urlscan.io logo urlscan.io
SecurityTrails logo

xattar.ir Open in urlscan Pro
185.169.6.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xattar.ir/
Effective URL: https://xattar.ir/
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 15 domains to perform 26 HTTP transactions. The main IP is 185.169.6.226, located in Tehran, Iran, Islamic Republic Of and belongs to Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR. The main domain is xattar.ir.
TLS certificate: Issued by R11 on November 17th 2024. Valid for: 3 months.
This is the only time xattar.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.169.6.226 59441 (Hostiran-...)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
6 104.18.28.104 13335 (CLOUDFLAR...)
2 142.250.185.110 15169 (GOOGLE)
1 172.67.151.78 13335 (CLOUDFLAR...)
2 216.58.206.67 15169 (GOOGLE)
1 94.182.186.124 31549 (RASANA Ar...)
26 10
6    185.169.6.226 (Tehran, Iran, Islamic Republic Of)

ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR)
PTR: 185.169.6.226.static.hostiran.name
xattar.ir
xattar.loxblog.com
www.loxbazar.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
6    104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
2    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
1    172.67.151.78 (United States)

ASN13335 (CLOUDFLARENET, US)
e0.pxfuel.com
2    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f3.1e100.net
fonts.gstatic.com
1    94.182.186.124 (Iran, Islamic Republic Of)

ASN31549 (RASANA Aria Shatel PJSC, IR)
PTR: 94-182-186-124.shatel.ir
uploadkon.ir
Apex Domain
Subdomains		 Transfer
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 21493
122 KB
3 xattar.ir
xattar.ir
8 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 loxblog.com
xattar.loxblog.com
633 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
83 KB
1 uploadkon.ir
uploadkon.ir
4 KB
1 pxfuel.com
e0.pxfuel.com — Cisco Umbrella Rank: 144899
24 KB
1 loxbazar.com
www.loxbazar.com
425 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
937 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
27 KB
0 histats.com Failed
s10.histats.com Failed
0 fontonline.ir Failed
www.fontonline.ir Failed
0 w3schools.com Failed
www.w3schools.com Failed
0 1abzaar.ir Failed
1abzaar.ir Failed
26 15
Domain Requested by
6 client.crisp.chat xattar.ir
client.crisp.chat
3 xattar.ir xattar.ir
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com xattar.ir
www.google-analytics.com
2 xattar.loxblog.com xattar.ir
2 maxcdn.bootstrapcdn.com xattar.ir
maxcdn.bootstrapcdn.com
1 uploadkon.ir
1 e0.pxfuel.com xattar.ir
1 www.loxbazar.com xattar.ir
1 fonts.googleapis.com xattar.ir
1 cdnjs.cloudflare.com xattar.ir
0 s10.histats.com Failed xattar.ir
0 www.fontonline.ir Failed xattar.ir
0 www.w3schools.com Failed xattar.ir
0 1abzaar.ir Failed xattar.ir
26 15

This site contains links to these domains. Also see Links.

Domain
binazirgraphic.ir
www.1abzar.com
xattar.loxblog.com
discord.gg
www.histats.com
Subject Issuer Validity Valid
*.loxblog.com
R11		 2024-11-17 -
2025-02-15		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
crisp.chat
WE1		 2025-01-07 -
2025-04-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
pxfuel.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
uploadkon.ir
R10		 2024-12-22 -
2025-03-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xattar.ir/
Frame ID: 64F2648E6C026ABD587FBC63BD248F98
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

-VIENNA-

Page URL History Show full URLs

  1. http://xattar.ir/ HTTP 307
    https://xattar.ir/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

69 %
HTTPS

0 %
IPv6

15
Domains

15
Subdomains

10
IPs

3
Countries

955 kB
Transfer

1466 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xattar.ir/ HTTP 307
    https://xattar.ir/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xattar.ir/
Redirect Chain
  • http://xattar.ir/
  • https://xattar.ir/
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
682209aefb376c49bb13d0728b5ae9e110565dec5e6ccdcb407f57efaeb6257e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Jan 2025 10:56:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Transfer-Encoding
chunked

Redirect headers

Location
https://xattar.ir/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-1514f"
age
976540
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciic8bUIFwQUmfYr08kfV5J5VdRExTopNgvkt%2FhK9YlwIIHJ%2BB3P2UHmRB6iEHRx4IO2%2FCJZiSim2BsWBdox289OfQxOddTjzqdiWU6XrWuUcE8H4qWqgfGIPQ7YJwbIzTdxKmCX"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 31 Dec 2025 10:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ffc236dbeeb923e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27198
server
cloudflare
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xattar.ir
Referer
https://xattar.ir/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"269550530cc127b6aa5a35925a7de6ce"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/17/2024 22:45:09
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bf1c917e3d39efcc64972772354613fb
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8ffc236dbc74dbb1-FRA
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
css
fonts.googleapis.com/ 		1 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
60da819ba85767012394079537378fab17cbe253ad60969d994266ef4505d0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 10:56:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 10:56:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
images_(2).jpeg
xattar.loxblog.com/upload/x/xattar/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
1cde01ecd5e18d9e9d50e85962d98fa4d74ad137d83f530ee55665307f15750b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

ETag
"6619c80e-1a39"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6713
Date
Fri, 10 Jan 2025 10:56:05 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 12 Apr 2024 23:47:26 GMT
Server
nginx/1.18.0
welcomeImage.png
xattar.loxblog.com/upload/x/xattar/image/ 		626 KB
626 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
2650ca4e54680aa5bd59bd263b3cde2f9293bd8102c0048459f721d1d7fb66a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

ETag
"6619c594-9c8bc"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
641212
Date
Fri, 10 Jan 2025 10:56:05 GMT
Content-Type
image/png
Last-Modified
Fri, 12 Apr 2024 23:36:52 GMT
Server
nginx/1.18.0
smiley-cool.gif
xattar.ir/tiny_mce/plugins/emotions/img/ 		354 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.ir/tiny_mce/plugins/emotions/img/smiley-cool.gif
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
bb0e93a050a32df7913e4026b3c88a176998e0e3e073ba06e9b73f6c24227c9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

ETag
"635cf4ab-162"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
Date
Fri, 10 Jan 2025 10:56:04 GMT
Content-Type
image/gif
Last-Modified
Sat, 29 Oct 2022 09:38:51 GMT
Server
nginx/1.18.0
sckie.php
www.loxbazar.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.loxbazar.com/sckie.php?wid=923313
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Fri, 10 Jan 2025 10:56:05 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0
Connection
keep-alive
l.js
client.crisp.chat/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64e73b34-2428"
age
26868
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 10:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
application/javascript
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc236dd9f83a88-FRA
access-control-allow-origin
*
server
cloudflare
/
1abzaar.ir/abzar/tools/player/ 		0
0
w3.css
www.w3schools.com/lib/ 		0
0
Rezvan.css
www.fontonline.ir/css/ 		0
0
client.js
client.crisp.chat/static/javascripts/ 		375 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64e73b34-5dd52"
age
83453
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 08 Jan 2035 10:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
application/javascript
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc236dfa133a88-FRA
access-control-allow-origin
*
server
cloudflare
client_default.css
client.crisp.chat/static/stylesheets/ 		113 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"676e92ea-1c58d"
age
83453
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 08 Jan 2035 10:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 11:43:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc236dfa183a88-FRA
access-control-allow-origin
*
server
cloudflare
livecounter.php
xattar.ir/important/ 		20 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xattar.ir/important/livecounter.php?wid=923313&ads=1
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (Hostiran-Network NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.), IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
75cc01b49f3f72e151869f3a97aa2aa5153945a0eb88ea53d633198ba479aed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Fri, 10 Jan 2025 10:56:04 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

content-encoding
gzip
age
4343
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 11:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:43:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js15.js
s10.histats.com/ 		0
0
desktop-wallpaper-anime-red-mask-girl-laptop-background-and-discord-anime.jpg
e0.pxfuel.com/wallpapers/893/981/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e0.pxfuel.com/wallpapers/893/981/desktop-wallpaper-anime-red-mask-girl-laptop-background-and-discord-anime.jpg
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a953882f8b922fb65891cd4b4039fe140774475cf0fad600d11961e6e09c8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

cf-cache-status
MISS
etag
"62e35b70-5e26"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBeOdKc6a6tGuOSC4%2FuMq6GooYh1roaLOsrRQtRY0GAr7lRjn38%2BvfFS7bkwDewtDmr5x0MN7Xtr2whSEBszsT67mRthMKvGkVU5ana7t2xYlRdhpEjBwznDmzJQgfoS"}],"group":"cf-nel","max_age":604800}
expires
Mon, 05 Jan 2026 10:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7006&min_rtt=6554&rtt_var=2162&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4210&recv_bytes=4505&delivery_rate=68859&cwnd=12000&unsent_bytes=0&cid=c2f2ccc93b621927&ts=54&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
image/jpeg
last-modified
Fri, 29 Jul 2022 04:00:48 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=31104000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffc236e691dd2e7-FRA
accept-ranges
bytes
content-length
24102
server
cloudflare
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xattar.ir
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
MISS
etag
"af7ae505a9eed503f8b8e6982036873e"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
01/04/2025 01:33:29
cdn-cache
HIT
cdn-requestpullcode
200
priority
u=0,i=?0
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
97af93d7c19b90eec19f45b8f983bb07
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.07
cf-ray
8ffc236e3e02dbb1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1233
server
cloudflare
cdn-requestcountrycode
US
UqyVK80NJXN4zfRgbdfbo55cVw.woff2
fonts.gstatic.com/s/poiretone/v16/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poiretone/v16/UqyVK80NJXN4zfRgbdfbo55cVw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
a6361b9b4bd84cd02407a4674e0158642a51d5f968f0366adf8a19302bec6c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xattar.ir
Referer
https://fonts.googleapis.com/

Response headers

age
265891
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 09:04:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 09:04:33 GMT
last-modified
Thu, 24 Aug 2023 17:31:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
IurY6Y5j_oScZZow4VOxCZZM.woff2
fonts.gstatic.com/s/tangerine/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tangerine/v17/IurY6Y5j_oScZZow4VOxCZZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xattar.ir
Referer
https://fonts.googleapis.com/

Response headers

age
270111
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 07:54:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 07:54:13 GMT
last-modified
Wed, 27 Apr 2022 16:25:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23304
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		3 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1071743286&t=pageview&_s=1&dl=https%3A%2F%2Fxattar.ir%2F&ul=de-de&de=UTF-8&dt=-%EF%BC%B6%EF%BC%A9%EF%BC%A5%EF%BC%AE%EF%BC%AE%EF%BC%A1-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=35875113&gjid=1746931883&cid=127692891.1736506565&tid=UA-52170159-2&_gid=591081894.1736506565&_r=1&_slc=1&z=1485922139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xattar.ir/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 10:56:04 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://xattar.ir
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
/
client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/prelude/ 		222 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-0-10-11-56
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6353867a1108de22ed989334d8b342d20cb547ed179acd87ad70853875e554ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
MISS
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 14:56:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:04 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
last-modified
Fri, 10 Jan 2025 10:56:04 GMT
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc236edaa33a88-FRA
access-control-allow-origin
*
server
cloudflare
/
client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1712949363333
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b9bad5fce913f8917c4a125b1fb7cb50237d103f98530e0047308e28d9b5f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
age
4022
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 14:56:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:05 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
last-modified
Fri, 10 Jan 2025 09:49:03 GMT
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc2370fc2b3a88-FRA
access-control-allow-origin
*
server
cloudflare
fa.js
client.crisp.chat/static/javascripts/locales/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/fa.js?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452d93bf62193b24b012d414b94c432961c2d13202c085544ee2fbf587961c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"66759605-347f"
age
83451
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 08 Jan 2035 10:56:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 10 Jan 2025 10:56:05 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 15:02:29 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8ffc23711c453a88-FRA
access-control-allow-origin
*
server
cloudflare
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
9c4b13_24images.png
uploadkon.ir/uploads/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uploadkon.ir/uploads/9c4b13_24images.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.182.186.124 , Iran, Islamic Republic Of, ASN31549 (RASANA Aria Shatel PJSC, IR),
Reverse DNS
94-182-186-124.shatel.ir
Software
nginx /
Resource Hash
71fb78eebecbc4dffe734a53d1a01139daefb036ac47d01304e5a4446e2bcd1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xattar.ir/

Response headers

accept-ranges
bytes
content-length
4294
date
Fri, 10 Jan 2025 10:56:06 GMT
etag
"6619d582-10c6"
content-type
image/png
last-modified
Sat, 13 Apr 2024 00:44:50 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1abzaar.ir
URL
http://1abzaar.ir/abzar/tools/player/?pl=1&start=1&color=000000
Domain
www.w3schools.com
URL
http://www.w3schools.com/lib/w3.css
Domain
www.fontonline.ir
URL
http://www.fontonline.ir/css/Rezvan.css
Domain
s10.histats.com
URL
http://s10.histats.com/js15.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $crisp string| CRISP_WEBSITE_ID object| d object| s object| listmusic1abzar function| $ function| jQuery boolean| $__CRISP_INCLUDED function| w3_open function| w3_close function| GetBC function| OpenLD object| BlogComments object| CommentID function| SendComment function| setCommentID function| SendProComment object| xmlhttp number| intTimeZone string| strBlogId string| strResult string| strUrl string| GoogleAnalyticsObject function| ga object| $__CRISP_INSTANCE object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
xattar.ir/ Name: lxbmobitel6first
Value: 1736506564
xattar.ir/ Name: PHPSESSID
Value: 5vstm6nedro7jd5fk4o9rrpdve
.xattar.ir/ Name: _ga
Value: GA1.2.127692891.1736506565
.xattar.ir/ Name: _gid
Value: GA1.2.591081894.1736506565
.xattar.ir/ Name: _gat
Value: 1
.xattar.ir/ Name: crisp-client%2Fsession%2F3f2bcc91-6d88-4f8a-91e5-be34bc83b3da
Value: session_5f4ab4cd-b70f-4bdd-9768-68acfaac2483

12 Console Messages

Source Level URL
Text
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://www.loxbazar.com/sckie.php?wid=923313'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure script 'http://1abzaar.ir/abzar/tools/player/?pl=1&start=1&color=000000'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xattar.ir/(Line 23)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.w3schools.com/lib/w3.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xattar.ir/(Line 25)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.fontonline.ir/css/Rezvan.css'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://xattar.ir/(Line 214)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/(Line 225)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://xattar.ir/(Line 257)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://xattar.ir/(Line 257)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure script 'http://s10.histats.com/js15.js'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://xattar.ir/(Line 257)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://xattar.ir/(Line 259)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://www.loxbazar.com/sckie.php?wid=923313'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1abzaar.ir
cdnjs.cloudflare.com
client.crisp.chat
e0.pxfuel.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s10.histats.com
uploadkon.ir
www.fontonline.ir
www.google-analytics.com
www.loxbazar.com
www.w3schools.com
xattar.ir
xattar.loxblog.com
1abzaar.ir
s10.histats.com
www.fontonline.ir
www.w3schools.com
104.17.25.14
104.18.11.207
104.18.28.104
142.250.185.110
142.250.185.202
172.67.151.78
185.169.6.226
216.58.206.67
94.182.186.124
1cde01ecd5e18d9e9d50e85962d98fa4d74ad137d83f530ee55665307f15750b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2650ca4e54680aa5bd59bd263b3cde2f9293bd8102c0048459f721d1d7fb66a0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
452d93bf62193b24b012d414b94c432961c2d13202c085544ee2fbf587961c9c
60a953882f8b922fb65891cd4b4039fe140774475cf0fad600d11961e6e09c8f
60da819ba85767012394079537378fab17cbe253ad60969d994266ef4505d0a3
6353867a1108de22ed989334d8b342d20cb547ed179acd87ad70853875e554ca
682209aefb376c49bb13d0728b5ae9e110565dec5e6ccdcb407f57efaeb6257e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
71fb78eebecbc4dffe734a53d1a01139daefb036ac47d01304e5a4446e2bcd1a
75cc01b49f3f72e151869f3a97aa2aa5153945a0eb88ea53d633198ba479aed3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81b9bad5fce913f8917c4a125b1fb7cb50237d103f98530e0047308e28d9b5f0
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a6361b9b4bd84cd02407a4674e0158642a51d5f968f0366adf8a19302bec6c0c
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
bb0e93a050a32df7913e4026b3c88a176998e0e3e073ba06e9b73f6c24227c9c
cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af