Submitted URL: http://topkhodro.ir/wp-content/za76550u1.htm
Effective URL: https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Submission: On April 12 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3035::6815:2ae8, located in United States and belongs to CLOUDFLARENET, US. The main domain is wmiwfy.de.
TLS certificate: Issued by E1 on March 7th 2024. Valid for: 3 months.
This is the only time wmiwfy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 91.220.113.246 213222 (TIDA)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 11 2606:4700:303... 13335 (CLOUDFLAR...)
14 5
Apex Domain
Subdomains
Transfer
11 wmiwfy.de
wmiwfy.de
35 KB
2 topkhodro.ir
topkhodro.ir
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 376
30 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1153
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 771
24 KB
14 5
Domain Requested by
11 wmiwfy.de 2 redirects topkhodro.ir
wmiwfy.de
2 topkhodro.ir
1 ajax.googleapis.com topkhodro.ir
1 maxcdn.bootstrapcdn.com topkhodro.ir
1 code.jquery.com topkhodro.ir
14 5

This site contains no links.

Subject Issuer Validity Valid
*.topkhodro.ir
R3
2024-02-14 -
2024-05-14
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
wmiwfy.de
E1
2024-03-07 -
2024-06-05
3 months crt.sh

This page contains 3 frames:

Primary Page: https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Frame ID: F3E8E027FB7DD35B9C922095AC2BAF59
Requests: 10 HTTP requests in this frame

Frame: https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: BB1093D1B799BCB515A9C421B36A632C
Requests: 2 HTTP requests in this frame

Frame: https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 44AAA02E5CD631CEB595F176E9660183
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://topkhodro.ir/wp-content/za76550u1.htm HTTP 307
    https://topkhodro.ir/wp-content/za76550u1.htm Page URL
  2. https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg= Page URL
  3. https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

104 kB
Transfer

244 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://topkhodro.ir/wp-content/za76550u1.htm HTTP 307
    https://topkhodro.ir/wp-content/za76550u1.htm Page URL
  2. https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg= Page URL
  3. https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://topkhodro.ir/wp-content/za76550u1.htm HTTP 307
  • https://topkhodro.ir/wp-content/za76550u1.htm
Request Chain 7
  • https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Request Chain 10
  • https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
za76550u1.htm
topkhodro.ir/wp-content/
Redirect Chain
  • http://topkhodro.ir/wp-content/za76550u1.htm
  • https://topkhodro.ir/wp-content/za76550u1.htm
861 B
684 B
Document
General
Full URL
https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.220.113.246 , Iran, Islamic Republic Of, ASN213222 (TIDA, IR),
Reverse DNS
hwh-01.hostidadns.com
Software
/
Resource Hash
27d1add09b2597e2dda5c3de6307fc7cfeedaaa8ccc980c9c13ec6af0b0db205

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
439
content-type
text/html
date
Fri, 12 Apr 2024 21:28:17 GMT
last-modified
Wed, 10 Apr 2024 09:56:06 GMT
vary
Accept-Encoding

Redirect headers

Location
https://topkhodro.ir/wp-content/za76550u1.htm
Non-Authoritative-Reason
HttpsUpgrades
jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://topkhodro.ir/
Origin
https://topkhodro.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:28:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
435437
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-fra-eddf8230047-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712957298.593153,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1088, 19123
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
15 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://topkhodro.ir/
Origin
https://topkhodro.ir
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
256482
cdn-cachedat
03/18/2024 12:46:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b598250c19f98cac282bc330d6a4d204
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87364e25ebeb37e3-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://topkhodro.ir/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 18:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 18:17:11 GMT
favicon.ico
topkhodro.ir/
699 B
785 B
Other
General
Full URL
https://topkhodro.ir/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.220.113.246 , Iran, Islamic Republic Of, ASN213222 (TIDA, IR),
Reverse DNS
hwh-01.hostidadns.com
Software
/
Resource Hash
0c9bbfe175c1dc57fff572a1395af56b7942836d4c0c0708889ce35993d76c05

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://topkhodro.ir/wp-content/za76550u1.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 21:28:17 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
699
content-type
text/html
re-ital-pdf-index.htm
wmiwfy.de/reg/
7 KB
8 KB
Document
General
Full URL
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4313cb6a22a78b03af3ab266e0c126cdae5bfa677610ead0c2c022a215fd38ea
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://topkhodro.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
87364e272e349100-FRA
content-type
text/html; charset=utf-8
date
Fri, 12 Apr 2024 21:28:17 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IY%2Ft4c9O%2B1uPLkyW39G4wKqKDFnl9DbCQ78KROwoJrRgZ41B4UKKW%2FylhIg00DVl5mk2teGdz4ADrbNhCAWDBUl0eUaqVfgjUMcEa4v5HjLINo%2FkIAcIKmQgq3KXPMIWv0bbmqzRPrA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
re-ital-pdf-index.htm
wmiwfy.de/reg/
0
906 B
XHR
General
Full URL
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
qUecmnTt2eSbXe--vhArYY7EjOk
31282435
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
vN7iPMPowqsmY9jsEtnbSWL3lc
e22nqNCxobDUMLElSphHMJIO8t8
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 21:28:18 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCiNWc6K6QMttepbLyLvNXNnDf12lZIKdASP6DHbc4F5TJQ8VBgb7loXtfrmXtUKeTSFLG614mRArVlglvfCDBR2dC9l6nm57hr53eS2uHSlfOBhhjsuNT%2FLcjygKVsDIR7EnmNp7js%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87364e282eae9100-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame BB10
Redirect Chain
  • https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB
Script
General
Full URL
https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ed5de4fd6e4d289fedceac4a44f99e6c4c511ebd35f66ecb45ff9137b98e05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Apr 2024 21:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGO%2FEsd9CfrMwrbKFI7Mzq5yUSpYErxcZ4ed02TRJLfqXO2jNx7tUd0nY41F5%2BOv36S72dO96HuIfjzaPsdOEx3xWS13b3FJWu5nduvRx8%2F0hcq8NUsntN3KlobUAJPBO8jWG52B%2BfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87364e284ec69100-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Apr 2024 21:28:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuoXmHCN2Qd1IzTFd%2BK3Otqrlh%2B2pw4fe2wMLvWQFbOzPagEtLYeFcrukLbm9mX8ff02WtfFUs%2BQbf0%2BL2EnF0ahywoD7O%2BnIz%2F8N%2Fx%2B9rVuqxab4FC0BlWhl0wgWN%2Fvjhs3IaU4v1Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
87364e282eaf9100-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
wmiwfy.de/
18 KB
19 KB
Other
General
Full URL
https://wmiwfy.de/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 21:28:18 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5qIlFEQq19oiC287Xr%2BaXkc3esX5L8x3y1hQp6SPC6aFxMD6FNnNgYbn3PugG0Oy%2BBWOIqklTGGF%2F%2BsVHLpboYz08plIV4Fo%2F0yuixN51pE4ud5UMPpc3lPuMSbnbxVDgzpElwmig4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87364e282eb19100-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
87364e272e349100
wmiwfy.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BB10
0
595 B
XHR
General
Full URL
https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/jsd/r/87364e272e349100
Requested by
Host: wmiwfy.de
URL: https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Apr 2024 21:28:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWeae4oxQjTFb%2FZL7mu04uA%2FvHxCSxYMYNnC9ksAHYHTL8p7NYSE9WAUP%2BYgCGfpAd3Ol1pqNRfCjoHCgeRbdMeLGy%2BQs6Zwu4dQ%2BO2GKyQJf3yWRIA5p%2F%2F8Mb87Uq7iYo2UjKGMnUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87364e297f749100-FRA
alt-svc
h3=":443"; ma=86400
Primary Request re-ital-pdf-index.htm
wmiwfy.de/reg/
2 KB
1019 B
Document
General
Full URL
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Requested by
Host: topkhodro.ir
URL: https://topkhodro.ir/wp-content/za76550u1.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22a95e5de5208482acf412fc6a623f21384c2718c3ae23d3bccc982527a4e95
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87364e297f779100-FRA
content-encoding
br
content-type
text/html
date
Fri, 12 Apr 2024 21:28:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9QlCTAo%2BKCH%2FyYScNBgdFCe2VGqNmVn4CYULkxYkBcW7wkRmKpbXn1AjGIoYV2pNd36qTd2wPqIuRadYfyeIQVOnafHulvJlcjKBwTIZ26csBak3K6jpDaLpQ7OMigvYg9ORWSKOy4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 44AA
Redirect Chain
  • https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
0
Script
General
Full URL
https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ed5de4fd6e4d289fedceac4a44f99e6c4c511ebd35f66ecb45ff9137b98e05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Apr 2024 21:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGO%2FEsd9CfrMwrbKFI7Mzq5yUSpYErxcZ4ed02TRJLfqXO2jNx7tUd0nY41F5%2BOv36S72dO96HuIfjzaPsdOEx3xWS13b3FJWu5nduvRx8%2F0hcq8NUsntN3KlobUAJPBO8jWG52B%2BfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87364e284ec69100-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Apr 2024 21:28:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuoXmHCN2Qd1IzTFd%2BK3Otqrlh%2B2pw4fe2wMLvWQFbOzPagEtLYeFcrukLbm9mX8ff02WtfFUs%2BQbf0%2BL2EnF0ahywoD7O%2BnIz%2F8N%2Fx%2B9rVuqxab4FC0BlWhl0wgWN%2Fvjhs3IaU4v1Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
87364e282eaf9100-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
wmiwfy.de/
548 B
637 B
Other
General
Full URL
https://wmiwfy.de/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 12 Apr 2024 21:28:18 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZTXyzitlQ%2FZtGcHz81P%2B5lJkqG4fc%2BoWRbjrkOHoHDaqfG3X83VVRmM5VVHzdJelDu9iVaHtKXAG9BQxTx5viW5PCGu5Q1HQeVX8tS%2BJZ3mRnNH%2Bp3uPAQm6T4kY74WwUzBidQN0W8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
87364e2a0fc19100-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
87364e297f779100
wmiwfy.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 44AA
0
587 B
XHR
General
Full URL
https://wmiwfy.de/cdn-cgi/challenge-platform/h/b/jsd/r/87364e297f779100
Requested by
Host: wmiwfy.de
URL: https://wmiwfy.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Apr 2024 21:28:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAbuNo%2B6JX1E2yGy6IkoZik%2BXRRJSBHjGcEreK1mLEM5Ppx4BVofeANIvNvM82IDjt9PfahuU0dt78vBcf1KMXNlx1lUetis3jycTOSkZqGK5in2UQRGdZoOLTxhQz2Z4M1mqweZx1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87364e2a88099100-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
wmiwfy.de/ Name: jrLYt9bHjqMnE8WNHKu8tQvB89c
Value: lBfjAPzeNbFTc3oXr5nmlwwgGDY
wmiwfy.de/ Name: 7IFARSc9lPmZLLT72qWLerECRYM
Value: 1712957294
wmiwfy.de/ Name: OdSNh870hdHvkp3am8dBT0FKgZE
Value: 1713043694
wmiwfy.de/ Name: hQGr0aGWQZFlQP9XhQ6Hx3yiKA8
Value: CHVnoymOeUS4wYIuU_NkVWnOUd4
wmiwfy.de/ Name: iznC7I1qK_FFBjjdlZUjcRAjgj0
Value: d19k5R2GRU81QPWwZo8C0APhBEA
wmiwfy.de/ Name: cwrD1EfGQxrzR3t8yXgsFdXYj4I
Value: Y6RCXDw52S-lcrXC3aFohHuHc48
wmiwfy.de/ Name: P1Y0VhQdxA86lUpTCYpvgEphkmk
Value: 1712957297
wmiwfy.de/ Name: NvpAuusUcwrd3qcOzeRK3JPIQLM
Value: 1713043697
wmiwfy.de/ Name: X9hcflbU1WTphLhQTEfGVTQT1iM
Value: YLOJqJHOQ6BOXeohDUAGsHRKtQs
wmiwfy.de/ Name: q4JnUtPfdXZx2wZd4sHCzRp2SoU
Value: vysaIdBr9WB9b1CQbcMt2Aniv_s
.wmiwfy.de/ Name: cf_clearance
Value: jm4eUI6iemuy4o0fFkbKtM5X4D8EOw1z30kAHCn0DQ8-1712957298-1.0.1.1-fJ717WTcrSC3ZcPQ.Ik9fKPsHz48Xt3JJKRxVDkJaAWyOCD1uz_ctzmFc4mOqjiTVB82P9kq7V1F_Cw8eOdaKA

5 Console Messages

Source Level URL
Text
network error URL: https://topkhodro.ir/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://wmiwfy.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://wmiwfy.de/reg/re-ital-pdf-index.htm?msg=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://wmiwfy.de/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()