URL: http://covid-19.glxblog.com/
Submission: On July 09 via api from FR

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 32 HTTP transactions. The main IP is 5.144.129.251, located in Tehran, Iran, Islamic Republic Of and belongs to HOSTIRAN-NETWORK, IR. The main domain is covid-19.glxblog.com.
This is the only time covid-19.glxblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 5.144.129.251 59441 (HOSTIRAN-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 178.216.248.179 43754 (ASIATECH)
1 5.254.23.82 3223 (VOXILITY)
1 5.253.26.80 202468 (ABRARVAN-...)
1 185.236.37.243 48551 (SINDAD)
1 54.38.126.98 16276 (OVH)
5 79.127.127.67 43754 (ASIATECH)
1 185.49.84.241 43754 (ASIATECH)
2 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
2 178.216.250.130 43754 (ASIATECH)
1 192.99.0.58 16276 (OVH)
32 13
Domain Requested by
9 covid-19.glxblog.com covid-19.glxblog.com
5 up.love-skin.ir covid-19.glxblog.com
4 s6.picofile.com covid-19.glxblog.com
2 s7.picofile.com covid-19.glxblog.com
2 www.google-analytics.com covid-19.glxblog.com
1 s4.histats.com s10.histats.com
1 s10.histats.com covid-19.glxblog.com
1 www.loxbazar.com covid-19.glxblog.com
1 1abzar.ir covid-19.glxblog.com
1 loxblog.ir covid-19.glxblog.com
1 media.jamnews.com covid-19.glxblog.com
1 static2.rokna.net covid-19.glxblog.com
1 cdn.salameno.ir covid-19.glxblog.com
1 cdn1.img.ir.sputniknews.com covid-19.glxblog.com
1 www.sionadvogados.com.br covid-19.glxblog.com
32 15
Subject Issuer Validity Valid
cdn1.img.ir.sputniknews.com
Let's Encrypt Authority X3
2020-06-01 -
2020-08-30
3 months crt.sh
*.salameno.ir
Let's Encrypt Authority X3
2020-05-24 -
2020-08-22
3 months crt.sh
rokna.net
Let's Encrypt Authority X3
2020-05-29 -
2020-08-27
3 months crt.sh
*.jamnews.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-17 -
2020-10-16
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
histats.com
Let's Encrypt Authority X3
2020-06-15 -
2020-09-13
3 months crt.sh

This page contains 2 frames:

Primary Page: http://covid-19.glxblog.com/
Frame ID: 240B1F3E73F7E1949211C06C7B7A465A
Requests: 31 HTTP requests in this frame

Frame: http://covid-19.glxblog.com/cbox/cbox.php
Frame ID: 6BB2B9D9CEE67E23FAC7E22AAB8FA5A3
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

32
Requests

22 %
HTTPS

15 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

1592 kB
Transfer

1789 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 28
  • http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=814792827&gjid=1812233576&cid=1506102076.1594303959&tid=UA-52170159-2&_gid=1708653008.1594303959&_r=1&z=1988744022 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=814792827&gjid=1812233576&cid=1506102076.1594303959&tid=UA-52170159-2&_gid=1708653008.1594303959&_r=1&z=1988744022

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
covid-19.glxblog.com/
63 KB
15 KB
Document
General
Full URL
http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
ee24e918eaa2117e72d17b75b6ff199e35e98fe8ddc68164cace71bfc830eabf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
covid-19.glxblog.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 09 Jul 2020 14:12:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.19-0+deb8u1
Set-Cookie
lxbmobitel6first=1594303957; expires=Fri, 10-Jul-2020 14:12:37 GMT; Max-Age=86400 PHPSESSID=ev3m324sjo62t9rs5ttc4lb1m6; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip
covid-19.jpg
covid-19.glxblog.com/users/
6 KB
7 KB
Image
General
Full URL
http://covid-19.glxblog.com/users/covid-19.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx /
Resource Hash
d26e69c7c536a6f5386aa9ece91fa769fec7095e2efd88748effea59e30a8c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Mar 2020 17:16:09 GMT
Server
nginx
ETag
"5e7b91d9-1910"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6416
X-XSS-Protection
1; mode=block
rsregm.php
covid-19.glxblog.com/rscode/
1 KB
2 KB
Image
General
Full URL
http://covid-19.glxblog.com/rscode/rsregm.php?i=%3C?php%20echo%20md5(rand(99,9999))?%3E
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
5568ec28febd386e1857f59d0eaf00b92391f04db2bea30f4528c9cd9c61abff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Transfer-Encoding
chunked
Content-Type
image/jpeg
Connection
keep-alive
X-XSS-Protection
1; mode=block
coronavirus-1-scaled.jpg
www.sionadvogados.com.br/wp-content/uploads/2020/03/
886 KB
886 KB
Image
General
Full URL
http://www.sionadvogados.com.br/wp-content/uploads/2020/03/coronavirus-1-scaled.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::6818:7cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c24ac02868c67d34dbf2c0c3e45eb17673a3baf8ce77346c16ea451720004fd

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 20 Mar 2020 13:09:10 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5b02a4196d72dfeb-FRA
Content-Length
907065
cf-request-id
03d584e3e00000dfeb8e2bb200000001
thebest.jpg
s6.picofile.com/file/8391912718/
95 KB
96 KB
Image
General
Full URL
http://s6.picofile.com/file/8391912718/thebest.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.248.179 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
0770b3ffa2a02a92c8f296a686e5bc0999e3cda28ea21efb9d6c3f636820b7a5

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"807f62c6c7cfd708"
Last-Modified
Tue, 24 Mar 2020 03:18:43 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/jpeg
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
97313
Expires
Thu, 16 Jul 2020 15:39:18 GMT
good.png
s6.picofile.com/file/8391922726/
19 KB
19 KB
Image
General
Full URL
http://s6.picofile.com/file/8391922726/good.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.248.179 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
271dcb4ecd66f1cc45ca94a66cc8fcae668575fde90b243c60366c724cf41242

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"00993c68d5cfd708"
Last-Modified
Tue, 24 Mar 2020 04:56:18 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/png
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
19037
Expires
Thu, 16 Jul 2020 15:39:18 GMT
rating.css
covid-19.glxblog.com/
837 B
701 B
Stylesheet
General
Full URL
http://covid-19.glxblog.com/rating.css
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx /
Resource Hash
b99088ae894f62d909d97af053c095cce2fbb8ed9d6d3a980ac83040131d2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Apr 2014 19:31:13 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
rating.js
covid-19.glxblog.com/js/
9 KB
3 KB
Script
General
Full URL
http://covid-19.glxblog.com/js/rating.js
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx /
Resource Hash
ce675adc6c4f5471a97c3724bf1375c4fc53385dfed155c272430799885f0fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Apr 2014 10:37:09 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
thelast.png
s6.picofile.com/file/8392383676/
132 KB
133 KB
Image
General
Full URL
http://s6.picofile.com/file/8392383676/thelast.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.248.179 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
bcd997f4c44187a0ab0ce3250e98ec18ed7be5fa282c33372759f87fbc3f1c8d

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"807b083c39d3d708"
Last-Modified
Sat, 28 Mar 2020 12:28:27 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/png
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
135506
Expires
Thu, 16 Jul 2020 15:39:18 GMT
6125030.jpg
cdn1.img.ir.sputniknews.com/images/612/50/
76 KB
76 KB
Image
General
Full URL
https://cdn1.img.ir.sputniknews.com/images/612/50/6125030.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.82 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
5f51e199c9e07a45eabe98b8489c181cc41df0907aba770a5e2a85bd83d1b2e8

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 14:12:38 GMT
last-modified
Sun, 22 Mar 2020 10:17:02 GMT
server
nginx
etag
"5e773b1e-12eb0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
content-length
77488
expires
Thu, 31 Dec 2037 23:55:55 GMT
technology-44710554-0-x3t.png
cdn.salameno.ir/media/news-images/2020-03-28/
27 KB
28 KB
Image
General
Full URL
https://cdn.salameno.ir/media/news-images/2020-03-28/technology-44710554-0-x3t.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.26.80 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
Software
nginx /
Resource Hash
f91d45f1e349a6c46ac509a778d1ef7de1344843891fdb5bc1c666c52ae891cb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"48b8b5fa91656a2517c1a6d432e07d82"
x-amz-request-id
161FE82BF12BE88E
x-cache-status
HIT
status
200
content-length
28112
x-xss-protection
1; mode=block
last-modified
Sat, 28 Mar 2020 19:02:30 GMT
server
nginx
date
Thu, 09 Jul 2020 14:12:38 GMT
vary
Origin
content-type
image/jpeg
x-minio-deployment-id
ab06cdf0-9152-4dbd-81ce-d44dcce2dc9f
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jul 2021 14:12:38 GMT
%D9%86%D8%AC%D8%A7%D8%AA+%D8%AC%D8%A7%D9%86+%DB%B4%DB%B0+%D9%85%DB%8C%D9%84%DB%8C%D9%88%D9%86+%D9%86%D9%81%D8%B1+%D8%A8%D8%A7+%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C+%D8%A7%D9%82%D8%AF%D8%A7%D9%85%D8%A7%D8%...
static2.rokna.net/thumbnail/SDpYaCsYTbTu/UtjBuyEcFlueNU9K4hSyNnFqW4AdUjBgQ-_dxw0RVwm0qukoI27-JV2XP73Xc1uGeDRyE0w8KroWzW-qqnnRxV4X_6VbnZY4o9oZXp5-8OYmQS72MWFwv1QCibIcLQxMhJqVyl6FovVnWikCV82JhrzFXSlP...
45 KB
46 KB
Image
General
Full URL
https://static2.rokna.net/thumbnail/SDpYaCsYTbTu/UtjBuyEcFlueNU9K4hSyNnFqW4AdUjBgQ-_dxw0RVwm0qukoI27-JV2XP73Xc1uGeDRyE0w8KroWzW-qqnnRxV4X_6VbnZY4o9oZXp5-8OYmQS72MWFwv1QCibIcLQxMhJqVyl6FovVnWikCV82JhrzFXSlPpscH/%D9%86%D8%AC%D8%A7%D8%AA+%D8%AC%D8%A7%D9%86+%DB%B4%DB%B0+%D9%85%DB%8C%D9%84%DB%8C%D9%88%D9%86+%D9%86%D9%81%D8%B1+%D8%A8%D8%A7+%D8%A7%D8%AC%D8%B1%D8%A7%DB%8C+%D8%A7%D9%82%D8%AF%D8%A7%D9%85%D8%A7%D8%AA+%D8%B6%D8%AF%DA%A9%D8%B1%D9%88%D9%86%D8%A7%DB%8C%DB%8C+%DA%A9%D8%B4%D9%88%D8%B1%E2%80%8C%D9%87%D8%A7.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.236.37.243 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS
Software
Aasaam /
Resource Hash
e93b588c89ee710bb077b9ec548fac2f9cd6fed8b8cec05dd73df3c8bf02b31f

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 09 Jul 2020 14:12:52 GMT
Last-Modified
Thu, 09 Jul 2020 14:12:52 +0000
Server
Aasaam
Etag
"a08bd1ddb618dd7a3d9f3cce56003eaa"
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
maxage=31104000, immutable, public, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Sun, 04 Jul 2021 14:12:52 +0000
JamNewsImage12052783.jpg
media.jamnews.com/medium1/1399/01/09/
30 KB
31 KB
Image
General
Full URL
https://media.jamnews.com/medium1/1399/01/09/JamNewsImage12052783.jpg
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.126.98 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b66464b081b959c79ea8254baba9c2da3aac2b4d31d20ac9996448a292ce87cd

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 14:12:38 GMT
last-modified
Sat, 28 Mar 2020 07:35:27 GMT
server
Microsoft-IIS/10.0
etag
"ea7da473d34d61:0"
content-type
image/jpeg
status
200
accept-ranges
bytes
powered-by
www.jamnews.com
content-length
31087
easymoblog.png
up.love-skin.ir/up/l-skin/themes/images/
3 KB
4 KB
Image
General
Full URL
http://up.love-skin.ir/up/l-skin/themes/images/easymoblog.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
79.127.127.67 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
807d48b68d6328a1e78f576987719624619973f33ef32b97e623d48a2ef7d709

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:37 GMT
Last-Modified
Thu, 23 Oct 2014 21:34:22 GMT
Server
nginx/1.16.1
ETag
"5449745e-d60"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3424
stats.gif
up.love-skin.ir/up/l-skin/themes/images/
556 B
794 B
Image
General
Full URL
http://up.love-skin.ir/up/l-skin/themes/images/stats.gif
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
79.127.127.67 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
dbd5baa30baba95d47a6fa9416157aa39b2c4ca0782ae01145e0c4b4ad29bd39

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:37 GMT
Last-Modified
Thu, 23 Oct 2014 21:34:22 GMT
Server
nginx/1.16.1
ETag
"5449745e-22c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
556
clock.png
up.love-skin.ir/up/l-skin/themes/images/
1 KB
1 KB
Image
General
Full URL
http://up.love-skin.ir/up/l-skin/themes/images/clock.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
79.127.127.67 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8a2d9d0eb1a460458b1afcba035d11bfce3b375152f9c856f7b454e257c905f6

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:37 GMT
Last-Modified
Thu, 23 Oct 2014 21:34:22 GMT
Server
nginx/1.16.1
ETag
"5449745e-478"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1144
newsb.png
loxblog.ir/template/
1 KB
2 KB
Image
General
Full URL
http://loxblog.ir/template/newsb.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx /
Resource Hash
e11f13e4ce9f7cfddd8a7d1f7a434da973ffa5ca151747538208b90dccd80e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-565"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1381
X-XSS-Protection
1; mode=block
newscode.php
covid-19.glxblog.com/rscode/
1 KB
1 KB
Image
General
Full URL
http://covid-19.glxblog.com/rscode/newscode.php?i=4589
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
4b93c4312bbc720bde1c94b0a56e6e855ec4f0346d477e4335cf17bc1f5947ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Transfer-Encoding
chunked
Content-Type
image/jpeg
Connection
keep-alive
X-XSS-Protection
1; mode=block
top.jquery-min.js
up.love-skin.ir/up/l-skin/tools/maker/top/
151 KB
38 KB
Script
General
Full URL
http://up.love-skin.ir/up/l-skin/tools/maker/top/top.jquery-min.js
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
79.127.127.67 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d18f091bd9f2c4cd35decf85154940b67fcadba9e6582528e92a1206f7f98cb0

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jul 2015 17:13:01 GMT
Server
nginx/1.16.1
ETag
W/"55941f9d-25b9a"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
scroll-topcontrol.js
up.love-skin.ir/up/l-skin/tools/maker/top/
2 KB
1 KB
Script
General
Full URL
http://up.love-skin.ir/up/l-skin/tools/maker/top/scroll-topcontrol.js
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
79.127.127.67 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9ab631b3b5859d51be1fa576bbea9d421224ff160f2341cf6c958b1b6877ec78

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jul 2015 17:13:01 GMT
Server
nginx/1.16.1
ETag
W/"55941f9d-91b"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
/
1abzar.ir/abzar/tools/fix-pic/
4 KB
1 KB
Script
General
Full URL
http://1abzar.ir/abzar/tools/fix-pic/?pz=1&ax=http://s6.picofile.com/file/8392396042/%D8%A7.png&url=http://covid-19.loxblog.com/post/12/%D9%81%DB%8C%D9%84%D9%85%20%D9%87%D8%A7%DB%8C%20%D9%85%D8%B1%D8%A8%D9%88%D8%B7%20%D8%A8%D9%87%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
185.49.84.241 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1cccebe65e34bf1b696aefe1ab771870b4af95bd333b0cd65192d32537ac2801

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1302
Vary
Accept-Encoding
Content-Type
text/html
sckie.php
www.loxbazar.com/
0
0
Image
General
Full URL
http://www.loxbazar.com/sckie.php?wid=923715
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

livecounter.php
covid-19.glxblog.com/important/
351 B
561 B
XHR
General
Full URL
http://covid-19.glxblog.com/important/livecounter.php?wid=923715&ads=1
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
c1ad5831e0047093b00d679a592c8d6d8ed69ea10ae16feb91e80148e2f047ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
cbox.php
covid-19.glxblog.com/cbox/ Frame 6BB2
3 KB
2 KB
Document
General
Full URL
http://covid-19.glxblog.com/cbox/cbox.php
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
7d0316fa9bd6e9497c9c4df9d429ebc047535ad2126d407f63cc1c8c171fca83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
covid-19.glxblog.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid-19.glxblog.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
lxbmobitel6first=1594303957; PHPSESSID=ev3m324sjo62t9rs5ttc4lb1m6; loxscode65465a45c6798vb26t24e6regmem=5181
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://covid-19.glxblog.com/

Response headers

Server
nginx
Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.19-0+deb8u1
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip
/
covid-19.glxblog.com/
21 KB
21 KB
Image
General
Full URL
http://covid-19.glxblog.com/
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
5.144.129.251 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
5-144-129-251.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Jul 2020 14:12:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
%D8%A7.png
s6.picofile.com/file/8392396042/
81 KB
81 KB
Image
General
Full URL
http://s6.picofile.com/file/8392396042/%D8%A7.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.248.179 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
55c9aa74984f56e3e08e538ba283883ad9cab3abb6cdd1c719035b1ceb3c8a99

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"007e68094dd3d708"
Last-Modified
Sat, 28 Mar 2020 14:50:12 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/png
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
82782
Expires
Thu, 16 Jul 2020 15:39:18 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
7018
date
Thu, 09 Jul 2020 12:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 09 Jul 2020 14:15:40 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
js15.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15.js
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 09 Jul 2020 14:05:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"980881274"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
33187
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4405
X-Request-ID
1032817381
%D9%85%D9%88%D8%B3%D8%B3%D8%B3%D8%B3.png
s7.picofile.com/file/8391927584/
20 KB
21 KB
Image
General
Full URL
http://s7.picofile.com/file/8391927584/%D9%85%D9%88%D8%B3%D8%B3%D8%B3%D8%B3.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.250.130 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
2671e40fdd1f0ec40f4b90f741b567af2ba067023d03a5d2eba2962b609d4730

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"80ed60ebdbcfd708"
Last-Modified
Tue, 24 Mar 2020 05:42:55 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/png
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
20515
Expires
Thu, 16 Jul 2020 15:39:18 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9...
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D...
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=814792827&gjid=1812233576&cid=1506102076.1594303959&tid=UA-52170159-2&_gid=1708653008.1594303959&_r=1&z=1988744022
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 14:12:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1746103463&t=pageview&_s=1&dl=http%3A%2F%2Fcovid-19.glxblog.com%2F&ul=en-us&de=UTF-8&dt=%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=814792827&gjid=1812233576&cid=1506102076.1594303959&tid=UA-52170159-2&_gid=1708653008.1594303959&_r=1&z=1988744022
Non-Authoritative-Reason
HSTS
0.php
s4.histats.com/stats/
47 B
318 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?1408941&@f16&@g1&@h1&@i1&@j1594303958912&@k0&@l1&@m%D9%88%DB%8C%D8%B1%D9%88%D8%B3%20%DA%A9%D8%B1%D9%88%D9%86%D8%A7&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:16370799&@b3:1594303959&@b4:js15.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fcovid-19.glxblog.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:39 GMT
Connection
close
Content-Length
47
Content-Type
text/html;charset=UTF-8
%D8%A8%D8%A7%D9%84%D8%A7%D8%A8%D8%B1.png
s7.picofile.com/file/8391926200/
52 KB
53 KB
Image
General
Full URL
http://s7.picofile.com/file/8391926200/%D8%A8%D8%A7%D9%84%D8%A7%D8%A8%D8%B1.png
Requested by
Host: covid-19.glxblog.com
URL: http://covid-19.glxblog.com/
Protocol
HTTP/1.1
Server
178.216.250.130 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
WSGIServer/0.1 Python/2.6.1 / Django/1.2.1 SVN-13336
Resource Hash
aee270e88839428eac0f54b63c68fa1cb0cb7c78d90ce17627fec5be6723a68e

Request headers

Referer
http://covid-19.glxblog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 14:12:38 GMT
ETag
"00ff42ded9cfd708"
Last-Modified
Tue, 24 Mar 2020 05:28:14 GMT
Server
WSGIServer/0.1 Python/2.6.1
X-Powered-By
Django/1.2.1 SVN-13336
Access-Control-Allow-Methods
*
Content-Type
image/png
Access-Control-Allow-Origin
http://covid-19.glxblog.com
Cache-Control
public, max-age=610000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*, content-range, range, content-length, cache-control, content-type, x-requested-with
Content-Length
53729
Expires
Thu, 16 Jul 2020 15:39:19 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Login_Ajax_mf object| Behaviour function| getAllChildren object| xmlhttp function| myXMLHttpRequest function| sndReq function| handleResponse function| changeText object| ratingAction object| BlogComments object| CommentID function| SendComment function| setCommentID function| SendProComment string| nVer string| nAgt string| fullVersion number| majorVersion undefined| nameOffset number| verOffset undefined| ix string| browserName string| OSName object| week object| months object| a number| d number| day number| month number| year function| Clear function| $ function| jQuery string| abzar object| scrolltotop object| fixedMenu string| fixedMenuId number| onload_num function| onload0 function| onload1 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats number| h undefined| sheet string| selector string| token object| list undefined| element

14 Cookies

Domain/Path Name / Value
covid-19.glxblog.com/ Name: HstCns1408941
Value: 1
covid-19.glxblog.com/ Name: HstCnv1408941
Value: 1
covid-19.glxblog.com/ Name: HstPt1408941
Value: 1
covid-19.glxblog.com/ Name: lxbmobitel6first
Value: 1594303957
covid-19.glxblog.com/ Name: HstCla1408941
Value: 1594303958912
covid-19.glxblog.com/ Name: HstCmu1408941
Value: 1594303958912
covid-19.glxblog.com/ Name: HstPn1408941
Value: 1
.glxblog.com/ Name: _ga
Value: GA1.2.1506102076.1594303959
covid-19.glxblog.com/ Name: HstCfa1408941
Value: 1594303958912
.glxblog.com/ Name: _gat
Value: 1
.glxblog.com/ Name: _gid
Value: GA1.2.1708653008.1594303959
covid-19.glxblog.com/ Name: PHPSESSID
Value: ev3m324sjo62t9rs5ttc4lb1m6
covid-19.glxblog.com/ Name: loxscode65465a45c6798vb26t24e6regnews
Value: 3138
covid-19.glxblog.com/ Name: loxscode65465a45c6798vb26t24e6regmem
Value: 5181

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1abzar.ir
cdn.salameno.ir
cdn1.img.ir.sputniknews.com
covid-19.glxblog.com
loxblog.ir
media.jamnews.com
s10.histats.com
s4.histats.com
s6.picofile.com
s7.picofile.com
static2.rokna.net
up.love-skin.ir
www.google-analytics.com
www.loxbazar.com
www.sionadvogados.com.br
178.216.248.179
178.216.250.130
185.236.37.243
185.49.84.241
192.99.0.58
2606:4700:3030::6818:7cf4
2a00:1450:4001:824::200e
46.105.201.240
5.144.129.251
5.253.26.80
5.254.23.82
54.38.126.98
79.127.127.67
0770b3ffa2a02a92c8f296a686e5bc0999e3cda28ea21efb9d6c3f636820b7a5
1cccebe65e34bf1b696aefe1ab771870b4af95bd333b0cd65192d32537ac2801
2671e40fdd1f0ec40f4b90f741b567af2ba067023d03a5d2eba2962b609d4730
271dcb4ecd66f1cc45ca94a66cc8fcae668575fde90b243c60366c724cf41242
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
4b93c4312bbc720bde1c94b0a56e6e855ec4f0346d477e4335cf17bc1f5947ba
5568ec28febd386e1857f59d0eaf00b92391f04db2bea30f4528c9cd9c61abff
55c9aa74984f56e3e08e538ba283883ad9cab3abb6cdd1c719035b1ceb3c8a99
5f51e199c9e07a45eabe98b8489c181cc41df0907aba770a5e2a85bd83d1b2e8
7d0316fa9bd6e9497c9c4df9d429ebc047535ad2126d407f63cc1c8c171fca83
807d48b68d6328a1e78f576987719624619973f33ef32b97e623d48a2ef7d709
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a2d9d0eb1a460458b1afcba035d11bfce3b375152f9c856f7b454e257c905f6
8c24ac02868c67d34dbf2c0c3e45eb17673a3baf8ce77346c16ea451720004fd
9ab631b3b5859d51be1fa576bbea9d421224ff160f2341cf6c958b1b6877ec78
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
aee270e88839428eac0f54b63c68fa1cb0cb7c78d90ce17627fec5be6723a68e
b66464b081b959c79ea8254baba9c2da3aac2b4d31d20ac9996448a292ce87cd
b99088ae894f62d909d97af053c095cce2fbb8ed9d6d3a980ac83040131d2f60
bcd997f4c44187a0ab0ce3250e98ec18ed7be5fa282c33372759f87fbc3f1c8d
c1ad5831e0047093b00d679a592c8d6d8ed69ea10ae16feb91e80148e2f047ce
ce675adc6c4f5471a97c3724bf1375c4fc53385dfed155c272430799885f0fdd
d18f091bd9f2c4cd35decf85154940b67fcadba9e6582528e92a1206f7f98cb0
d26e69c7c536a6f5386aa9ece91fa769fec7095e2efd88748effea59e30a8c0f
dbd5baa30baba95d47a6fa9416157aa39b2c4ca0782ae01145e0c4b4ad29bd39
e11f13e4ce9f7cfddd8a7d1f7a434da973ffa5ca151747538208b90dccd80e04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b588c89ee710bb077b9ec548fac2f9cd6fed8b8cec05dd73df3c8bf02b31f
ee24e918eaa2117e72d17b75b6ff199e35e98fe8ddc68164cace71bfc830eabf
f91d45f1e349a6c46ac509a778d1ef7de1344843891fdb5bc1c666c52ae891cb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955