urlscan.io logo urlscan.io
SecurityTrails logo

lotteryvisa.xyz Open in urlscan Pro
79.127.127.68  Public Scan

Go To Rescan Add Verdict Report
URL: http://lotteryvisa.xyz/
Submission: On October 09 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 52 HTTP transactions. The main IP is 79.127.127.68, located in Iran, Islamic Republic Of and belongs to ASIATECH, IR. The main domain is lotteryvisa.xyz.
This is the only time lotteryvisa.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 79.127.127.68 43754 (ASIATECH)
6 46.4.244.143 24940 (HETZNER-AS)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 79.175.171.162 25184 (AFRANET f...)
11 22 212.33.193.82 43754 (ASIATECH)
1 5.63.10.250 57497 (FARASOSAM...)
1 217.219.175.79 58224 (TCI)
2 185.49.84.241 43754 (ASIATECH)
1 1 45.89.138.244 208675 (ZARINPAL)
2 45.89.138.199 208675 (ZARINPAL)
1 78.157.43.149 41881 (FANAVA-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5.63.13.218 57497 (FARASOSAM...)
11 5.63.11.154 57497 (FARASOSAM...)
52 16
6    79.127.127.68 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
lotteryvisa.xyz
www.rozblog.com
6    46.4.244.143 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h4.hostdl.com
www.cartesabz.net
3    2606:4700:3036::ac43:ca55 (United States)

ASN13335 (CLOUDFLARENET, US)
theme.blogfa.com
2    79.175.171.162 (Iran, Islamic Republic Of)

ASN25184 (AFRANET from AS58267 accept AS58267, IR)
formafzar.com
22    212.33.193.82 (Ukraine)

ASN43754 (ASIATECH, IR)
uupload.ir
1    5.63.10.250 (Tehran, Iran, Islamic Republic Of)

ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: 5-63-10-250.faraso.org
ostorehsazan.com
1    217.219.175.79 (Sari, Iran, Islamic Republic Of)

ASN58224 (TCI, IR)
quran.iaumazandaran.ir
2    185.49.84.241 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)
PTR: hosted-by.hostdl.com.asiatech.ir
1abzar.ir
1    45.89.138.244 (Iran, Islamic Republic Of)

ASN208675 (ZARINPAL, IR)
www.zarinpal.com
2    45.89.138.199 (Iran, Islamic Republic Of)

ASN208675 (ZARINPAL, IR)
cdn.zarinpal.com
1    78.157.43.149 (Iran, Islamic Republic Of)

ASN41881 (FANAVA-AS Fanava Group Communication Co., IR)
logo.samandehi.ir
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    5.63.13.218 (Tehran, Iran, Islamic Republic Of)

ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: myserver.goftino.com
www.goftino.com
11    5.63.11.154 (Tehran, Iran, Islamic Republic Of)

ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: 5-63-11-154.faraso.org
cdn.goftino.com
Domain Requested by
22 uupload.ir 11 redirects lotteryvisa.xyz
11 cdn.goftino.com www.goftino.com
cdn.goftino.com
6 www.cartesabz.net lotteryvisa.xyz
www.cartesabz.net
3 theme.blogfa.com lotteryvisa.xyz
theme.blogfa.com
3 www.rozblog.com 1 redirects lotteryvisa.xyz
3 lotteryvisa.xyz 1 redirects lotteryvisa.xyz
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.zarinpal.com lotteryvisa.xyz
2 1abzar.ir lotteryvisa.xyz
2 formafzar.com lotteryvisa.xyz
formafzar.com
1 www.goftino.com lotteryvisa.xyz
1 www.googletagmanager.com lotteryvisa.xyz
1 logo.samandehi.ir lotteryvisa.xyz
1 www.zarinpal.com 1 redirects
1 quran.iaumazandaran.ir lotteryvisa.xyz
1 ostorehsazan.com lotteryvisa.xyz
52 16

This site contains links to these domains. Also see Links.

Domain
www.lotteryvisa.xyz
www.1abzar.com
t.me
www.instagram.com
www.bpi.ir
www.shaparak.ir
Subject Issuer Validity Valid
www.cartesabz.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
www.formafzar.com
Certum Domain Validation CA SHA2		 2020-05-14 -
2021-05-14		 a year crt.sh
uupload.ir
Let's Encrypt Authority X3		 2020-10-06 -
2021-01-04		 3 months crt.sh
www.ostorehsazan.com
Let's Encrypt Authority X3		 2020-09-09 -
2020-12-08		 3 months crt.sh
tools.1abzar.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-28 -
2020-12-30		 2 years crt.sh
*.zarinpal.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-13 -
2022-04-13		 2 years crt.sh
logo.samandehi.ir
Certum Domain Validation CA SHA2		 2020-08-25 -
2021-08-25		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
goftino.com
Let's Encrypt Authority X3		 2020-10-07 -
2021-01-05		 3 months crt.sh
cdn.goftino.com
Let's Encrypt Authority X3		 2020-09-27 -
2020-12-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://lotteryvisa.xyz/
Frame ID: 9FACC57B36A06A17CFE9E85381838491
Requests: 41 HTTP requests in this frame

Frame: https://cdn.goftino.com/static/assets/css/client.css?v=17
Frame ID: AD86229C2BFAED55764600B25324799D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

52
Requests

75 %
HTTPS

25 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

1042 kB
Transfer

1743 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.rozblog.com/a/?6547035743903396 HTTP 301
  • http://www.rozblog.com/
Request Chain 8
  • http://uupload.ir/files/j0kl_dvlottery.png HTTP 301
  • https://uupload.ir/files/j0kl_dvlottery.png
Request Chain 11
  • http://uupload.ir/files/qtnp_ico-644.png HTTP 301
  • https://uupload.ir/files/qtnp_ico-644.png
Request Chain 12
  • http://uupload.ir/files/zecz_iran_9000.png HTTP 301
  • https://uupload.ir/files/zecz_iran_9000.png
Request Chain 13
  • http://uupload.ir/files/r6o_history-timeline-icon-33.png HTTP 301
  • https://uupload.ir/files/r6o_history-timeline-icon-33.png
Request Chain 14
  • http://uupload.ir/files/8y6s_icon-tas.png HTTP 301
  • https://uupload.ir/files/8y6s_icon-tas.png
Request Chain 15
  • http://uupload.ir/files/nv7_green-tick-icon-0.png HTTP 301
  • https://uupload.ir/files/nv7_green-tick-icon-0.png
Request Chain 16
  • http://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png HTTP 301
  • https://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png
Request Chain 17
  • http://uupload.ir/files/6lyr_rahnama-3.png HTTP 301
  • https://uupload.ir/files/6lyr_rahnama-3.png
Request Chain 18
  • http://uupload.ir/files/4x2g_2022lott.jpg HTTP 301
  • https://uupload.ir/files/4x2g_2022lott.jpg
Request Chain 22
  • http://lotteryvisa.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP 301
  • http://www.rozblog.com/
Request Chain 23
  • https://www.zarinpal.com/webservice/TrustCode HTTP 301
  • https://cdn.zarinpal.com/trustlogo/v1/trustlogo.js
Request Chain 25
  • http://uupload.ir/files/2mg_pasargad.png HTTP 301
  • https://uupload.ir/files/2mg_pasargad.png
Request Chain 26
  • http://uupload.ir/files/zuis_shaparak-1.png HTTP 301
  • https://uupload.ir/files/zuis_shaparak-1.png

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
lotteryvisa.xyz/ 		52 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
79.127.127.68 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
42b0380df326d2ea7b207741371935bc84ff9ad02d141475dd38a13ebd09f121

Request headers

Host
lotteryvisa.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-language
fa
Set-Cookie
PHPSESSID=977615a66b921d083df9e80f3b0d889e; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
LiteSpeed
/
www.rozblog.com/
Redirect Chain
  • https://www.rozblog.com/a/?6547035743903396
  • http://www.rozblog.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.rozblog.com/
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
79.127.127.68 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
server
LiteSpeed
status
301
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
location
http://www.rozblog.com/
cache-control
no-store, no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
site.js
lotteryvisa.xyz/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://lotteryvisa.xyz/js/site.js
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
79.127.127.68 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
2deb523ce3c0563af7f939ef3be9c6774053f458ccd9fb21e6973e1540a03cd1

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jun 2018 14:34:24 GMT
Server
LiteSpeed
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6565
Expires
Fri, 16 Oct 2020 15:57:44 GMT
bootstrap.min.css
www.cartesabz.net/register/css/ 		119 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cartesabz.net/register/css/bootstrap.min.css
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
last-modified
Wed, 13 Feb 2019 10:52:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18275
expires
Fri, 16 Oct 2020 15:57:44 GMT
style.css
www.cartesabz.net/register/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cartesabz.net/register/style.css
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
ef78e57f41c3e9995c3a10e0513624c3810852269a6015cc85966a0fa546fb9a

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
last-modified
Mon, 24 Feb 2020 11:16:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9357
expires
Fri, 16 Oct 2020 15:57:44 GMT
jquery.js
www.cartesabz.net/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cartesabz.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2019 07:01:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
32853
expires
Fri, 16 Oct 2020 15:57:44 GMT
bootstrap.min.js
www.cartesabz.net/register/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cartesabz.net/register/js/bootstrap.min.js
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
last-modified
Wed, 13 Feb 2019 10:52:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10518
expires
Fri, 16 Oct 2020 15:57:44 GMT
style.css
theme.blogfa.com/aban/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theme.blogfa.com/aban/style.css
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:ca55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eefd16cf688dad33e16fff9baaf1993268656fdb7059bab206a122d8edd0545

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5851
status
200
cf-request-id
05afae2d8f0000d6d54018b200000001
last-modified
Sat, 24 Aug 2019 21:44:15 GMT
server
cloudflare
etag
W/"72242e13c55ad51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602259064"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=10800
cf-ray
5df94c8f49c9d6d5-FRA
ravesh-formbuilder.js
formafzar.com/pages/formbuilder/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formafzar.com/pages/formbuilder/ravesh-formbuilder.js
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.175.171.162 , Iran, Islamic Republic Of, ASN25184 (AFRANET from AS58267 accept AS58267, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29ecd8308ef0e26cb3ecdde177fc2ec65f3b09277b092ef785b60badcabcc595

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:56:13 GMT
content-encoding
gzip
etag
"801af65027c5d51:0"
last-modified
Tue, 07 Jan 2020 06:54:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
3964
j0kl_dvlottery.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/j0kl_dvlottery.png
  • https://uupload.ir/files/j0kl_dvlottery.png
67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/j0kl_dvlottery.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
a204ed73711571ffce4a55506e2384eca8b273e5280dae8901b2a6e9a6e0dbe2

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 13:33:49 GMT
Server
nginx
ETag
"5f5b7cbd-10d85"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68997

Redirect headers

Location
https://uupload.ir/files/j0kl_dvlottery.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
buy-now-button.jpg
ostorehsazan.com/wp-content/uploads/2017/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ostorehsazan.com/wp-content/uploads/2017/02/buy-now-button.jpg
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.10.250 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-10-250.faraso.org
Software
/
Resource Hash
6f46c1ab42dd4fc7f81da7e7df0f045e3f183ddeac853a679006af6f1b653c6e

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
last-modified
Mon, 28 May 2018 07:17:29 GMT
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
19910
expires
Fri, 16 Oct 2020 15:57:44 GMT
rahnama-2-1.png
quran.iaumazandaran.ir/media/18514/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://quran.iaumazandaran.ir/media/18514/rahnama-2-1.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
217.219.175.79 Sari, Iran, Islamic Republic Of, ASN58224 (TCI, IR),
Reverse DNS
Software
/
Resource Hash
dcc9f737b1510f27d27d188cc3a2f8d0402297f51c00986185f5a0a044948322
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=10886400; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 23 Aug 2020 11:47:07 GMT
ETag
"a0cad5204379d61:0"
X-Frame-Options
sameorigin
Content-Type
image/png
Date
Fri, 09 Oct 2020 15:20:55 GMT
Accept-Ranges
bytes
Content-Length
133647
X-XSS-Protection
1; mode=block
qtnp_ico-644.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/qtnp_ico-644.png
  • https://uupload.ir/files/qtnp_ico-644.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/qtnp_ico-644.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
b46df236f2489950931a34cb88f892bdeba8eefc3b7a9d912b6bb0f5031e2e08

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 11:05:15 GMT
Server
nginx
ETag
"5f5b59eb-1ae2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6882

Redirect headers

Location
https://uupload.ir/files/qtnp_ico-644.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
zecz_iran_9000.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/zecz_iran_9000.png
  • https://uupload.ir/files/zecz_iran_9000.png
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/zecz_iran_9000.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
b91edbc5c81e16f97a2669925bcd17e2a28d1200d8c3516b6e5713b2c206daab

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 11:06:57 GMT
Server
nginx
ETag
"5f5b5a51-da66"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55910

Redirect headers

Location
https://uupload.ir/files/zecz_iran_9000.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
r6o_history-timeline-icon-33.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/r6o_history-timeline-icon-33.png
  • https://uupload.ir/files/r6o_history-timeline-icon-33.png
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/r6o_history-timeline-icon-33.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
fa5d290ab26cde624da20cb8260b10659c0dc96600e0b6323d172311abaecbdc

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 11:07:39 GMT
Server
nginx
ETag
"5f5b5a7b-57e9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22505

Redirect headers

Location
https://uupload.ir/files/r6o_history-timeline-icon-33.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
8y6s_icon-tas.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/8y6s_icon-tas.png
  • https://uupload.ir/files/8y6s_icon-tas.png
40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/8y6s_icon-tas.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
7f7a99258844a4779696d7eaa54129626d95a5298c7b2944fdd62a8bb445a1c3

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 11:08:27 GMT
Server
nginx
ETag
"5f5b5aab-9e4a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40522

Redirect headers

Location
https://uupload.ir/files/8y6s_icon-tas.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
nv7_green-tick-icon-0.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/nv7_green-tick-icon-0.png
  • https://uupload.ir/files/nv7_green-tick-icon-0.png
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/nv7_green-tick-icon-0.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
749d6fd2da56a03d76a1f903923b81ea00d5bf505a94988f7a0905990ef8f478

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 11 Sep 2020 11:08:52 GMT
Server
nginx
ETag
"5f5b5ac4-39ae"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14766

Redirect headers

Location
https://uupload.ir/files/nv7_green-tick-icon-0.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
2qtd_no_icon_white_x_on_red_circle.svg.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png
  • https://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
f960d756313cc58e8e2468443956116fc26f61ea1b5c87b50998c5dd26b58259

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:45 GMT
Last-Modified
Fri, 11 Sep 2020 11:09:14 GMT
Server
nginx
ETag
"5f5b5ada-6470"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25712

Redirect headers

Location
https://uupload.ir/files/2qtd_no_icon_white_x_on_red_circle.svg.png
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
6lyr_rahnama-3.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/6lyr_rahnama-3.png
  • https://uupload.ir/files/6lyr_rahnama-3.png
36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/6lyr_rahnama-3.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
990e2646dea3d6704fca593881429e77d9573c200de31402db310b5a0ed8cfd2

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:45 GMT
Last-Modified
Sat, 26 Sep 2020 17:21:49 GMT
Server
nginx
ETag
"5f6f78ad-8f95"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36757

Redirect headers

Location
https://uupload.ir/files/6lyr_rahnama-3.png
Date
Fri, 09 Oct 2020 15:57:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
4x2g_2022lott.jpg
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/4x2g_2022lott.jpg
  • https://uupload.ir/files/4x2g_2022lott.jpg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/4x2g_2022lott.jpg
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
100fc78b67a66695054669ec2517cc0e52c45e55273baca51f8c25a6b4e278c3

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Wed, 30 Sep 2020 14:04:38 GMT
Server
nginx
ETag
"5f749076-2b4b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11083

Redirect headers

Location
https://uupload.ir/files/4x2g_2022lott.jpg
Date
Fri, 09 Oct 2020 15:57:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
amar-v3-ramz.php
1abzar.ir/abzar/tools/stat/ 		258 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1abzar.ir/abzar/tools/stat/amar-v3-ramz.php?mod=4&amar=r2xxpwfvo0qvtouy-i1a6pave5eyt5&p=28a21341b5b61cfa25f1bd78c4fa55d3
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.84.241 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
cd85f5146b49ab5fce5155ee5374da7806366131e111fc74544715f51b39503f

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html
status
200
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
167
telegram-logo.png
www.cartesabz.net/register/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cartesabz.net/register/img/telegram-logo.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
2d988c109b29a205490255d6cddcf0f975425a69d4efdf684918f8d0f066d5ed

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
last-modified
Tue, 15 Sep 2020 11:18:27 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1547
expires
Fri, 16 Oct 2020 15:57:44 GMT
instagram-logo.png
www.cartesabz.net/register/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cartesabz.net/register/img/instagram-logo.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.244.143 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h4.hostdl.com
Software
LiteSpeed /
Resource Hash
d4ad3520f8e8f40883d4f577e83d745819761a7a57e4a5590b2812302c7f821f

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
last-modified
Tue, 15 Sep 2020 11:11:56 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1411
expires
Fri, 16 Oct 2020 15:57:44 GMT
/
www.rozblog.com/
Redirect Chain
  • http://lotteryvisa.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
  • http://www.rozblog.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.rozblog.com/
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
79.127.127.68 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 09 Oct 2020 15:57:44 GMT
Content-Encoding
gzip
Server
LiteSpeed
Vary
Accept-Encoding,User-Agent
Content-language
fa
Location
http://www.rozblog.com/
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Content-Length
20
Expires
Thu, 19 Nov 1981 08:52:00 GMT
trustlogo.js
cdn.zarinpal.com/trustlogo/v1/
Redirect Chain
  • https://www.zarinpal.com/webservice/TrustCode
  • https://cdn.zarinpal.com/trustlogo/v1/trustlogo.js
396 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zarinpal.com/trustlogo/v1/trustlogo.js
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR),
Reverse DNS
Software
nginx /
Resource Hash
54b9c7d04b9a9960d7b4262f8c5ab317c965138c5f7960809e5e2d2cc18137cd

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:43 GMT
Last-Modified
Wed, 09 Jan 2019 05:45:55 GMT
Server
nginx
ETag
"5c358a93-18c"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
396
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 09 Oct 2020 15:57:44 GMT
server
nginx
status
301
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
text/html
location
https://cdn.zarinpal.com/trustlogo/v1/trustlogo.js
content-length
162
x-request-id
5ed882edd689513bab6e945861bcaa24
logo.aspx
logo.samandehi.ir/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logo.samandehi.ir/logo.aspx?id=195977&p=nbpdbsiyujynbsiyyndtyndt
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
78.157.43.149 , Iran, Islamic Republic Of, ASN41881 (FANAVA-AS Fanava Group Communication Co., IR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3a1d1d042cda024e0545ef5282f5b84c1547884aa176f60d430eaa183127e56d

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:25 GMT
Cache-Control
private
Server
Microsoft-IIS/7.5
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
Content-Length
18156
Content-Type
image/png; charset=utf-8
2mg_pasargad.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/2mg_pasargad.png
  • https://uupload.ir/files/2mg_pasargad.png
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/2mg_pasargad.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
6825259c9be57014a64d034537c41ba14324d864c3e784f3ce0ae66241995179

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:45 GMT
Last-Modified
Sat, 26 Sep 2020 16:22:23 GMT
Server
nginx
ETag
"5f6f6abf-9bef"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39919

Redirect headers

Location
https://uupload.ir/files/2mg_pasargad.png
Date
Fri, 09 Oct 2020 15:57:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
zuis_shaparak-1.png
uupload.ir/files/
Redirect Chain
  • http://uupload.ir/files/zuis_shaparak-1.png
  • https://uupload.ir/files/zuis_shaparak-1.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uupload.ir/files/zuis_shaparak-1.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.33.193.82 , Ukraine, ASN43754 (ASIATECH, IR),
Reverse DNS
Software
nginx /
Resource Hash
dfc775442be1c9fb01e2642aeb664ff3aec54691b27601de5b842ca168017196

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:45 GMT
Last-Modified
Sat, 26 Sep 2020 16:31:56 GMT
Server
nginx
ETag
"5f6f6cfc-1752"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5970

Redirect headers

Location
https://uupload.ir/files/zuis_shaparak-1.png
Date
Fri, 09 Oct 2020 15:57:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30149400-1
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afc6a81232f55d701050135c4403b25183ac1b4185dfde8fbcf44226aaf5c295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:44 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37232
x-xss-protection
0
last-modified
Fri, 09 Oct 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Oct 2020 15:57:44 GMT
iframeSizer.js
formafzar.com/pages/formbuilder/scripts/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formafzar.com/pages/formbuilder/scripts/iframeSizer.js
Requested by
Host: formafzar.com
URL: https://formafzar.com/pages/formbuilder/ravesh-formbuilder.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
79.175.171.162 , Iran, Islamic Republic Of, ASN25184 (AFRANET from AS58267 accept AS58267, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e2a8c57e67862daf66678316894ff87b861890ff930bd48ef9b47199e80633c5

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:56:13 GMT
content-encoding
gzip
etag
"80441237340d51:0"
last-modified
Mon, 22 Jul 2019 09:52:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
5659
iransans-fa.d4bb655d.woff
www.cartesabz.net/register/fonts/ 		0
0
Vazir-Light.woff
theme.blogfa.com/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://theme.blogfa.com/fonts/Vazir-Light.woff
Requested by
Host: theme.blogfa.com
URL: https://theme.blogfa.com/aban/style.css
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:ca55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a26575091ed19343e6b0826c928bee8acb48e7832c9e0ba5dfbabce5777ccf9

Request headers

Origin
http://lotteryvisa.xyz
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Connection
keep-alive
cf-request-id
05afae2f2400002b4dfe13f200000001
Last-Modified
Mon, 12 Aug 2019 04:31:19 GMT
Server
cloudflare
ETag
W/"80c566c9c650d51:0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602259065"}],"group":"cf-nel","max_age":604800}
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
CF-RAY
5df94c91d9062b4d-FRA
Access-Control-Allow-Headers
Content-Type
Vazir-Bold.woff
theme.blogfa.com/fonts/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://theme.blogfa.com/fonts/Vazir-Bold.woff
Requested by
Host: theme.blogfa.com
URL: https://theme.blogfa.com/aban/style.css
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:ca55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293a885366c9c45b22769a79c42e63367b6ecc58aa4a997d0ec60d4d8fdbf107

Request headers

Origin
http://lotteryvisa.xyz
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:45 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Connection
keep-alive
cf-request-id
05afae2f810000d6ed2385a200000001
Last-Modified
Mon, 12 Aug 2019 04:31:16 GMT
Server
cloudflare
ETag
W/"029dc7c650d51:0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602259065"}],"group":"cf-nel","max_age":604800}
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
CF-RAY
5df94c926e14d6ed-FRA
Access-Control-Allow-Headers
Content-Type
stat-4.png
1abzar.ir/abzar/tools/stat/pic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1abzar.ir/abzar/tools/stat/pic/stat-4.png
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Server
185.49.84.241 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),
Reverse DNS
hosted-by.hostdl.com.asiatech.ir
Software
LiteSpeed /
Resource Hash
c2e653e1bd00ba7fe78c2642a29752049d281f22851238c16bd5a5d8e6d4f493

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Last-Modified
Fri, 04 Jul 2014 12:08:18 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2748
Expires
Fri, 16 Oct 2020 15:57:44 GMT
glyphicons-halflings-regular.woff2
www.cartesabz.net/register/fonts/ 		0
0
glyphicons-halflings-regular.woff
www.cartesabz.net/register/fonts/ 		0
0
glyphicons-halflings-regular.ttf
www.cartesabz.net/register/fonts/ 		0
0
1.svg
cdn.zarinpal.com/badges/trustLogo/ 		30 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zarinpal.com/badges/trustLogo/1.svg
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.89.138.199 , Iran, Islamic Republic Of, ASN208675 (ZARINPAL, IR),
Reverse DNS
Software
nginx /
Resource Hash
d3be5de83d4330282e38f3957faad6285a9948db5fbac2022fa5b41cb01101de

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 15:57:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jan 2019 05:45:19 GMT
Server
nginx
ETag
W/"5c358a6f-76aa"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30149400-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
2525
date
Fri, 09 Oct 2020 15:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 09 Oct 2020 17:15:39 GMT
collect
www.google-analytics.com/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1206794425&t=pageview&_s=1&dl=http%3A%2F%2Flotteryvisa.xyz%2F&ul=en-us&de=UTF-8&dt=%D8%AB%D8%A8%D8%AA%20%D9%86%D8%A7%D9%85%20%D9%84%D8%A7%D8%AA%D8%A7%D8%B1%DB%8C%20%DA%AF%D8%B1%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%D8%AA%20%D8%A2%D9%85%D8%B1%DB%8C%DA%A9%D8%A7%202022%2C2021%2C2020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=733631831&gjid=262481864&cid=1455107443.1602259065&tid=UA-30149400-1&_gid=1307132702.1602259065&_r=1&gtm=2ou9u1&z=270400870
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Oct 2020 15:57:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://lotteryvisa.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
c0cJ5L
www.goftino.com/widget/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.goftino.com/widget/c0cJ5L
Requested by
Host: lotteryvisa.xyz
URL: http://lotteryvisa.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.13.218 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
myserver.goftino.com
Software
nginx /
Resource Hash
537b67f9469d43dcfb2840f77b849b566dad95a6428dc5b0d8bf366339b043a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:45 GMT
content-encoding
gzip
referrer-policy
unsafe-url
server
nginx
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
client.css
cdn.goftino.com/static/assets/css/ Frame AD86 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/css/client.css?v=17
Requested by
Host: www.goftino.com
URL: https://www.goftino.com/widget/c0cJ5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
5a6cf583a0a1eebfb3d559d89a0269a4006d8c693b47631e13a8d08c9db06acd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 21:02:11 GMT
server
nginx
etag
W/"5f1211d3-af6e"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=63072000; includeSubdomains; preload
expires
Sat, 09 Oct 2021 15:57:46 GMT
socket.io.js
cdn.goftino.com/static/ Frame AD86 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/socket.io.js
Requested by
Host: www.goftino.com
URL: https://www.goftino.com/widget/c0cJ5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 09:36:09 GMT
server
nginx
status
200
etag
W/"5f632e09-f3d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
expires
Sat, 09 Oct 2021 15:57:46 GMT
client.js
cdn.goftino.com/static/assets/js/ Frame AD86 		295 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/js/client.js?v=4
Requested by
Host: www.goftino.com
URL: https://www.goftino.com/widget/c0cJ5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
ce26cab62426c2276eb16dc8022c107075887dcf4cf74b29873cb3c6540583ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 23:51:57 GMT
server
nginx
etag
W/"5ea7701d-49cfa"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=63072000; includeSubdomains; preload
expires
Sat, 09 Oct 2021 15:57:46 GMT
user.js
cdn.goftino.com/static/ Frame AD86 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/user.js?v=26
Requested by
Host: www.goftino.com
URL: https://www.goftino.com/widget/c0cJ5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
40851434a3747dc83302ccd31b3a68448dc399da54fb16b5e9b81c47053367ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 15:00:55 GMT
server
nginx
etag
W/"5f734c27-ac3b"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=63072000; includeSubdomains; preload
expires
Sat, 09 Oct 2021 15:57:46 GMT
5f3fb2dc7ea1a852dd30c52d8yvw.png
cdn.goftino.com/profile/ Frame AD86 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.goftino.com/profile/5f3fb2dc7ea1a852dd30c52d8yvw.png
Requested by
Host: www.goftino.com
URL: https://www.goftino.com/widget/c0cJ5L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
a10737630dfd7f51738f914023182efe84cd28bc525a53adc6669d9bbf7e5626
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
last-modified
Fri, 21 Aug 2020 11:58:32 GMT
server
nginx
etag
"5f3fb6e8-183d"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6205
expires
Sat, 09 Oct 2021 15:57:46 GMT
5f3fb2dc7ea1a852dd30c52dc0ic.jpg
cdn.goftino.com/profile/ Frame AD86 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.goftino.com/profile/5f3fb2dc7ea1a852dd30c52dc0ic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
7d1943d3470cb0f82c936b5b71b468e8469fd4d2595949403442c81807fceda6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:46 GMT
last-modified
Tue, 08 Sep 2020 08:50:02 GMT
server
nginx
etag
"5f5745ba-68c0"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26816
expires
Sat, 09 Oct 2021 15:57:46 GMT
client-step2.css
cdn.goftino.com/static/assets/css/ Frame AD86 		367 B
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/css/client-step2.css
Requested by
Host: cdn.goftino.com
URL: https://cdn.goftino.com/static/assets/js/client.js?v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
4b76ac6ebb7de2960fff7753da2495dd21c9cf8cf3588ee351f5a0ca9693c162
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:50 GMT
last-modified
Mon, 27 Apr 2020 23:51:57 GMT
server
nginx
etag
"5ea7701d-16f"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
367
expires
Sat, 09 Oct 2021 15:57:50 GMT
5f3fb2dc7ea1a852dd30c52dc0ic.jpg
cdn.goftino.com/profile/ Frame AD86 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.goftino.com/profile/5f3fb2dc7ea1a852dd30c52dc0ic.jpg
Requested by
Host: cdn.goftino.com
URL: https://cdn.goftino.com/static/assets/js/client.js?v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
7d1943d3470cb0f82c936b5b71b468e8469fd4d2595949403442c81807fceda6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:50 GMT
last-modified
Tue, 08 Sep 2020 08:50:02 GMT
server
nginx
etag
"5f5745ba-68c0"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26816
expires
Sat, 09 Oct 2021 15:57:50 GMT
s(6).mp3
cdn.goftino.com/static/assets/sound/ Frame AD86 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/sound/s(6).mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
978914af1648ffa80dc4cd0628dc631d732a7364915ca19c5e0871b07a1c11fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 09 Oct 2020 15:57:50 GMT
last-modified
Mon, 27 Apr 2020 23:51:57 GMT
server
nginx
status
206
etag
"5ea7701d-13b1"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
audio/mpeg
Content-Range
bytes 0-5040/5041
cache-control
max-age=31536000
Content-Length
5041
expires
Sat, 09 Oct 2021 15:57:50 GMT
record.mp3
cdn.goftino.com/static/assets/sound/ Frame AD86 		15 KB
15 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/sound/record.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
8858e422d8cbf1fd6fc0c8fc1c0568e14d8a7717028906bb28c40dbd47e29807
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://lotteryvisa.xyz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 09 Oct 2020 15:57:50 GMT
last-modified
Mon, 27 Apr 2020 23:51:57 GMT
server
nginx
status
206
etag
"5ea7701d-3acc"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
audio/mpeg
Content-Range
bytes 0-15051/15052
cache-control
max-age=31536000
Content-Length
15052
expires
Sat, 09 Oct 2021 15:57:50 GMT
IRANSansWeb(FaNum)_Light.woff
cdn.goftino.com/static/assets/css/ Frame AD86 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.goftino.com/static/assets/css/IRANSansWeb(FaNum)_Light.woff
Requested by
Host: cdn.goftino.com
URL: https://cdn.goftino.com/static/assets/css/client-step2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.63.11.154 Tehran, Iran, Islamic Republic Of, ASN57497 (FARASOSAMANEHPASARGAD, IR),
Reverse DNS
5-63-11-154.faraso.org
Software
nginx /
Resource Hash
7a50209d4f85ea2217d7151bc5c87776ee4df5a1b11893f69b5a5a1613a46658

Request headers

Origin
http://lotteryvisa.xyz
Referer
https://cdn.goftino.com/static/assets/css/client-step2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 15:57:50 GMT
last-modified
Mon, 27 Apr 2020 23:51:57 GMT
server
nginx
etag
"5ea7701d-8b7d"
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
content-length
35709
expires
Sat, 09 Oct 2021 15:57:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cartesabz.net
URL
https://www.cartesabz.net/register/fonts/iransans-fa.d4bb655d.woff
Domain
www.cartesabz.net
URL
https://www.cartesabz.net/register/fonts/glyphicons-halflings-regular.woff2
Domain
www.cartesabz.net
URL
https://www.cartesabz.net/register/fonts/glyphicons-halflings-regular.woff
Domain
www.cartesabz.net
URL
https://www.cartesabz.net/register/fonts/glyphicons-halflings-regular.ttf

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes object| BlogComments string| text_1 string| text_2 string| text_3 string| text_4 string| text_5 string| text_6 function| Rate function| close_rate function| getElementPosition string| Mail_txt1 string| Mail_txt2 string| Mail_txt3 string| Mail_txt4 string| Mail_txt5 string| Mail_txt6 function| load_ajax_pop function| Show_Smiles_1 function| pos_div_1 function| SM_1 function| Del_Cooki_1 function| Ads_Submit_Click function| Fast_Register function| Link_Auto function| Login_Ajax function| RB_Register function| Comment_Ajax function| RB_Contact function| Forum_Page function| load_ajax function| Show_Smiles function| pos_div function| SM function| Del_Cooki function| close_rate_m function| Register_Mail function| Display_smiles object| CommentID function| SendComment function| setCommentID string| ML string| MI string| OT number| j undefined| $ function| jQuery object| jQuery11240452610477041653 function| initIframeSizer function| iFrameResize function| showZPTrust object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Goftino object| goftino_iframe string| goftino_html object| ff function| goftinoRemoveLoad string| o object| n

4 Cookies

Domain/Path Name / Value
.lotteryvisa.xyz/ Name: _gat_gtag_UA_30149400_1
Value: 1
.lotteryvisa.xyz/ Name: _gid
Value: GA1.2.1307132702.1602259065
.lotteryvisa.xyz/ Name: _ga
Value: GA1.2.1455107443.1602259065
lotteryvisa.xyz/ Name: PHPSESSID
Value: 977615a66b921d083df9e80f3b0d889e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1abzar.ir
cdn.goftino.com
cdn.zarinpal.com
formafzar.com
logo.samandehi.ir
lotteryvisa.xyz
ostorehsazan.com
quran.iaumazandaran.ir
theme.blogfa.com
uupload.ir
www.cartesabz.net
www.goftino.com
www.google-analytics.com
www.googletagmanager.com
www.rozblog.com
www.zarinpal.com
www.cartesabz.net
185.49.84.241
212.33.193.82
217.219.175.79
2606:4700:3036::ac43:ca55
2a00:1450:4001:816::2008
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::200e
45.89.138.199
45.89.138.244
46.4.244.143
5.63.10.250
5.63.11.154
5.63.13.218
78.157.43.149
79.127.127.68
79.175.171.162
100fc78b67a66695054669ec2517cc0e52c45e55273baca51f8c25a6b4e278c3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1eefd16cf688dad33e16fff9baaf1993268656fdb7059bab206a122d8edd0545
293a885366c9c45b22769a79c42e63367b6ecc58aa4a997d0ec60d4d8fdbf107
29ecd8308ef0e26cb3ecdde177fc2ec65f3b09277b092ef785b60badcabcc595
2d988c109b29a205490255d6cddcf0f975425a69d4efdf684918f8d0f066d5ed
2deb523ce3c0563af7f939ef3be9c6774053f458ccd9fb21e6973e1540a03cd1
3a1d1d042cda024e0545ef5282f5b84c1547884aa176f60d430eaa183127e56d
40851434a3747dc83302ccd31b3a68448dc399da54fb16b5e9b81c47053367ee
42b0380df326d2ea7b207741371935bc84ff9ad02d141475dd38a13ebd09f121
4b76ac6ebb7de2960fff7753da2495dd21c9cf8cf3588ee351f5a0ca9693c162
537b67f9469d43dcfb2840f77b849b566dad95a6428dc5b0d8bf366339b043a4
54b9c7d04b9a9960d7b4262f8c5ab317c965138c5f7960809e5e2d2cc18137cd
5a6cf583a0a1eebfb3d559d89a0269a4006d8c693b47631e13a8d08c9db06acd
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6825259c9be57014a64d034537c41ba14324d864c3e784f3ce0ae66241995179
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f46c1ab42dd4fc7f81da7e7df0f045e3f183ddeac853a679006af6f1b653c6e
749d6fd2da56a03d76a1f903923b81ea00d5bf505a94988f7a0905990ef8f478
7a26575091ed19343e6b0826c928bee8acb48e7832c9e0ba5dfbabce5777ccf9
7a50209d4f85ea2217d7151bc5c87776ee4df5a1b11893f69b5a5a1613a46658
7d1943d3470cb0f82c936b5b71b468e8469fd4d2595949403442c81807fceda6
7f7a99258844a4779696d7eaa54129626d95a5298c7b2944fdd62a8bb445a1c3
8858e422d8cbf1fd6fc0c8fc1c0568e14d8a7717028906bb28c40dbd47e29807
978914af1648ffa80dc4cd0628dc631d732a7364915ca19c5e0871b07a1c11fb
990e2646dea3d6704fca593881429e77d9573c200de31402db310b5a0ed8cfd2
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a10737630dfd7f51738f914023182efe84cd28bc525a53adc6669d9bbf7e5626
a204ed73711571ffce4a55506e2384eca8b273e5280dae8901b2a6e9a6e0dbe2
afc6a81232f55d701050135c4403b25183ac1b4185dfde8fbcf44226aaf5c295
b46df236f2489950931a34cb88f892bdeba8eefc3b7a9d912b6bb0f5031e2e08
b91edbc5c81e16f97a2669925bcd17e2a28d1200d8c3516b6e5713b2c206daab
c2e653e1bd00ba7fe78c2642a29752049d281f22851238c16bd5a5d8e6d4f493
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
cd85f5146b49ab5fce5155ee5374da7806366131e111fc74544715f51b39503f
ce26cab62426c2276eb16dc8022c107075887dcf4cf74b29873cb3c6540583ff
d3be5de83d4330282e38f3957faad6285a9948db5fbac2022fa5b41cb01101de
d4ad3520f8e8f40883d4f577e83d745819761a7a57e4a5590b2812302c7f821f
dcc9f737b1510f27d27d188cc3a2f8d0402297f51c00986185f5a0a044948322
dfc775442be1c9fb01e2642aeb664ff3aec54691b27601de5b842ca168017196
e2a8c57e67862daf66678316894ff87b861890ff930bd48ef9b47199e80633c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef78e57f41c3e9995c3a10e0513624c3810852269a6015cc85966a0fa546fb9a
f960d756313cc58e8e2468443956116fc26f61ea1b5c87b50998c5dd26b58259
fa5d290ab26cde624da20cb8260b10659c0dc96600e0b6323d172311abaecbdc