaQ%2BsCV8XEIsR7URBwtMWR3E3EjC0mDhM%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/234/1920/850.jpg?hmac=7_Ws6ov173J4B37MjdPtCBGjP_7zc6uePFheLZgq9uA
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
839147ae8e5f8da9-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ns2.damirall.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:21:18 GMT
x-content-type-options
nosniff
age
458940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 08:21:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ns2.damirall.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 02:18:12 GMT
x-content-type-options
nosniff
age
480726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 02:18:12 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| canUse object| _canUse

0 Cookies