urlscan.io logo urlscan.io
SecurityTrails logo

xattar.ir Open in urlscan Pro
185.169.6.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xattar.ir/
Effective URL: https://xattar.ir/
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 28 HTTP transactions. The main IP is 185.169.6.226, located in Tehran, Iran, Islamic Republic Of and belongs to HOSTIRAN-NETWORK, IR. The main domain is xattar.ir.
TLS certificate: Issued by R3 on April 3rd 2024. Valid for: 3 months.
This is the only time xattar.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.169.6.226 59441 (HOSTIRAN-...)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 104.18.28.104 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 172.67.151.78 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 94.182.186.124 31549 (RASANA)
28 12
6    185.169.6.226 (Tehran, Iran, Islamic Republic Of)

ASN59441 (HOSTIRAN-NETWORK, IR)
PTR: 185.169.6.226.static.hostiran.name
xattar.ir
xattar.loxblog.com
www.loxbazar.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.67.151.78 (United States)

ASN13335 (CLOUDFLARENET, US)
e0.pxfuel.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    94.182.186.124 (Iran, Islamic Republic Of)

ASN31549 (RASANA, IR)
PTR: 94-182-186-124.shatel.ir
uploadkon.ir
Apex Domain
Subdomains		 Transfer
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 18903
194 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
3 xattar.ir
xattar.ir
8 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 loxblog.com
xattar.loxblog.com
633 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
83 KB
1 uploadkon.ir
uploadkon.ir — Cisco Umbrella Rank: 791944
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
91 KB
1 pxfuel.com
e0.pxfuel.com — Cisco Umbrella Rank: 143032
24 KB
1 loxbazar.com
www.loxbazar.com
425 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
880 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
27 KB
0 histats.com Failed
s10.histats.com Failed
0 fontonline.ir Failed
www.fontonline.ir Failed
0 w3schools.com Failed
www.w3schools.com Failed
0 1abzaar.ir Failed
1abzaar.ir Failed
28 16
Domain Requested by
6 client.crisp.chat xattar.ir
client.crisp.chat
3 xattar.ir xattar.ir
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com xattar.ir
www.google-analytics.com
2 xattar.loxblog.com xattar.ir
2 maxcdn.bootstrapcdn.com xattar.ir
maxcdn.bootstrapcdn.com
1 uploadkon.ir
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 e0.pxfuel.com xattar.ir
1 www.loxbazar.com xattar.ir
1 fonts.googleapis.com xattar.ir
1 cdnjs.cloudflare.com xattar.ir
0 s10.histats.com Failed xattar.ir
0 www.fontonline.ir Failed xattar.ir
0 www.w3schools.com Failed xattar.ir
0 1abzaar.ir Failed xattar.ir
28 17

This site contains links to these domains. Also see Links.

Domain
binazirgraphic.ir
www.1abzar.com
xattar.loxblog.com
discord.gg
www.histats.com
Subject Issuer Validity Valid
*.loxblog.com
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
crisp.chat
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
pxfuel.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
uploadkon.ir
R3		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xattar.ir/
Frame ID: 33D4A22D36AB94F0ECC2F41AFEB6F533
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xattar.ir/ HTTP 307
    https://xattar.ir/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

71 %
HTTPS

45 %
IPv6

16
Domains

17
Subdomains

12
IPs

4
Countries

1118 kB
Transfer

2004 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xattar.ir/ HTTP 307
    https://xattar.ir/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xattar.ir/
Redirect Chain
  • http://xattar.ir/
  • https://xattar.ir/
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
5b9ca5441b7100c6b3dcbad7031043d673a18da12ab4e1132cb977de5b942e42

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 May 2024 22:49:06 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Transfer-Encoding
chunked

Redirect headers

Location
https://xattar.ir/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27198
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32QmiTk5EqWdES2PD%2BBWcDpOtQiF6KsVdCCG7OncPzg22%2BbdTdYLnYVTHWqKZeB1s4EZ9bd8RvmoM005%2FHZCC4BG1IdyJdPRPmuizjGnnNU9qDbyhwm4snL6rPGUP%2FiAwa%2ByWmon"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8890d64b2ade65d4-FRA
expires
Wed, 14 May 2025 22:49:07 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Origin
https://xattar.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
61cbe5c4060dd5e9442118b6eea7974b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8890d64b39c870be-WAW
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		1 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d3c59d03d262a2f2636a16f3948ec935b06bdc614ed860a9b0b2a8c69fbc5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 May 2024 22:49:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 May 2024 22:49:07 GMT
images_(2).jpeg
xattar.loxblog.com/upload/x/xattar/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
1cde01ecd5e18d9e9d50e85962d98fa4d74ad137d83f530ee55665307f15750b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:49:07 GMT
Last-Modified
Fri, 12 Apr 2024 23:47:26 GMT
Server
nginx/1.18.0
ETag
"6619c80e-1a39"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6713
welcomeImage.png
xattar.loxblog.com/upload/x/xattar/image/ 		626 KB
626 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
2650ca4e54680aa5bd59bd263b3cde2f9293bd8102c0048459f721d1d7fb66a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:49:07 GMT
Last-Modified
Fri, 12 Apr 2024 23:36:52 GMT
Server
nginx/1.18.0
ETag
"6619c594-9c8bc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
641212
smiley-cool.gif
xattar.ir/tiny_mce/plugins/emotions/img/ 		354 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xattar.ir/tiny_mce/plugins/emotions/img/smiley-cool.gif
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
bb0e93a050a32df7913e4026b3c88a176998e0e3e073ba06e9b73f6c24227c9c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:49:07 GMT
Last-Modified
Sat, 29 Oct 2022 09:38:51 GMT
Server
nginx/1.18.0
ETag
"635cf4ab-162"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
sckie.php
www.loxbazar.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.loxbazar.com/sckie.php?wid=923313
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:49:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
l.js
client.crisp.chat/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74be5bc404677f20589c5e761ec7fff1757ab0971f75f461b244431ec2c70e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
47757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3333
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-205e"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8890d64b5ed7347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Sat, 25 May 2024 22:49:07 GMT
/
1abzaar.ir/abzar/tools/player/ 		0
0
client.js
client.crisp.chat/static/javascripts/ 		413 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?1f0bd44
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02b488138aedbfbcbf7f60d48f4a6bd16ea4771562d868f44df16097fd3e20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
47756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-6736c"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
8890d64bdf21347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Mon, 22 May 2034 22:49:07 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		362 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?1f0bd44
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008bde968818452400c77da06fb076e389d4543b97cf7a97f80b013df648db9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
47756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 09:32:17 GMT
server
cloudflare
etag
W/"66505ea1-5a9cc"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
8890d64bdf23347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Mon, 22 May 2034 22:49:07 GMT
w3.css
www.w3schools.com/lib/ 		0
0
Rezvan.css
www.fontonline.ir/css/ 		0
0
livecounter.php
xattar.ir/important/ 		22 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xattar.ir/important/livecounter.php?wid=923313&ads=1
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.169.6.226 Tehran, Iran, Islamic Republic Of, ASN59441 (HOSTIRAN-NETWORK, IR),
Reverse DNS
185.169.6.226.static.hostiran.name
Software
nginx/1.18.0 /
Resource Hash
b4ab315b185cccc94f9c5be59e4ce10dd1d286c12187b16b112bffd751c3bb5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 22:49:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 May 2024 21:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4084
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 May 2024 23:41:03 GMT
js15.js
s10.histats.com/ 		0
0
desktop-wallpaper-anime-red-mask-girl-laptop-background-and-discord-anime.jpg
e0.pxfuel.com/wallpapers/893/981/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e0.pxfuel.com/wallpapers/893/981/desktop-wallpaper-anime-red-mask-girl-laptop-background-and-discord-anime.jpg
Requested by
Host: xattar.ir
URL: https://xattar.ir/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a953882f8b922fb65891cd4b4039fe140774475cf0fad600d11961e6e09c8f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
cf-cache-status
MISS
last-modified
Fri, 29 Jul 2022 04:00:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e35b70-5e26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkTQgxWkaH%2BDcsckp6vDkEpbF48hT5jDpbXGNKbk1WMF%2FvI2MUZmlAb5fGMSNyHv1xxrSAe2BBo4VRYbkxSMTcv%2BaIgCcOh39Lz0cWD%2FyoRCi23pZbvOmkHjVZFQuhgt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8890d64c59263832-FRA
alt-svc
h3=":443"; ma=86400
content-length
24102
expires
Mon, 19 May 2025 22:49:07 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://xattar.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9c8a2b58fbdc03ad76e0a4577fa702f7
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8890d64bfa6b70be-WAW
cdn-requestpullsuccess
True
UqyVK80NJXN4zfRgbdfbo55cVw.woff2
fonts.gstatic.com/s/poiretone/v16/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poiretone/v16/UqyVK80NJXN4zfRgbdfbo55cVw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6361b9b4bd84cd02407a4674e0158642a51d5f968f0366adf8a19302bec6c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://xattar.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 22:13:52 GMT
x-content-type-options
nosniff
age
347715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 May 2025 22:13:52 GMT
IurY6Y5j_oScZZow4VOxCZZM.woff2
fonts.gstatic.com/s/tangerine/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tangerine/v17/IurY6Y5j_oScZZow4VOxCZZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tangerine
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://xattar.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:40:59 GMT
x-content-type-options
nosniff
age
158888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23304
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:25:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:40:59 GMT
collect
www.google-analytics.com/j/ 		15 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=335697139&t=pageview&_s=1&dl=https%3A%2F%2Fxattar.ir%2F&ul=de-de&de=UTF-8&dt=-%EF%BC%B6%EF%BC%A9%EF%BC%A5%EF%BC%AE%EF%BC%AE%EF%BC%A1-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=454499949&gjid=1134031000&cid=1352307354.1716590947&tid=UA-52170159-2&_gid=1038508878.1716590947&_r=1&_slc=1&z=1267961834
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5de801aa9e0f734ad995493897db37f9fd9c6741ad6c27ca587ae836ed79cd80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 May 2024 22:49:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xattar.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KEGS4GD4V2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12e4bdd3d836fc3f16dd4620c9f40f0842fba3ab8c0b4266d41828198915d33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92392
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 May 2024 22:49:07 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KEGS4GD4V2&gtm=45je45m0v9120758012za200&_p=1716590947419&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1352307354.1716590947&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fxattar.ir%2F&dt=-%EF%BC%B6%EF%BC%A9%EF%BC%A5%EF%BC%AE%EF%BC%AE%EF%BC%A1-&sid=1716590947&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1359
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KEGS4GD4V2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 24 May 2024 22:49:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xattar.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/prelude/ 		214 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-4-25-0-49
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1f0bd44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e21d57b6fc459102203dc7ed11b2de59c4f1a255686dbd5fdb4540de7ff9a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
173
last-modified
Fri, 24 May 2024 22:49:08 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8890d650fb8c347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Sat, 25 May 2024 02:49:08 GMT
/
client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3f2bcc91-6d88-4f8a-91e5-be34bc83b3da/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1712949363333
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1f0bd44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b96812c353c47050648577b162803522b93e75fc19950ef94e51179241c81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
684
last-modified
Fri, 24 May 2024 22:49:08 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8890d654eefe347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Sat, 25 May 2024 02:49:08 GMT
fa.js
client.crisp.chat/static/javascripts/locales/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/fa.js?1f0bd44
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?1f0bd44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70bbaeb18cc3a83171e00636389fcd5cbefcc90a98f07642ddc3bf782293bfd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
47650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3803
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-27b7"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8890d655cfb6347c-WAW
access-control-allow-headers
Content-Type, Origin
expires
Mon, 22 May 2034 22:49:08 GMT
9c4b13_24images.png
uploadkon.ir/uploads/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uploadkon.ir/uploads/9c4b13_24images.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.182.186.124 , Iran, Islamic Republic Of, ASN31549 (RASANA, IR),
Reverse DNS
94-182-186-124.shatel.ir
Software
nginx /
Resource Hash
71fb78eebecbc4dffe734a53d1a01139daefb036ac47d01304e5a4446e2bcd1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xattar.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 22:49:09 GMT
last-modified
Sat, 13 Apr 2024 00:44:50 GMT
server
nginx
accept-ranges
bytes
etag
"10c6-615efb2284669"
content-length
4294
content-type
image/png
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1abzaar.ir
URL
http://1abzaar.ir/abzar/tools/player/?pl=1&start=1&color=000000
Domain
www.w3schools.com
URL
http://www.w3schools.com/lib/w3.css
Domain
www.fontonline.ir
URL
http://www.fontonline.ir/css/Rezvan.css
Domain
s10.histats.com
URL
http://s10.histats.com/js15.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $crisp string| CRISP_WEBSITE_ID object| d object| s object| listmusic1abzar boolean| $__CRISP_INCLUDED function| $ function| jQuery function| w3_open function| w3_close function| GetBC function| OpenLD object| BlogComments object| CommentID function| SendComment function| setCommentID function| SendProComment object| xmlhttp number| intTimeZone string| strBlogId number| intCount string| strResult string| strUrl string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| $__CRISP_INSTANCE object| google_tag_manager

7 Cookies

Domain/Path Name / Value
xattar.ir/ Name: lxbmobitel6first
Value: 1716590946
xattar.ir/ Name: PHPSESSID
Value: kdftjudt8au6n3n3ubbl68hp6t
.xattar.ir/ Name: _ga
Value: GA1.2.1352307354.1716590947
.xattar.ir/ Name: _gid
Value: GA1.2.1038508878.1716590947
.xattar.ir/ Name: _gat
Value: 1
.xattar.ir/ Name: _ga_KEGS4GD4V2
Value: GS1.2.1716590947.1.0.1716590947.0.0.0
.xattar.ir/ Name: crisp-client%2Fsession%2F3f2bcc91-6d88-4f8a-91e5-be34bc83b3da
Value: session_36de9dc7-5365-4edb-bed4-8d817003aa12

12 Console Messages

Source Level URL
Text
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://www.loxbazar.com/sckie.php?wid=923313'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://xattar.ir/
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure script 'http://1abzaar.ir/abzar/tools/player/?pl=1&start=1&color=000000'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xattar.ir/(Line 23)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.w3schools.com/lib/w3.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xattar.ir/(Line 25)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.fontonline.ir/css/Rezvan.css'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://xattar.ir/(Line 214)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/images_(2).jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xattar.ir/(Line 225)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://xattar.loxblog.com/upload/x/xattar/image/welcomeImage.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://xattar.ir/(Line 257)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://xattar.ir/(Line 257)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure script 'http://s10.histats.com/js15.js'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://xattar.ir/(Line 257)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://xattar.ir/(Line 259)
Message:
Mixed Content: The page at 'https://xattar.ir/' was loaded over HTTPS, but requested an insecure element 'http://www.loxbazar.com/sckie.php?wid=923313'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1abzaar.ir
cdnjs.cloudflare.com
client.crisp.chat
e0.pxfuel.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
s10.histats.com
uploadkon.ir
www.fontonline.ir
www.google-analytics.com
www.googletagmanager.com
www.loxbazar.com
www.w3schools.com
xattar.ir
xattar.loxblog.com
1abzaar.ir
s10.histats.com
www.fontonline.ir
www.w3schools.com
104.17.25.14
104.18.11.207
104.18.28.104
172.67.151.78
185.169.6.226
2001:4860:4802:34::178
2001:4860:4802:34::36
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82f::2008
94.182.186.124
008bde968818452400c77da06fb076e389d4543b97cf7a97f80b013df648db9a
0d3c59d03d262a2f2636a16f3948ec935b06bdc614ed860a9b0b2a8c69fbc5ec
12e4bdd3d836fc3f16dd4620c9f40f0842fba3ab8c0b4266d41828198915d33b
1cde01ecd5e18d9e9d50e85962d98fa4d74ad137d83f530ee55665307f15750b
2650ca4e54680aa5bd59bd263b3cde2f9293bd8102c0048459f721d1d7fb66a0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
45b96812c353c47050648577b162803522b93e75fc19950ef94e51179241c81d
5b9ca5441b7100c6b3dcbad7031043d673a18da12ab4e1132cb977de5b942e42
5de801aa9e0f734ad995493897db37f9fd9c6741ad6c27ca587ae836ed79cd80
60a953882f8b922fb65891cd4b4039fe140774475cf0fad600d11961e6e09c8f
62e21d57b6fc459102203dc7ed11b2de59c4f1a255686dbd5fdb4540de7ff9a0
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
70bbaeb18cc3a83171e00636389fcd5cbefcc90a98f07642ddc3bf782293bfd7
71fb78eebecbc4dffe734a53d1a01139daefb036ac47d01304e5a4446e2bcd1a
74be5bc404677f20589c5e761ec7fff1757ab0971f75f461b244431ec2c70e32
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a6361b9b4bd84cd02407a4674e0158642a51d5f968f0366adf8a19302bec6c0c
b4ab315b185cccc94f9c5be59e4ce10dd1d286c12187b16b112bffd751c3bb5a
bb0e93a050a32df7913e4026b3c88a176998e0e3e073ba06e9b73f6c24227c9c
cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02b488138aedbfbcbf7f60d48f4a6bd16ea4771562d868f44df16097fd3e20b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855