khodro45.com Open in urlscan Pro
185.143.233.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://j.mp/2VrOtNk
Effective URL:
https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
Submission: On September 20 via api (September 20th 2023, 11:06:51 pm UTC) from US — Scanned from US

Summary HTTP 77 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 77 HTTP transactions. The main IP is 185.143.233.120, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is khodro45.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on June 19th 2023. Valid for: a year.

This is the only time khodro45.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.17 67.199.248.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 40	185.143.233.120 185.143.233.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
4	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:303... 2606:4700:3033::ac43:a68c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	185.143.234.120 185.143.234.120	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
3	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
12	45.94.254.24 45.94.254.24	48551 (SINDAD) (SINDAD)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
2	45.94.255.25 45.94.255.25	48551 (SINDAD) (SINDAD)
2	46.245.80.244 46.245.80.244	43754 (ASIATECH) (ASIATECH)
77	10

1 67.199.248.17 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: j.mp

j.mp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 185.143.233.120 (Iran, Islamic Republic Of) 1 redirects

ASN205585 (ARVANCLOUD-CDN-, IR)

www.khodro45.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
khodro45.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
van.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:a68c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.143.234.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

assets.najva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience-scripts.yektanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.94.254.24 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.org

s1.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n1.sanjagh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.94.255.25 (Iran, Islamic Republic Of)

ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud

ma-cdn.pegah.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.245.80.244 (Iran, Islamic Republic Of)

ASN43754 (ASIATECH, IR)

mediacdn.mediaad.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	khodro45.com 1 redirects www.khodro45.com khodro45.com	2 MB
13	mediaad.org s1.mediaad.org — Cisco Umbrella Rank: 66351 mediacdn.mediaad.org — Cisco Umbrella Rank: 32995 api.mediaad.org — Cisco Umbrella Rank: 61753	18 KB
10	yektanet.com cdn.yektanet.com — Cisco Umbrella Rank: 26994 audience.yektanet.com — Cisco Umbrella Rank: 31445 ua.yektanet.com — Cisco Umbrella Rank: 30137 audience-scripts.yektanet.com — Cisco Umbrella Rank: 41405	35 KB
8	najva.com 2 redirects app.najva.com — Cisco Umbrella Rank: 73650 assets.najva.com — Cisco Umbrella Rank: 77205 van.najva.com — Cisco Umbrella Rank: 53696	98 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	355 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	pegah.tech ma-cdn.pegah.tech — Cisco Umbrella Rank: 65050	2 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	392 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11	660 B
1	sanjagh.com n1.sanjagh.com — Cisco Umbrella Rank: 198216	5 KB
1	j.mp 1 redirects j.mp — Cisco Umbrella Rank: 684976	342 B
77	11

	Domain	Requested by
34	khodro45.com	khodro45.com
10	api.mediaad.org	s1.mediaad.org
5	van.najva.com	khodro45.com app.najva.com van.najva.com
4	ua.yektanet.com	cdn.yektanet.com ua.yektanet.com
4	www.googletagmanager.com	khodro45.com www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	audience-scripts.yektanet.com	cdn.yektanet.com
2	mediacdn.mediaad.org	s1.mediaad.org
2	audience.yektanet.com	cdn.yektanet.com
2	ma-cdn.pegah.tech	s1.mediaad.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.yektanet.com	khodro45.com van.najva.com
2	app.najva.com	2 redirects
1	www.google.com	khodro45.com
1	analytics.google.com	www.googletagmanager.com
1	n1.sanjagh.com	www.googletagmanager.com
1	s1.mediaad.org	www.googletagmanager.com
1	assets.najva.com	khodro45.com
1	www.khodro45.com	1 redirects
1	j.mp	1 redirects
77	20

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.aparat.com
twitter.com
www.linkedin.com
t.me

Subject Issuer	Validity	Valid
*.khodro45.com Certum Domain Validation CA SHA2	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.mediaad.org R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
yektanet.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
van.najva.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.sanjagh.com R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.pegah.tech R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
Frame ID: 83688331577747FD6C1993B9F061ABB5
Requests: 69 HTTP requests in this frame

Frame: https://ua.yektanet.com/cookie/iframe/
Frame ID: 9A8168B99BCBAA075DFCD3A5B7BCB65F
Requests: 2 HTTP requests in this frame

Frame: https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: 9DC2902A214DE75C8B703F59F485084A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - خودرو۴۵

Page URL History Show full URLs

https://j.mp/2VrOtNk HTTP 301
https://www.khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&n... HTTP 301
https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&n... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

77
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

20
Subdomains

10
IPs

3
Countries

2358 kB
Transfer

4676 kB
Size

15
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/khodro45/

Search URL Search Domain Scan URL

URL: https://www.aparat.com/u_5065574

Search URL Search Domain Scan URL

URL: https://twitter.com/khodro45

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/khodro45/

Search URL Search Domain Scan URL

URL: https://t.me/khodro45

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://j.mp/2VrOtNk HTTP 301
https://www.khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand HTTP 301
https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://app.najva.com/static/css/local-messaging.css?v=202308020013 HTTP 301
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202308020013

Request Chain 24

https://app.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013 HTTP 301
https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request popup_overpack.php Show response
khodro45.com/attacked/6kgd/clearcache/
Redirect Chain

https://j.mp/2VrOtNk
https://www.khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

71 KB
23 KB

1124ms
1105ms

Document
text/html

185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

6e44c52635fd08e820c89834210088ca4d54a0c4cebf6246925474e3d4988d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Sep 2023 23:06:41 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://khodro45.com/wp-json/>; rel="https://api.w.org/"
server: ArvanCloud
server-timing: total;dur=851
vary: Accept-Encoding Accept-Encoding
x-cache: BYPASS
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: PHP/7.4.23
x-request-id: 81d213e6b2bbbd149b1275f323fd145e
x-sid: 4100

Redirect headers

content-length: 0
content-type: text/html
date: Wed, 20 Sep 2023 23:06:40 GMT
location: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
server: ArvanCloud
server-timing: total;dur=0
x-request-id: 100c4b9e376b23b93863b0b9654fa8a4
x-sid: 4100
x-xss-protection: 1; mode=block

GET
H2 200 style-rtl.min.css
khodro45.com/wp-includes/css/dist/block-library/ 79 KB
14 KB 248ms
244ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fd26232315c5199c77306e32e6d400ff94626317cf370d19595d9153cbbf0b5e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-13a1c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 1b75a41ac1c880b2e8bcdee19d40f909
x-sid: 4100

GET
H2 200 settings.css
khodro45.com/wp-content/plugins/revslider/public/assets/css/ 38 KB
11 KB 291ms
288ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

e3c8cc1cd561e2be98ef2f95f5f77c51674cdcbeca6d7dc243ecc2a863350e91

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:52 GMT
server: ArvanCloud
etag: W/"642d93b4-9667"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: bfb000d49380447c56595a950a6b288f
x-sid: 4100

GET
H2 200 style.css
khodro45.com/wp-content/themes/Divi/ 647 KB
91 KB 358ms
354ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/style.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

2e3a3ec20b9109fc51ce1eff77cf184724fa92dfe929c6be2d5b3cdba6596a40

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-a1bd8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: cae697614b7f6af73dd63edeb3397801
x-sid: 4100

GET
H2 200 rtl.css
khodro45.com/wp-content/themes/Divi/ 6 KB
2 KB 616ms
613ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/rtl.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

0ad97efdc22b7f780fda3692f5ff7ee6ec80d144fad5de0aa066addd4d8d1fb3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-18a8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 2558f4c1a138665c0b3a2c03af8c5f88
x-sid: 4100

GET
H2 200 bootstrap.min.css
khodro45.com/wp-content/themes/Divi/css/ 156 KB
31 KB 640ms
636ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/css/bootstrap.min.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-26f1b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 140492727c4a0db55cde589c0bab5a8e
x-sid: 4100

GET
H2 200 AmirganiCSS.css
khodro45.com/wp-content/themes/Divi/css/ 1 KB
970 B 663ms
660ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/css/AmirganiCSS.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5f532a67fe64df985e38dabc310b30139c322f2153c5d686e7c741900624c9fd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-5c2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 92f61222583edbc2b0b92729a35d6c9a
x-sid: 4100

GET
H2 200 style.css
khodro45.com/wp-content/themes/Divi-child/ 15 KB
4 KB 670ms
667ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5a58d2d0ee40e4ce42677170444a448d34293ba82fbd4402fc5674344ce21a75

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-3ad4"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 9e3b562819cc9933119d88515d2a2d05
x-sid: 4100

GET
H2 200 style.min.css
khodro45.com/wp-content/plugins/schema-and-structured-data-for-wp/modules/divi-builder/styles/ 35 B
374 B 670ms
668ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/plugins/schema-and-structured-data-for-wp/modules/divi-builder/styles/style.min.css?ver=1.0.0

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

4ccc27337cb5e80e6509daacc7b8d18b77c26bcfe3443722ec5ecc468d8da172

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-23"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 962c8619cfdb7ee046f9536c34bd1a58
x-sid: 4100

GET
H2 200 dashicons.min.css
khodro45.com/wp-includes/css/ 58 KB
36 KB 694ms
691ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/css/dashicons.min.css?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-e688"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 6201d0261f7ddf3472d772f13409bff3
x-sid: 4100

GET
H2 200 jquery.min.js Show response
khodro45.com/wp-includes/js/jquery/ 87 KB
36 KB 757ms
754ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-15db1"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 7735e9d5b00a0b59ef7e896156973720
x-sid: 4100

GET
H2 200 jquery-migrate.min.js Show response
khodro45.com/wp-includes/js/jquery/ 11 KB
5 KB 788ms
786ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-2bd8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 86337521e2cd1853c7683ffa648e99e2
x-sid: 4100

GET
H2 200 preloader-script.js Show response
khodro45.com/wp-content/plugins/the-preloader/js/ 252 B
507 B 865ms
863ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/plugins/the-preloader/js/preloader-script.js

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5d47e5a33b1806550a2f3bf09f9fcb75ef70c8f472d73d5e6a1e07082a09ddd3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-fc"
vary: Accept-Encoding, Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=420
x-xss-protection: 1; mode=block
x-request-id: 92b42a40a3b2273c31ed08a4b3587b73
x-sid: 4100

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
90 KB 284ms
112ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e9d1e5d1cdac01b8428613f904026dc3703bf9cc7a37039d16c8a06dd1f5d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92202
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 21:13:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 23:06:42 GMT

GET
H2 200 font-awesome.min.css
khodro45.com/wp-content/themes/Divi-child/fonts/ 30 KB
8 KB 734ms
732ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/font-awesome.min.css

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:41 GMT
date: Wed, 20 Sep 2023 23:06:41 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-7918"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: c40fc7684c0275330e0f54990ebfa266
x-sid: 4100

GET
H2 200 K45-Mag-Logo-Light-bg-1.png
khodro45.com/wp-content/uploads/2022/11/ 7 KB
7 KB 227ms
226ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2022/11/K45-Mag-Logo-Light-bg-1.png

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

8f547f01fe36bd9e34f4e713ca589459158b84b05862e9b157a7015a366f5bf8

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: add549e48713726c0bb3ae06310c84c1
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 wp-emoji-release.min.js Show response
khodro45.com/wp-includes/js/ 18 KB
6 KB 336ms
336ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-4705"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 9883407f6810d9a21ac7a69587df238e
x-sid: 4100

GET
H2 200 push-300-250.gif
khodro45.com/wp-content/uploads/2023/02/ 475 KB
468 KB 323ms
322ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2023/02/push-300-250.gif

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

b8479a8ccbeebfa195562ddceb1a6e0b7e62f8f31169df6af66dbb500c6a97a9

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 69a65014d4e6948c46b3d04c7f275230
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 blog-motion-gif.gif
khodro45.com/wp-content/uploads/2023/02/ 758 KB
729 KB 338ms
337ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2023/02/blog-motion-gif.gif

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

da284ef2c14182818595b3cddcc46601181f76287f3fb57538a3ae814dae6d63

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: b62f3e82c0d33da724a1ea144a88de96
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 scripts.js Show response
khodro45.com/wp-content/themes/Divi-child/ 1 KB
878 B 184ms
184ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/scripts.js?ver=1

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

d60e505767ce2c784709b9f64ffc1caeb33d57a1a553acc11224315b05276ef3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-41a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 31f03baf26bc10df1643ad50712baecd
x-sid: 4100

GET
H2 200 custom.min.js Show response
khodro45.com/wp-content/themes/Divi/js/ 258 KB
75 KB 194ms
191ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/js/custom.min.js?ver=3.19.4

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

9ecda45e206bac761d435f99dd1d86fb4b03cb46ba38cf4ef50d18d2954a4232

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-40789"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: eea14869341408d0111b0ebcc944a116
x-sid: 4100

GET
H2 200 frontend-bundle.min.js Show response
khodro45.com/wp-content/plugins/schema-and-structured-data-for-wp/modules/divi-builder/scripts/ 564 B
657 B 224ms
222ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/plugins/schema-and-structured-data-for-wp/modules/divi-builder/scripts/frontend-bundle.min.js?ver=1.0.0

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

49d80f3ec95f35818b796d393cf1d062f4222109d7b866e9caa89b26d64efd31

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-234"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: a4bf999d82e61ebcb3bab05ab668fad2
x-sid: 4100

GET
H2 200 common.js Show response
khodro45.com/wp-content/themes/Divi/core/admin/js/ 1 KB
938 B 224ms
222ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.19.4

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-550"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 0d77150065597d6704b79be1068fa522
x-sid: 4100

GET
H2 200 wp-embed.min.js Show response
khodro45.com/wp-includes/js/ 1 KB
1 KB 225ms
223ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-includes/js/wp-embed.min.js?ver=5.8.6

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 15:28:53 GMT
server: ArvanCloud
etag: W/"642d93b5-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=0
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: f2d4cfd909c5ec164840d8037380d2c0
x-sid: 4100

GET
H2

200

local-messaging.css
assets.najva.com/webpush/static/css/
Redirect Chain

https://app.najva.com/static/css/local-messaging.css?v=202308020013
https://assets.najva.com/webpush/static/css/local-messaging.css?v=202308020013

10 KB
2 KB

777ms
200ms

Stylesheet
text/css

185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.najva.com/webpush/static/css/local-messaging.css?v=202308020013

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Thu, 19 Sep 2024 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
content-encoding: br
x-amz-request-id: tx00000a59ac33490a301bb-0065018034-1f3c309-ir-tbz-sh1
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 7113519403eb746d67d21f8c38277eab
x-sid: 4105
last-modified: Mon, 13 Feb 2023 15:10:16 GMT
server: ArvanCloud
etag: W/"20685ae09d2ce2a080031240f15c7725"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000
x-amz-meta-mtime: 1674484809.295193216

Redirect headers

date: Wed, 20 Sep 2023 23:06:43 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: total;dur=0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d4509a541d61d6b5de88e9a106913d53
x-sid: 4101
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMFhUww2RZ6uf60wnGfhCqaclf%2F9xVheprz%2BYVq1BZuEytkrTnoyp0OiuDtDoky8lglWUiSX4KvNAkYKmEaPeWxNjliubTcWQk9T3zx20ET2Cbla0sfX1Y3VCDVL70JEBF74Q56ZTabDiICD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://assets.najva.com/webpush/static/css/local-messaging.css?v=202308020013
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 809db8719ed3228a-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js Show response
van.najva.com/static/js/scripts/
Redirect Chain

https://app.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013
https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

180 KB
45 KB

1454ms
371ms

Script
application/javascript

185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fa73339c9de99823601e1bdf605d3fe4eb449fca3598a98287e238e723dd3b05

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
content-encoding: br
x-cache-status: MISS
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 2d2f5750edabba13a8aeb4f6af91b27a
x-sid: 4100
last-modified: Wed, 20 Sep 2023 03:30:25 GMT
server: ArvanCloud
etag: W/"66e6c584cade6a04e14103bdf750c73c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

date: Wed, 20 Sep 2023 23:06:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIKNXhXTV2bKnZjqM8lO%2FXLSAX2q5NgoHcPCt3rnh32kwoqHLpfhs5CpjbmTJtOBFd7R%2BtHXagZ6ALvrkh1lGGIw8ACphh6pwS76hYZsJ40mruJtgsioRLGiKY1VEvHdbZbfCQuIRY7AAcxE"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013
cache-control: max-age=14400
cf-ray: 809db8719ed5228a-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 271 KB
91 KB 301ms
129ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=Wcqmq5dn4V-kGs0X-QblSw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fbe8640c1597459e16bb36f3d7e8d21545ba1fb882ae24b569ccc714dd3af64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92896
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preloader-khodro45.gif
khodro45.com/wp-content/themes/Divi-child/img/ 70 KB
56 KB 696ms
696ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/themes/Divi-child/img/preloader-khodro45.gif

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

a4765ef5a8224ac10ee59006ca59ebf0e6401e4b53b5fdb10ca5f7308623b3bb

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: MISS
server-timing: total;dur=211
x-xss-protection: 1; mode=block
x-request-id: 31cf543b7a1de13ec55b1b8f0901ec12
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 IRANSansWeb.woff2
khodro45.com/wp-content/themes/Divi-child/fonts/woff2/ 29 KB
30 KB 231ms
231ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/woff2/IRANSansWeb.woff2

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

276314ac3b483f62409226c9f21c8ba78bc42b38ebfa26bda9359cf069261cea

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: f5cc2d3876ed4a4eb6c690bf7385df73
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 call-khodro45.png
khodro45.com/wp-content/themes/Divi-child/img/ 1 KB
2 KB 414ms
413ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/themes/Divi-child/img/call-khodro45.png

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

7cef5612505ef4a18e4ca64345fcd28533001b388cbb61fc7b3a820031f02ff2

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 185d0105b37b7347583363d5573f0633
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 IRANSansWeb_Bold.woff2
khodro45.com/wp-content/themes/Divi-child/fonts/woff2/ 28 KB
28 KB 242ms
241ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/woff2/IRANSansWeb_Bold.woff2

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

20b2a7cf0ed6e6454f3a7b5583e66b7c2a653e4a7c558390eefb92b04a4beabd

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 4c5297fd8dde4eaaee5685370f6bb180
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 modules.ttf
khodro45.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
41 KB 255ms
254ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi/style.css?ver=5.8.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

d28976bd53ab07b1ee0b5cd774f563919199b4d5d3318f3199c2ffcb74126a26

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi/style.css?ver=5.8.6
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 9a6e6f6074205b2d860c7d1e3dd8887f
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 IRANSansWeb_Medium.woff2
khodro45.com/wp-content/themes/Divi-child/fonts/woff2/ 26 KB
27 KB 275ms
275ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/woff2/IRANSansWeb_Medium.woff2

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

3d76255f7e596a7e00397b994f7a2f1fcf21219a5618532091fc0153efe85deb

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 423f524faee799dd3914eda673b749b7
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 IRANSansWeb_Black.woff2
khodro45.com/wp-content/themes/Divi-child/fonts/woff2/ 26 KB
27 KB 288ms
288ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/woff2/IRANSansWeb_Black.woff2

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

f636a8424917f15ae334b657c99dd70771050233462acb0ef3b5f1803495158c

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 624a893cc08aaade1af007e849ee8035
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 IRANSansWeb_Light.woff2
khodro45.com/wp-content/themes/Divi-child/fonts/woff2/ 29 KB
29 KB 301ms
301ms Font
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://khodro45.com/wp-content/themes/Divi-child/fonts/woff2/IRANSansWeb_Light.woff2

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

4f11f56fb396eb4bbf5bd2c07e52aff3dc58b357e9d97a2a622b1b354208ae21

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/wp-content/themes/Divi-child/style.css?ver=3.19.4
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: b69db3a8bd52a054aa74771729f9aab3
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 %D9%82%DB%8C%D9%85%D8%AA-%D8%AE%D9%88%D8%AF%D8%B1%D9%88-%D8%A7%D8%B3%D8%A7%DB%8C%D8%AF.png
khodro45.com/wp-content/uploads/2021/08/ 19 KB
19 KB 582ms
581ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2021/08/%D9%82%DB%8C%D9%85%D8%AA-%D8%AE%D9%88%D8%AF%D8%B1%D9%88-%D8%A7%D8%B3%D8%A7%DB%8C%D8%AF.png

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

7102806259af500ece91bf4c81b73f571d20d59fff5be6ce0188e18b4f90d060

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:42 GMT
date: Wed, 20 Sep 2023 23:06:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: bd225716ba2b7956d39178033b013cf0
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 K45-Mag-Logo-Light-bg-1.png
khodro45.com/wp-content/uploads/2022/11/ 7 KB
7 KB 184ms
183ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2022/11/K45-Mag-Logo-Light-bg-1.png

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

8f547f01fe36bd9e34f4e713ca589459158b84b05862e9b157a7015a366f5bf8

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:43 GMT
date: Wed, 20 Sep 2023 23:06:43 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 0754c281535084b6ad754ba03fb85272
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
64ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Sep 2023 22:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 00:27:56 GMT

GET
H2 200 retargeting.js Show response
s1.mediaad.org/serve/8535/ 11 KB
4 KB 701ms
225ms Script
application/javascript 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.mediaad.org/serve/8535/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),
Reverse DNS: host.sindad.org
Software: /
Resource Hash: 9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:43 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300, max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 rg.complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v3/fw32vYI4/ 35 KB
13 KB 973ms
250ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v3/fw32vYI4/rg.complete.js?v=202308020013

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

127f0f21925df234539f9ecb2a8e1cfbd56603a52abd9cf8e5aaff80998e4801

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
content-encoding: gzip
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: f3d8ac586674bd50bc7cff9ac2b6c8a9
x-sid: 4105
last-modified: Tue, 11 Jul 2023 14:56:33 GMT
server: ArvanCloud
etag: W/"8044581496bad9b53712459d4a0610eb"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 21 Sep 2023 00:06:44 GMT

GET
H2 200 local-messaging.css
van.najva.com/static/cdn/css/ 10 KB
2 KB 1133ms
185ms Stylesheet
text/css 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/cdn/css/local-messaging.css?v=202308020013

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
content-encoding: br
x-cache-status: MISS
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: d94683d895a39caf7cdde68dc5d7e0ca
x-sid: 4100
last-modified: Mon, 27 Dec 2021 16:31:31 GMT
server: ArvanCloud
etag: W/"20685ae09d2ce2a080031240f15c7725"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-meta-mtime: 1623484316

GET
H2 200 khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js Show response
van.najva.com/static/js/scripts/ 180 KB
45 KB 1516ms
568ms Script
application/javascript 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fa73339c9de99823601e1bdf605d3fe4eb449fca3598a98287e238e723dd3b05

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
content-encoding: br
x-cache-status: MISS
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: d2cfe8e110fb34cc07420d39b9bb9b28
x-sid: 4100
last-modified: Wed, 20 Sep 2023 03:30:25 GMT
server: ArvanCloud
etag: W/"66e6c584cade6a04e14103bdf750c73c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 retargeting.js Show response
n1.sanjagh.com/serve/61964/ 11 KB
5 KB 683ms
224ms Script
application/javascript 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://n1.sanjagh.com/serve/61964/retargeting.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300, max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
87 KB 113ms
112ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XT9041V629&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

514a38ab1376ea0f279f8f745d01edcfefa76f06f4f119bc4d336d2635b6bd7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 23:06:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 116ms
116ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R0MS097RQH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGF668F&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15a0485c2cd44912f73642f0bf5bdf93854c14cd9aa51233575bca9c8353ec78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 23:06:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 127ms
46ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XT9041V629&gtm=45je39i0&_p=215795982&_gaz=1&cid=1019986829.1695251203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695251203&sct=1&seg=0&dl=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&dt=Page%20not%20found%20-%20%D8%AE%D9%88%D8%AF%D8%B1%D9%88%DB%B4%DB%B5&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XT9041V629&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 23:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khodro45.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 191ms
67ms Ping
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XT9041V629&cid=1019986829.1695251203&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XT9041V629&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 23:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khodro45.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 77ms
76ms Ping
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R0MS097RQH&gtm=45je39i0&_p=215795982&cid=1019986829.1695251203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695251203&sct=1&seg=0&dl=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&dt=Page%20not%20found%20-%20%D8%AE%D9%88%D8%AF%D8%B1%D9%88%DB%B4%DB%B5&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R0MS097RQH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 23:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khodro45.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 78ms
77ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=215795982&t=pageview&_s=1&dl=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%D8%AE%D9%88%D8%AF%D8%B1%D9%88%DB%B4%DB%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=990471386&gjid=1058413398&cid=1019986829.1695251203&tid=UA-122761027-1&_gid=732196819.1695251204&_r=1&_slc=1&gtm=45He39i0n81PGF668F&z=985709339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 23:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khodro45.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 67ms
66ms XHR
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-122761027-1&cid=1019986829.1695251203&jid=990471386&gjid=1058413398&_gid=732196819.1695251204&_u=YADAAEAAAAAAACAAI~&z=338565152

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 20 Sep 2023 23:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khodro45.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 617ms
97ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-122761027-1&cid=1019986829.1695251203&jid=990471386&_u=YADAAEAAAAAAACAAI~&z=1565624300

Requested by

Host: khodro45.com
URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 23:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/8535/ 3 KB
1 KB 701ms
225ms XHR
application/json 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/8535/advertiser.json

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

c46de6d9c20bcb6efd9c8fb75b499cc52ce72b240e0e963d5ee366495033d8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
442 B 297ms
285ms XHR
application/json 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=dJo3OOat

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/fw32vYI4/rg.complete.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
x-cache: BYPASS
server-timing: total;dur=101
content-length: 5
x-xss-protection: 1; mode=block
x-request-id: c8b0d4d9bd6f957590d40e9c57e00fa8
x-sid: 4105
pragma: no-cache
server: ArvanCloud
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://khodro45.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization
expires: 0

GET
H2 200 / Show response
ua.yektanet.com/cookie/iframe/ Frame 9A81 3 KB
1 KB 292ms
288ms Document
text/html 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/iframe/

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/fw32vYI4/rg.complete.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://khodro45.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: br
content-type: text/html
date: Wed, 20 Sep 2023 23:06:44 GMT
expires: 0
last-modified: Wednesday, 20-Sep-2023 23:06:44 GMT
pragma: no-cache
server: ArvanCloud
server-timing: total;dur=104
vary: Accept-Encoding
x-cache: BYPASS
x-request-id: 5958371a4be52bab7d9328d610265325
x-sid: 4105
x-xss-protection: 1; mode=block

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
695 B 303ms
300ms Ping
image/gif 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=b48c3724-168d-4c59-b1f5-d768170a60cb&abj=1&aed=adv&abh=3019&sv=3&st=rg.complete.js&psc=985&psi=4467&ac=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&ae=%7B%22arm%22%3A%22zntz1qxw12az00%22%2C%22warm%22%3A%22europe%22%2C%22nor%22%3A%22stand%22%7D&ad=khodro45.com&as=Page%20not%20found%20-%20%D8%AE%D9%88%D8%AF%D8%B1%D9%88%DB%B4%DB%B5&aef=dJo3OOat&aec=2984&ai=5cfaf8d9-fc70-03fa-bbc3-3610d5c8aed8&abw=1600&abb=1525&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%86%D8%AA%DB%8C%D8%AC%D9%87%20%D8%A7%DB%8C%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v3/fw32vYI4/rg.complete.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 20 Sep 2023 23:06:44 GMT
last-modified: Wednesday, 20-Sep-2023 23:06:44 GMT
server: ArvanCloud
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
server-timing: total;dur=116
accept-ranges: bytes
content-length: 42
x-xss-protection: 1; mode=block
x-request-id: 442b659a4924823d81c7d9ec1d201043
x-sid: 4105

GET
H2 200 set Show response
ua.yektanet.com/cookie/ Frame 9A81 78 B
806 B 282ms
282ms XHR
application/json 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/cookie/set

Requested by

Host: ua.yektanet.com
URL: https://ua.yektanet.com/cookie/iframe/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

729daa12688a9292b41d157e1f0c3ebad0993c512003cead48786288a3b4b774

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ua.yektanet.com/cookie/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
content-encoding: br
x-cache: BYPASS
server-timing: total;dur=98
x-xss-protection: 1; mode=block
x-request-id: fcd369a0800333e816a327c811ed1655
x-sid: 4105
pragma: no-cache
last-modified: Wednesday, 20-Sep-2023 23:06:44 GMT
server: ArvanCloud
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
expires: 0

GET
H2 200 advertiser.json Show response
ma-cdn.pegah.tech/v1/retargeting/61964/ 326 B
685 B 224ms
224ms XHR
application/json 45.94.255.25
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://ma-cdn.pegah.tech/v1/retargeting/61964/advertiser.json

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.255.25 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.cloud

Software

Resource Hash

c84481a35c98121b6a4525f9339a513d0477b38ace19422091c5fd59a5d7aa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token

GET
H2 200 khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.json Show response
van.najva.com/static/js/scripts/ 3 KB
2 KB 909ms
340ms Fetch
application/json 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.json?v=2023-09-20T23

Requested by

Host: app.najva.com
URL: https://app.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

f08345dd35368a4072989eb76b2007bafcc245dc4d230d48088b799ab94b3911

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:45 GMT
content-encoding: br
x-cache-status: MISS
x-cache: BYPASS
server-timing: total;dur=154
x-xss-protection: 1; mode=block
x-request-id: 30a4ff90f208171c668b9aadaf899795
x-sid: 4105
last-modified: Wed, 20 Sep 2023 03:30:26 GMT
server: ArvanCloud
etag: W/"52cf4a5f3269e19463afc6f91f118082"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.json Show response
van.najva.com/static/js/scripts/ 3 KB
2 KB 767ms
336ms Fetch
application/json 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.json?v=2023-09-20T23

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

f08345dd35368a4072989eb76b2007bafcc245dc4d230d48088b799ab94b3911

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:45 GMT
content-encoding: br
x-cache-status: HIT
x-cache: BYPASS
server-timing: total;dur=154
x-xss-protection: 1; mode=block
x-request-id: 83e0ac662e26b2a2b5ec70624a1691c4
x-sid: 4105
last-modified: Wed, 20 Sep 2023 03:30:26 GMT
server: ArvanCloud
etag: W/"52cf4a5f3269e19463afc6f91f118082"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 K45-Mag-Logo-Light-bg-1.png
khodro45.com/wp-content/uploads/2022/11/ 7 KB
7 KB 184ms
184ms Image
text/html 185.143.233.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khodro45.com/wp-content/uploads/2022/11/K45-Mag-Logo-Light-bg-1.png

Requested by

Host: khodro45.com
URL: https://khodro45.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / PHP/7.4.23

Resource Hash

8f547f01fe36bd9e34f4e713ca589459158b84b05862e9b157a7015a366f5bf8

Security Headers

Name	Value
Content-Security-Policy	default-rsc 'self'
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Wed, 20 Sep 2023 23:06:44 GMT
date: Wed, 20 Sep 2023 23:06:44 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-rsc 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-powered-by: PHP/7.4.23
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 91726cf35b4bef4646dc49f6d512f321
x-sid: 4100
server: ArvanCloud
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
x-content-security-policy: default-src 'self'

GET
H2 200 fingerprint.html Show response
mediacdn.mediaad.org/static/ Frame 9DC2 4 KB
2 KB 685ms
212ms Document
text/html 46.245.80.244
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacdn.mediaad.org/static/fingerprint.html

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.245.80.244 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),

Reverse DNS

Software

Resource Hash

0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://khodro45.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-expose-headers: x-requested-with
cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 20 Sep 2023 23:06:45 GMT
expires: Thu, 21 Sep 2023 15:35:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT
x-cache-status-asiatech: HIT

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 968ms
212ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=03200310-681c-4c22-b181-e977a9483d37&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://khodro45.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 968ms
212ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://khodro45.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
476 B 225ms
223ms XHR
text/plain 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=03200310-681c-4c22-b181-e977a9483d37&c=false

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 88 B
603 B 225ms
224ms XHR
text/plain 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

3c4736c3be997a91098cc76fb59869946286dd5017548cda3499804d40bbc63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 88

POST
H2 200 tag Show response
api.mediaad.org/v1/events/ 0
476 B 223ms
222ms XHR
text/plain 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=03200310-681c-4c22-b181-e977a9483d37&c=false

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

POST
H2 200 loaded Show response
api.mediaad.org/v2/events/page/ 0
496 B 225ms
225ms XHR
text/plain 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 tag
api.mediaad.org/v1/events/ Frame 0
0 968ms
213ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v1/events/tag?fid=03200310-681c-4c22-b181-e977a9483d37&c=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://khodro45.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H2 200 loaded
api.mediaad.org/v2/events/page/ Frame 0
0 968ms
213ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/loaded

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://khodro45.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 20 Sep 2023 23:06:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 complete.js Show response
cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/ 36 KB
13 KB 249ms
248ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/complete.js?v=2023-09-20T23

Requested by

Host: van.najva.com
URL: https://van.najva.com/static/js/scripts/khodro45767-website-35777-17c8a738-2b2c-4312-96f6-8dcbb59e1c15.js?v=202308020013

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

812edd951e78b4c033618606ef18a65aa807795bed9ecaeb3129c5e1cdab1bbb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:45 GMT
content-encoding: gzip
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: dbf8e1fd0baf9995debf0e89c8ef1434
x-sid: 4105
last-modified: Wed, 14 Jun 2023 07:17:53 GMT
server: ArvanCloud
etag: W/"c117fbc5ca3e96024f25152ef375cf7f"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 21 Sep 2023 00:06:45 GMT

GET
H2 200 / Show response
audience.yektanet.com/api/v1/scripts/preview/validate/ 5 B
441 B 277ms
276ms XHR
application/json 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://audience.yektanet.com/api/v1/scripts/preview/validate/?app_id=7myDmt4H

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/complete.js?v=2023-09-20T23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
x-cache: BYPASS
server-timing: total;dur=89
content-length: 5
x-xss-protection: 1; mode=block
x-request-id: dc89f86684518d861276c26b8c437fad
x-sid: 4105
pragma: no-cache
server: ArvanCloud
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://khodro45.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization
expires: 0

POST
H2 200 __fake.gif
ua.yektanet.com/ 42 B
694 B 280ms
279ms Ping
image/gif 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.yektanet.com/__fake.gif?aa=event&abe=L&abf=b37ef3d4-ac42-4283-8f7a-065004eac9f6&abj=1&aed=pub&abh=&sv=4&st=complete.js&psc=262&psi=6997&ac=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&ae=%7B%22arm%22%3A%22zntz1qxw12az00%22%2C%22warm%22%3A%22europe%22%2C%22nor%22%3A%22stand%22%7D&ad=khodro45.com&ba=f97c682b-b86e5-5d63a-a2568-8911b626d1c67&as=Page%20not%20found%20-%20%D8%AE%D9%88%D8%AF%D8%B1%D9%88%DB%B4%DB%B5&aef=7myDmt4H&aec=155219&ai=5cfaf8d9-fc70-03fa-bbc3-3610d5c8aed8&abw=1600&abb=1525&aby=1600&abz=1200&al=1600&am=1200&abk=%D9%86%D8%AA%DB%8C%D8%AC%D9%87%20%D8%A7%DB%8C%20%D9%BE%DB%8C%D8%AF%D8%A7%20%D9%86%D8%B4%D8%AF

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/complete.js?v=2023-09-20T23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 20 Sep 2023 23:06:46 GMT
last-modified: Wednesday, 20-Sep-2023 23:06:46 GMT
server: ArvanCloud
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
server-timing: total;dur=94
accept-ranges: bytes
content-length: 42
x-xss-protection: 1; mode=block
x-request-id: cb66437218bba523bc647f851d7b6da4
x-sid: 4105

GET
H2 200 capture-clicks.0f5e1a672b5c1da5270b.js Show response
audience-scripts.yektanet.com/public/static/preview/ 7 KB
3 KB 336ms
208ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://audience-scripts.yektanet.com/public/static/preview/capture-clicks.0f5e1a672b5c1da5270b.js

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/complete.js?v=2023-09-20T23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

9b3adcb89e7d56460620e1018ec793a58cd7f490959c4ee4e3df40ed399d8bb2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
content-encoding: br
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: a2871187053ee3b26666d7a4f946abce
x-sid: 4105
last-modified: Wed, 23 Aug 2023 12:30:30 GMT
server: ArvanCloud
etag: W/"c86d571f334bbf00913da07c347262c2"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
cache-control: max-age=3600
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 21 Sep 2023 00:06:46 GMT

GET
H2 200 external-link.a766e860e1d77c63653d.js Show response
audience-scripts.yektanet.com/public/static/preview/ 3 KB
2 KB 314ms
186ms Script
application/javascript 185.143.234.120
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://audience-scripts.yektanet.com/public/static/preview/external-link.a766e860e1d77c63653d.js

Requested by

Host: cdn.yektanet.com
URL: https://cdn.yektanet.com/rg_woebegone/scripts_v4/7myDmt4H/complete.js?v=2023-09-20T23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud /

Resource Hash

ee4c7a8f430ef1b314fd1e5ecec3ee099da91045d21bea3416a3b68a24496a30

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://khodro45.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:46 GMT
content-encoding: br
x-cache: HIT
server-timing: total;dur=0
x-xss-protection: 1; mode=block
x-request-id: 0fa15ebbce6579d03911296ab9d9da8f
x-sid: 4105
last-modified: Sun, 30 Jul 2023 07:38:45 GMT
server: ArvanCloud
etag: W/"5b34250a8586f6d99e7047c4a732687d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
cache-control: max-age=3600
access-control-max-age: 1728000
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 21 Sep 2023 00:06:46 GMT

GET
H2 200 pako_deflate.min.js Show response
mediacdn.mediaad.org/7/25/asset/js/ 25 KB
9 KB 652ms
214ms Script
application/javascript 46.245.80.244
ASIATECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mediacdn.mediaad.org/7/25/asset/js/pako_deflate.min.js

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.245.80.244 , Iran, Islamic Republic Of, ASN43754 (ASIATECH, IR),

Reverse DNS

Software

Resource Hash

92666bd17a844c3ca027b6e0619e1ffaa625bf9ee9413c18efc3608a891775ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
Origin: https://khodro45.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:06:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 25 Jul 2022 10:38:04 GMT
etag: W/"62de728c-6470"
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-cache-status-asiatech: HIT
expires: Thu, 21 Sep 2023 15:35:31 GMT

POST
H2 200 content Show response
api.mediaad.org/v2/events/page/ 0
476 B 445ms
444ms XHR
text/plain 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mediaad.org/v2/events/page/content?t=AX8UubNmXvuQkjQJHBvmsHcVggc1jQ2n5LcnEIgyyuKsPrZ1saraWrk6wBLcAxryTbiLumIBuK7ghSH0aBXr5Vg=&l=https%3A%2F%2Fkhodro45.com%2Fattacked%2F6kgd%2Fclearcache%2Fpopup_overpack.php%3Farm%3Dzntz1qxw12az00%26warm%3Deurope%26nor%3Dstand&fid=03200310-681c-4c22-b181-e977a9483d37

Requested by

Host: s1.mediaad.org
URL: https://s1.mediaad.org/serve/8535/retargeting.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Content-Encoding: gzip
Referer: https://khodro45.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/octet-stream

Response headers

date: Wed, 20 Sep 2023 23:06:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
content-length: 0

OPTIONS
H2 200 content
api.mediaad.org/v2/events/page/ Frame 0
0 211ms
211ms Preflight 45.94.254.24
SINDAD

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.94.254.24 , Iran, Islamic Republic Of, ASN48551 (SINDAD, IR),

Reverse DNS

host.sindad.org

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://khodro45.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-auth-token, x-requested-with, content-type, content-encoding, accept, origin, referer, Authorization, x-xsrf-token, x-csrf-token
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin: https://khodro45.com
access-control-expose-headers: x-requested-with
content-length: 0
date: Wed, 20 Sep 2023 23:06:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.j.mp/	1970-01-20 19:13:23	Name: _bit Value: n8kn6C-b5af1baa3253ca065c-00a
.khodro45.com/	1970-01-20 17:03:47	Name: _gcl_au Value: 1.1.452376156.1695251203
.khodro45.com/	1970-01-21 00:30:11	Name: _ga_XT9041V629 Value: GS1.1.1695251203.1.0.1695251203.60.0.0
.khodro45.com/	1970-01-21 00:30:11	Name: _ga_R0MS097RQH Value: GS1.1.1695251203.1.0.1695251203.0.0.0
.khodro45.com/	1970-01-21 00:30:11	Name: _ga Value: GA1.2.1019986829.1695251203
.khodro45.com/	1970-01-20 14:55:37	Name: _gid Value: GA1.2.732196819.1695251204
.khodro45.com/	1970-01-20 14:54:11	Name: _gat_UA-122761027-1 Value: 1
khodro45.com/	1970-01-20 23:39:47	Name: analytics_token Value: 8860f40f-10ca-08f9-9a21-c24093e14f9a
khodro45.com/	1970-01-20 14:54:13	Name: analytics_session_token Value: 5cfaf8d9-fc70-03fa-bbc3-3610d5c8aed8
khodro45.com/	1970-01-20 14:55:37	Name: yektanet_session_last_activity Value: 9/21/2023
khodro45.com/	1969-12-31 23:59:59	Name: _yngt_iframe Value: 1
.yektanet.com/	1970-01-21 00:30:11	Name: gearbox_ad_token Value: f97c682b-b86e5-5d63a-a2568-8911b626d1c67
.yektanet.com/	1970-01-21 00:30:11	Name: analytics_global_token Value: f97c682b-b86e5-5d63a-a2568-8911b626d1c67
khodro45.com/	1970-01-20 15:37:23	Name: _yngt Value: f97c682b-b86e5-5d63a-a2568-8911b626d1c67
.mediaad.org/	1970-01-21 00:30:11	Name: USER_ID Value: 03200310-681c-4c22-b181-e977a9483d37

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://khodro45.com/attacked/6kgd/clearcache/popup_overpack.php?arm=zntz1qxw12az00&warm=europe&nor=stand Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.mediaad.org
app.najva.com
assets.najva.com
audience-scripts.yektanet.com
audience.yektanet.com
cdn.yektanet.com
j.mp
khodro45.com
ma-cdn.pegah.tech
mediacdn.mediaad.org
n1.sanjagh.com
s1.mediaad.org
stats.g.doubleclick.net
ua.yektanet.com
van.najva.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.khodro45.com
185.143.233.120
185.143.234.120
2001:4860:4802:34::181
2606:4700:3033::ac43:a68c
2607:f8b0:4004:c0b::9b
2607:f8b0:4006:824::200e
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2004
45.94.254.24
45.94.255.25
46.245.80.244
67.199.248.17
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
0ad97efdc22b7f780fda3692f5ff7ee6ec80d144fad5de0aa066addd4d8d1fb3
127f0f21925df234539f9ecb2a8e1cfbd56603a52abd9cf8e5aaff80998e4801
15a0485c2cd44912f73642f0bf5bdf93854c14cd9aa51233575bca9c8353ec78
20b2a7cf0ed6e6454f3a7b5583e66b7c2a653e4a7c558390eefb92b04a4beabd
276314ac3b483f62409226c9f21c8ba78bc42b38ebfa26bda9359cf069261cea
2e3a3ec20b9109fc51ce1eff77cf184724fa92dfe929c6be2d5b3cdba6596a40
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3c4736c3be997a91098cc76fb59869946286dd5017548cda3499804d40bbc63f
3d76255f7e596a7e00397b994f7a2f1fcf21219a5618532091fc0153efe85deb
49d80f3ec95f35818b796d393cf1d062f4222109d7b866e9caa89b26d64efd31
4ccc27337cb5e80e6509daacc7b8d18b77c26bcfe3443722ec5ecc468d8da172
4f11f56fb396eb4bbf5bd2c07e52aff3dc58b357e9d97a2a622b1b354208ae21
514a38ab1376ea0f279f8f745d01edcfefa76f06f4f119bc4d336d2635b6bd7b
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
5a58d2d0ee40e4ce42677170444a448d34293ba82fbd4402fc5674344ce21a75
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d47e5a33b1806550a2f3bf09f9fcb75ef70c8f472d73d5e6a1e07082a09ddd3
5f532a67fe64df985e38dabc310b30139c322f2153c5d686e7c741900624c9fd
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6e44c52635fd08e820c89834210088ca4d54a0c4cebf6246925474e3d4988d84
6e9d1e5d1cdac01b8428613f904026dc3703bf9cc7a37039d16c8a06dd1f5d09
7102806259af500ece91bf4c81b73f571d20d59fff5be6ce0188e18b4f90d060
729daa12688a9292b41d157e1f0c3ebad0993c512003cead48786288a3b4b774
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cef5612505ef4a18e4ca64345fcd28533001b388cbb61fc7b3a820031f02ff2
7fbe8640c1597459e16bb36f3d7e8d21545ba1fb882ae24b569ccc714dd3af64
812edd951e78b4c033618606ef18a65aa807795bed9ecaeb3129c5e1cdab1bbb
8f547f01fe36bd9e34f4e713ca589459158b84b05862e9b157a7015a366f5bf8
92666bd17a844c3ca027b6e0619e1ffaa625bf9ee9413c18efc3608a891775ef
9b3adcb89e7d56460620e1018ec793a58cd7f490959c4ee4e3df40ed399d8bb2
9ecda45e206bac761d435f99dd1d86fb4b03cb46ba38cf4ef50d18d2954a4232
9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09
a4765ef5a8224ac10ee59006ca59ebf0e6401e4b53b5fdb10ca5f7308623b3bb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8479a8ccbeebfa195562ddceb1a6e0b7e62f8f31169df6af66dbb500c6a97a9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c46de6d9c20bcb6efd9c8fb75b499cc52ce72b240e0e963d5ee366495033d8b9
c84481a35c98121b6a4525f9339a513d0477b38ace19422091c5fd59a5d7aa7d
d28976bd53ab07b1ee0b5cd774f563919199b4d5d3318f3199c2ffcb74126a26
d60e505767ce2c784709b9f64ffc1caeb33d57a1a553acc11224315b05276ef3
da284ef2c14182818595b3cddcc46601181f76287f3fb57538a3ae814dae6d63
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c8cc1cd561e2be98ef2f95f5f77c51674cdcbeca6d7dc243ecc2a863350e91
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ee4c7a8f430ef1b314fd1e5ecec3ee099da91045d21bea3416a3b68a24496a30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08345dd35368a4072989eb76b2007bafcc245dc4d230d48088b799ab94b3911
f636a8424917f15ae334b657c99dd70771050233462acb0ef3b5f1803495158c
fa73339c9de99823601e1bdf605d3fe4eb449fca3598a98287e238e723dd3b05
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd26232315c5199c77306e32e6d400ff94626317cf370d19595d9153cbbf0b5e

khodro45.com Open in urlscan Pro 185.143.233.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

97 %HTTPS

50 %IPv6

11 Domains

20 Subdomains

10 IPs

3 Countries

2358 kBTransfer

4676 kBSize

15 Cookies

5 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

khodro45.com Open in urlscan Pro
185.143.233.120 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

97 %
HTTPS

50 %
IPv6

11
Domains

20
Subdomains

10
IPs

3
Countries

2358 kB
Transfer

4676 kB
Size

15
Cookies

77 HTTP transactions
0 data transactions