URL: http://cdc.loxblog.com/
Submission: On September 22 via manual from IR — Scanned from DE

Summary

This website contacted 7 IPs in 6 countries across 8 domains to perform 27 HTTP transactions. The main IP is 185.173.105.107, located in Iran, Islamic Republic Of and belongs to HOSTIRAN-NETWORK, IR. The main domain is cdc.loxblog.com.
This is the only time cdc.loxblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 185.173.105.107 59441 (HOSTIRAN-...)
7 75.2.18.233 16509 (AMAZON-02)
1 202.61.132.81 64050 (BCPL-SG B...)
1 5.196.248.30 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 192.99.8.34 16276 (OVH)
27 7
Apex Domain
Subdomains
Transfer
12 loxblog.com
cdc.loxblog.com
loxblog.com — Cisco Umbrella Rank: 600720
48 KB
7 mahtarin.com
mahtarin.com
140 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17784
s4.histats.com — Cisco Umbrella Rank: 15390
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 loxbazar.com
www.loxbazar.com
1 loxblog.ir
loxblog.ir
2 KB
1 fastwebcounter.com
fastwebcounter.com
1 everycounter.com
www.everycounter.com
27 8
Domain Requested by
11 cdc.loxblog.com cdc.loxblog.com
7 mahtarin.com cdc.loxblog.com
2 www.google-analytics.com cdc.loxblog.com
www.google-analytics.com
1 s4.histats.com s10.histats.com
1 s10.histats.com cdc.loxblog.com
1 www.loxbazar.com cdc.loxblog.com
1 loxblog.ir cdc.loxblog.com
1 fastwebcounter.com cdc.loxblog.com
1 www.everycounter.com cdc.loxblog.com
1 loxblog.com cdc.loxblog.com
27 10

This site contains links to these domains. Also see Links.

Domain
naztarin.com
www.sharghi.net
www.kafkon.com
www.naztarin.com
www.loxblog.com
www.histats.com
Subject Issuer Validity Valid
histats.com
R3
2022-07-11 -
2022-10-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh

This page contains 2 frames:

Primary Page: http://cdc.loxblog.com/
Frame ID: 3230FB0D03009B45A3DA6D3AFA031B00
Requests: 26 HTTP requests in this frame

Frame: http://cdc.loxblog.com/cbox/cbox.php
Frame ID: 1BEA4A51179EF23FF30AD4556396F3DC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Cult_of_the_Dead_cow

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

27
Requests

7 %
HTTPS

14 %
IPv6

8
Domains

10
Subdomains

7
IPs

6
Countries

75 kB
Transfer

130 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cdc.loxblog.com/
23 KB
7 KB
Document
General
Full URL
http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
fd1602d8486ea7ce98230ba3df1fb63035f49bb5c1651900fbdc4791f75cf6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Sep 2022 10:29:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/5.6.19-0+deb8u1
X-XSS-Protection
1; mode=block
rating.css
cdc.loxblog.com/
837 B
701 B
Stylesheet
General
Full URL
http://cdc.loxblog.com/rating.css
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
b99088ae894f62d909d97af053c095cce2fbb8ed9d6d3a980ac83040131d2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Apr 2014 19:31:13 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
rating.js
cdc.loxblog.com/js/
9 KB
3 KB
Script
General
Full URL
http://cdc.loxblog.com/js/rating.js
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
ce675adc6c4f5471a97c3724bf1375c4fc53385dfed155c272430799885f0fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Apr 2014 10:37:09 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
01.jpg
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/01.jpg
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
02.jpg
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/02.jpg
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
0386.gif
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/0386.gif
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
setarelink.gif
loxblog.com/template/
807 B
1 KB
Image
General
Full URL
http://loxblog.com/template/setarelink.gif
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
4090001f55255bdb4519de7fed724ca7392cdfd2d6301e0a8c8cf344569e4d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-327"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
X-XSS-Protection
1; mode=block
captcha_code_filec.php
cdc.loxblog.com/
3 KB
4 KB
Image
General
Full URL
http://cdc.loxblog.com/captcha_code_filec.php
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
dd6f62fdcba8cfda2f767a5a120e54cbebc5184cc8b5dc86c51216db5629a748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
on.php
www.everycounter.com/
0
0
Script
General
Full URL
http://www.everycounter.com/on.php?d=http://cdc.loxblog.com
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
202.61.132.81 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

secure.php
fastwebcounter.com/
0
0
Script
General
Full URL
http://fastwebcounter.com/secure.php?s=http://cdc.loxblog.com
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
5.196.248.30 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip30.ip-5-196-248.eu
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

logo3.gif
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/logo3.gif
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
man-icon.png
cdc.loxblog.com/template/
2 KB
2 KB
Image
General
Full URL
http://cdc.loxblog.com/template/man-icon.png
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
8156ed91e0e75cb46eba9a007e229afc98ce39a2d15fa3452a7f2ae48095ec22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-7a0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1952
X-XSS-Protection
1; mode=block
usern-icon.png
cdc.loxblog.com/template/
2 KB
2 KB
Image
General
Full URL
http://cdc.loxblog.com/template/usern-icon.png
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
632bf9fa2ec4e388d9f4ad9ab29ac99a6ac3b64ff363b366ee3bd94316b69aa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-6ec"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1772
X-XSS-Protection
1; mode=block
password-icon.png
cdc.loxblog.com/template/
2 KB
2 KB
Image
General
Full URL
http://cdc.loxblog.com/template/password-icon.png
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
9db8eaa135d6b278702455038cf83ad4dfa5d83086a6922ac7e59ef36a25ce6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-680"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1664
X-XSS-Protection
1; mode=block
newsb.png
loxblog.ir/template/
1 KB
2 KB
Image
General
Full URL
http://loxblog.ir/template/newsb.png
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx /
Resource Hash
e11f13e4ce9f7cfddd8a7d1f7a434da973ffa5ca151747538208b90dccd80e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jun 2013 21:26:23 GMT
Server
nginx
ETag
"51c3737f-565"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1381
X-XSS-Protection
1; mode=block
newscode.php
cdc.loxblog.com/rscode/
1 KB
2 KB
Image
General
Full URL
http://cdc.loxblog.com/rscode/newscode.php?i=4589
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
61a350d328b01cb7bb55e6ceab874fb17ea8dcd3850fa7eafaf64d4ece757daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Transfer-Encoding
chunked
Content-Type
image/jpeg
Connection
keep-alive
X-XSS-Protection
1; mode=block
sckie.php
www.loxbazar.com/
0
0
Image
General
Full URL
http://www.loxbazar.com/sckie.php?wid=962324
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

livecounter.php
cdc.loxblog.com/important/
14 B
350 B
XHR
General
Full URL
http://cdc.loxblog.com/important/livecounter.php?wid=962324&ads=1
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
9b7f0a0b3c2c758db95c6d7e4dafec692a5e4840944d08e3b21b7ee35551eee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
cdc.loxblog.com/
23 KB
23 KB
Image
General
Full URL
http://cdc.loxblog.com/
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 10:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/5.6.19-0+deb8u1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
0486.gif
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/0486.gif
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
05.gif
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/05.gif
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:28 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
cbox.php
cdc.loxblog.com/cbox/ Frame 1BEA
3 KB
1 KB
Document
General
Full URL
http://cdc.loxblog.com/cbox/cbox.php
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
185.173.105.107 , Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185-173-105-107.static.hostiran.name
Software
nginx / PHP/5.6.19-0+deb8u1
Resource Hash
36d0967a36cbfbb9d0630a0de8d75b2c7e7b7872178fa4427e75d4ffae1945aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cdc.loxblog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Sep 2022 10:29:11 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/5.6.19-0+deb8u1
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
H2
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
117
date
Thu, 22 Sep 2022 10:27:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 22 Sep 2022 12:27:33 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js15.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15.js
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer
http://cdc.loxblog.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 22 Sep 2022 10:22:16 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"980881274"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
40743
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D972DA16:B3E6_2E69C9F0:0050_632C390A_113FF0:1F78A
content-length
4405
x-request-id
1049264814
03.jpg
mahtarin.com/weblog/
20 B
20 B
Image
General
Full URL
http://mahtarin.com/weblog/03.jpg
Requested by
Host: cdc.loxblog.com
URL: http://cdc.loxblog.com/
Protocol
HTTP/1.1
Server
75.2.18.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1a2ad24832d38a2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:30 GMT
X-Blocked
11015.10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
0.php
s4.histats.com/stats/
47 B
181 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?1408941&@f16&@g1&@h1&@i1&@j1663842570048&@k0&@l1&@mCult_of_the_Dead_cow&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-47826119&@b3:1663842570&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcdc.loxblog.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdc.loxblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 10:29:30 GMT
Connection
close
Content-Length
47
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/
2 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1860009580&t=pageview&_s=1&dl=http%3A%2F%2Fcdc.loxblog.com%2F&ul=en-us&de=UTF-8&dt=Cult_of_the_Dead_cow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1858803808&gjid=1485540017&cid=1717569091.1663842570&tid=UA-52170159-2&_gid=1056077934.1663842570&_r=1&_slc=1&z=1752170139
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cdc.loxblog.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 10:29:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://cdc.loxblog.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| GetBC function| OpenLD object| Behaviour function| getAllChildren object| xmlhttp function| myXMLHttpRequest function| sndReq function| handleResponse function| changeText object| ratingAction object| BlogComments object| CommentID function| SendComment function| setCommentID function| SendProComment number| intTimeZone string| strBlogId number| intCount string| strResult string| strUrl function| Clear function| getol string| GoogleAnalyticsObject function| ga function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| h undefined| sheet string| selector string| token object| list undefined| element

13 Cookies

Domain/Path Name / Value
cdc.loxblog.com/ Name: lxbmobitel6first
Value: 1663842549
cdc.loxblog.com/ Name: PHPSESSID
Value: p9j5jm10g2q12e11tgen6f4l06
cdc.loxblog.com/ Name: loxscode65465a45c6798vb26t24e6regnews
Value: 33829
cdc.loxblog.com/ Name: HstCfa1408941
Value: 1663842570048
cdc.loxblog.com/ Name: HstCla1408941
Value: 1663842570048
cdc.loxblog.com/ Name: HstCmu1408941
Value: 1663842570048
cdc.loxblog.com/ Name: HstPn1408941
Value: 1
cdc.loxblog.com/ Name: HstPt1408941
Value: 1
cdc.loxblog.com/ Name: HstCnv1408941
Value: 1
cdc.loxblog.com/ Name: HstCns1408941
Value: 1
.loxblog.com/ Name: _ga
Value: GA1.2.1717569091.1663842570
.loxblog.com/ Name: _gid
Value: GA1.2.1056077934.1663842570
.loxblog.com/ Name: _gat
Value: 1

10 Console Messages

Source Level URL
Text
network error URL: http://mahtarin.com/weblog/02.jpg
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: http://fastwebcounter.com/secure.php?s=http://cdc.loxblog.com
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: http://mahtarin.com/weblog/0386.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: http://mahtarin.com/weblog/01.jpg
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: http://mahtarin.com/weblog/logo3.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: http://mahtarin.com/weblog/05.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: http://mahtarin.com/weblog/0486.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: http://cdc.loxblog.com/(Line 518)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://cdc.loxblog.com/(Line 518)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://mahtarin.com/weblog/03.jpg
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdc.loxblog.com
fastwebcounter.com
loxblog.com
loxblog.ir
mahtarin.com
s10.histats.com
s4.histats.com
www.everycounter.com
www.google-analytics.com
www.loxbazar.com
185.173.105.107
192.99.8.34
202.61.132.81
2a00:1450:400d:80d::200e
46.105.201.240
5.196.248.30
75.2.18.233
36d0967a36cbfbb9d0630a0de8d75b2c7e7b7872178fa4427e75d4ffae1945aa
4090001f55255bdb4519de7fed724ca7392cdfd2d6301e0a8c8cf344569e4d7e
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
61a350d328b01cb7bb55e6ceab874fb17ea8dcd3850fa7eafaf64d4ece757daf
632bf9fa2ec4e388d9f4ad9ab29ac99a6ac3b64ff363b366ee3bd94316b69aa6
8156ed91e0e75cb46eba9a007e229afc98ce39a2d15fa3452a7f2ae48095ec22
9b7f0a0b3c2c758db95c6d7e4dafec692a5e4840944d08e3b21b7ee35551eee2
9db8eaa135d6b278702455038cf83ad4dfa5d83086a6922ac7e59ef36a25ce6b
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
b99088ae894f62d909d97af053c095cce2fbb8ed9d6d3a980ac83040131d2f60
ce675adc6c4f5471a97c3724bf1375c4fc53385dfed155c272430799885f0fdd
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
dd6f62fdcba8cfda2f767a5a120e54cbebc5184cc8b5dc86c51216db5629a748
e11f13e4ce9f7cfddd8a7d1f7a434da973ffa5ca151747538208b90dccd80e04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd1602d8486ea7ce98230ba3df1fb63035f49bb5c1651900fbdc4791f75cf6e8