urlscan.io logo urlscan.io
SecurityTrails logo

ws.safarbooking.ir Open in urlscan Pro
164.138.22.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ws.safarbooking.ir/
Effective URL: https://ws.safarbooking.ir/users/auth/login
Submission: On April 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 164.138.22.26, located in Tehran, Iran, Islamic Republic Of and belongs to RAV-NET-01, IR. The main domain is ws.safarbooking.ir.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 24th 2022. Valid for: a year.
This is the only time ws.safarbooking.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 164.138.22.26 59431 (RAV-NET-01)
15 164.138.20.117 59431 (RAV-NET-01)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 6
2    164.138.22.26 (Tehran, Iran, Islamic Republic Of)

ASN59431 (RAV-NET-01, IR)
PTR: mail.safarbooking.com
ws.safarbooking.ir
15    164.138.20.117 (Tehran, Iran, Islamic Republic Of)

ASN59431 (RAV-NET-01, IR)
safarbooking.ir
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 safarbooking.ir
ws.safarbooking.ir
safarbooking.ir
308 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
566 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
29 KB
27 3
Domain Requested by
15 safarbooking.ir ws.safarbooking.ir
safarbooking.ir
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com ws.safarbooking.ir
www.gstatic.com
www.google.com
2 ws.safarbooking.ir 1 redirects
1 fonts.gstatic.com www.google.com
27 5

This site contains no links.

Subject Issuer Validity Valid
ws.safarbooking.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-24 -
2023-10-25		 a year crt.sh
safarbooking.ir
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ws.safarbooking.ir/users/auth/login
Frame ID: 77D72B0E80718A02DA0FBA62CF8658AA
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Frame ID: 1DDE41FA3E4BC219A8D2EFC2843A5C0B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf
Frame ID: D415CF4B43EAF997558FB13876509593
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

شرکت پیشتازان سفر آسمان پاژ

Page URL History Show full URLs

  1. https://ws.safarbooking.ir/ HTTP 302
    https://ws.safarbooking.ir/users/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

27
Requests

96 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

902 kB
Transfer

2212 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ws.safarbooking.ir/ HTTP 302
    https://ws.safarbooking.ir/users/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ws.safarbooking.ir/users/auth/
Redirect Chain
  • https://ws.safarbooking.ir/
  • https://ws.safarbooking.ir/users/auth/login
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.22.26 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
mail.safarbooking.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4ab8b977861de122257ea4610411b28e008605a171c61d4ca7b35888560f0c5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com; frame-ancestors 'self' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com trustseal.enamad.ir;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com; frame-ancestors 'self' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com trustseal.enamad.ir;
content-type
text/html; charset=UTF-8
date
Wed, 05 Apr 2023 07:26:21 GMT
expect-ct
enforce, max-age=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
interest-cohort=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com; frame-ancestors 'self' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com trustseal.enamad.ir;
content-type
text/html; charset=UTF-8
date
Wed, 05 Apr 2023 07:26:21 GMT
expect-ct
enforce, max-age=86400
location
https://ws.safarbooking.ir/users/auth/login
permissions-policy
interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
bootstrap.min.css
safarbooking.ir/assets/admin/css/ 		119 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/css/bootstrap.min.css
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
89a64c5a9283f011ab47601584b02d9e9b44f4489012459aa369026d79bfa4ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:22 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-1daae"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:22 GMT
bootstrap-rtl.min.css
safarbooking.ir/assets/admin/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/css/bootstrap-rtl.min.css
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b2612d6104348a17f734053447b1a71908328ca88c914812b36d4e488e09a9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:22 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-662c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:22 GMT
animate.min.css
safarbooking.ir/assets/admin/css/ 		53 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/css/animate.min.css
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b4efa10f206320dea7900dc737d6ca676c01203855cb3dabd2b03723981e636c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:22 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-d592"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:22 GMT
mystyle.css
safarbooking.ir/assets/admin/css/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/css/mystyle.css?ver=5.11975.127
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ad36e3f1f904adb62669065c05e0e9d8a2a01016281c12e3a0ff494c2ab22acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:22 GMT
content-encoding
br
last-modified
Mon, 27 Feb 2023 10:34:16 GMT
server
Microsoft-IIS/10.0
etag
W/"63fc8728-1ccc1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:22 GMT
font-awesome.min.css
safarbooking.ir/assets/admin/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/css/font-awesome.min.css
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
382a6487eb37a815e9eb6c1fd81accdfcf541f118c95124badb5c3911511f1f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:22 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-5ca9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:22 GMT
jquery.min.js
safarbooking.ir/assets/admin/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/js/jquery.min.js
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-14960"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:23 GMT
toastr.js
safarbooking.ir/assets/admin/js/toastr/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/js/toastr/toastr.js
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f3f8e506001c8cf1bf4db5a6e3bd5bba481a56d19e4eaae9de820cfb14471229

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-120a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:23 GMT
bootstrap.min.js
safarbooking.ir/assets/admin/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/js/bootstrap.min.js
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-9004"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:23 GMT
beyond.js
safarbooking.ir/assets/admin/js/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/js/beyond.js
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb287e3c45616aedd72ab08b4ba36b732b5e321ce3f5daf3f73729f3303b965d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
content-encoding
br
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
W/"635f7741-534a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800, private
expires
Wed, 12 Apr 2023 07:26:23 GMT
logo-login.png
safarbooking.ir/assets/admin/img/logo/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safarbooking.ir/assets/admin/img/logo/logo-login.png
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5adb3aff3660c70b2cc010db07c3cc65fb5f1ab04704e85066eb4022a76515ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-6182"
content-type
image/png
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
24962
expires
Wed, 12 Apr 2023 07:26:23 GMT
api.js
www.google.com/recaptcha/ 		850 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=onload&hl=fa
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ddb2cbbfaa8297b49168d8e597f98a5b51a9d529a1068826904c4494ffef113
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
1; mode=block
expires
Wed, 05 Apr 2023 07:26:23 GMT
logo-bottom.png
safarbooking.ir/assets/admin/img/logo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safarbooking.ir/assets/admin/img/logo/logo-bottom.png
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c64611f21d59bc03d5ca06061545a627c7a0959bcfbe0fa260cd4881662b38fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-22fb"
content-type
image/png
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
8955
expires
Wed, 12 Apr 2023 07:26:24 GMT
login-safar.jpg
safarbooking.ir/assets/admin/img/logo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safarbooking.ir/assets/admin/img/logo/login-safar.jpg
Requested by
Host: ws.safarbooking.ir
URL: https://ws.safarbooking.ir/users/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c11555e122905fb74e592725b5dd0e0d7b65976aa2465765740f88fd5e08a6ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.safarbooking.ir/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-2ef1"
content-type
image/jpeg
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
12017
expires
Wed, 12 Apr 2023 07:26:24 GMT
lock.png
safarbooking.ir/assets/admin/img/logo/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safarbooking.ir/assets/admin/img/logo/lock.png
Requested by
Host: safarbooking.ir
URL: https://safarbooking.ir/assets/admin/css/mystyle.css?ver=5.11975.127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a920c9df0182a657ff35bbcd82386d63b806359b69c7e66c1898e458e27465f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safarbooking.ir/assets/admin/css/mystyle.css?ver=5.11975.127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-20fe"
content-type
image/png
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
8446
expires
Wed, 12 Apr 2023 07:26:24 GMT
IRANSans.ttf
safarbooking.ir/assets/admin/fonts/ 		99 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/fonts/IRANSans.ttf
Requested by
Host: safarbooking.ir
URL: https://safarbooking.ir/assets/admin/css/mystyle.css?ver=5.11975.127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ed26a4d01e60a710402298b3637e8edb4e75ecc10375a0ceaa8c20bae200a2ac

Request headers

Referer
https://safarbooking.ir/assets/admin/css/mystyle.css?ver=5.11975.127
Origin
https://ws.safarbooking.ir
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-18bc4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
101316
expires
Wed, 12 Apr 2023 07:26:24 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 		439 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=onload&hl=fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaddccd7ec448d01595f09ccba311651471e298fad577f123ae2a1a8f65a43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ws.safarbooking.ir/
Origin
https://ws.safarbooking.ir
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 08:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170332
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 08:52:15 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1DDE 		48 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b390041ba034b4e3beaaaa76a3d47a48e62e2ae6448d70b25e06012a7b170462
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2-mrsOf2Js6gr4scDvdyHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ws.safarbooking.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
27134
content-security-policy
script-src 'report-sample' 'nonce-2-mrsOf2Js6gr4scDvdyHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Apr 2023 07:26:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__rtl.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 1DDE 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__rtl.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4d7c30ec90b3fa7a9e30aec9d2ca67ec98bbb464c7bbadf1d2c0f168bdf0988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 08:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24600
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 08:52:15 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 1DDE 		439 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaddccd7ec448d01595f09ccba311651471e298fad577f123ae2a1a8f65a43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 08:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170332
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 08:52:15 GMT
truncated
/ Frame 1DDE 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1DDE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1DDE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
age
393672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 07 Apr 2023 18:05:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1DDE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 10:31:05 GMT
x-content-type-options
nosniff
age
75319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 10:31:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1DDE 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fa&v=NZrMWHVy58-S9gVvad9HVGxk
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff057607ffbd70bfde7f71e89dc42dfc5f20585899dd9ea212b07388871e2d50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf&co=aHR0cHM6Ly93cy5zYWZhcmJvb2tpbmcuaXI6NDQz&hl=fa&type=image&v=NZrMWHVy58-S9gVvad9HVGxk&theme=light&size=normal&cb=65s68rm4hgv9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 05 Apr 2023 07:26:24 GMT
bframe
www.google.com/recaptcha/api2/ Frame D415 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fa&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9514ce5a8dadb255f9bc34a23292d2061cf54e15a4c92c56a222ae8f9564cde5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Tz-fv_4kKewv9uPzLywpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ws.safarbooking.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1117
content-security-policy
script-src 'report-sample' 'nonce-2Tz-fv_4kKewv9uPzLywpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Apr 2023 07:26:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fontawesome-webfont.woff2
safarbooking.ir/assets/admin/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safarbooking.ir/assets/admin/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: safarbooking.ir
URL: https://safarbooking.ir/assets/admin/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.20.117 Tehran, Iran, Islamic Republic Of, ASN59431 (RAV-NET-01, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://safarbooking.ir/assets/admin/css/font-awesome.min.css
Origin
https://ws.safarbooking.ir
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 07:26:24 GMT
last-modified
Mon, 31 Oct 2022 07:20:33 GMT
server
Microsoft-IIS/10.0
etag
"635f7741-ddcc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800, private
accept-ranges
bytes
content-length
56780
expires
Wed, 12 Apr 2023 07:26:24 GMT
styles__rtl.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame D415 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__rtl.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4d7c30ec90b3fa7a9e30aec9d2ca67ec98bbb464c7bbadf1d2c0f168bdf0988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 08:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24600
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 08:52:15 GMT
recaptcha__fa.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame D415 		439 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__fa.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fa&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LcY200aAAAAAKPsBaiOiB4Dam5olCkGIBkixnCf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaddccd7ec448d01595f09ccba311651471e298fad577f123ae2a1a8f65a43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 08:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170332
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 08:52:15 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery function| getInternetExplorerVersion function| checkVersion function| isIE8orlower object| toastr undefined| themeprimary undefined| themesecondary undefined| themethirdcolor undefined| themefourthcolor undefined| themefifthcolor function| getThemeColorFromCss object| rtlchanger function| createCookie function| readCookie function| eraseCookie object| popovers object| hoverpopovers function| InitiateSideMenu function| InitiateWidgets function| maximize function| Notify function| InitiateSettings function| setCookiesForFixedSettings string| position number| additionalHeight function| getcolor function| switchClasses function| addClass function| removeClass function| hasClass function| login function| setCookie function| disableReload string| base_url object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_612240

1 Cookies

Domain/Path Name / Value
ws.safarbooking.ir/ Name: __Host-session
Value: 6pidcc6l8tn73tt8vu9cq81su7reks8v

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com; frame-ancestors 'self' *.flysepehran.ir flysepehran.ir *.safarbooking.com safarbooking.com *.allinsafar.com allinsafar.com website.safar.lan *.sahahair.com trustseal.enamad.ir;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
safarbooking.ir
ws.safarbooking.ir
www.google.com
www.gstatic.com
164.138.20.117
164.138.22.26
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:813::2003
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0eaddccd7ec448d01595f09ccba311651471e298fad577f123ae2a1a8f65a43b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
382a6487eb37a815e9eb6c1fd81accdfcf541f118c95124badb5c3911511f1f9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4ab8b977861de122257ea4610411b28e008605a171c61d4ca7b35888560f0c5d
5adb3aff3660c70b2cc010db07c3cc65fb5f1ab04704e85066eb4022a76515ed
6ddb2cbbfaa8297b49168d8e597f98a5b51a9d529a1068826904c4494ffef113
89a64c5a9283f011ab47601584b02d9e9b44f4489012459aa369026d79bfa4ff
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9514ce5a8dadb255f9bc34a23292d2061cf54e15a4c92c56a222ae8f9564cde5
a4d7c30ec90b3fa7a9e30aec9d2ca67ec98bbb464c7bbadf1d2c0f168bdf0988
a920c9df0182a657ff35bbcd82386d63b806359b69c7e66c1898e458e27465f1
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ad36e3f1f904adb62669065c05e0e9d8a2a01016281c12e3a0ff494c2ab22acd
b2612d6104348a17f734053447b1a71908328ca88c914812b36d4e488e09a9b3
b390041ba034b4e3beaaaa76a3d47a48e62e2ae6448d70b25e06012a7b170462
b4efa10f206320dea7900dc737d6ca676c01203855cb3dabd2b03723981e636c
bb287e3c45616aedd72ab08b4ba36b732b5e321ce3f5daf3f73729f3303b965d
c11555e122905fb74e592725b5dd0e0d7b65976aa2465765740f88fd5e08a6ec
c64611f21d59bc03d5ca06061545a627c7a0959bcfbe0fa260cd4881662b38fc
ed26a4d01e60a710402298b3637e8edb4e75ecc10375a0ceaa8c20bae200a2ac
f3f8e506001c8cf1bf4db5a6e3bd5bba481a56d19e4eaae9de820cfb14471229
ff057607ffbd70bfde7f71e89dc42dfc5f20585899dd9ea212b07388871e2d50