hananjeardansht.com Open in urlscan Pro
2a05:7880:56f:155f:1945:2e9b:ed55:ec68  Public Scan

Submitted URL: https://offvulcan.ru/
Effective URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&s...
Submission Tags: phishingrod
Submission: On November 14 via api from DE — Scanned from NL

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 36 HTTP transactions. The main IP is 2a05:7880:56f:155f:1945:2e9b:ed55:ec68, located in Cyprus and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is hananjeardansht.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2023. Valid for: a year.
This is the only time hananjeardansht.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a07:180:c6:e... 209242 (CLOUDFLAR...)
33 2a05:7880:56f... 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
36 3
Apex Domain
Subdomains
Transfer
33 hananjeardansht.com
hananjeardansht.com
2 MB
2 gstatic.com
fonts.gstatic.com
40 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 gelemadiniooten.com
gelemadiniooten.com — Cisco Umbrella Rank: 608926
683 B
1 offvulcan.ru
offvulcan.ru
959 B
36 5
Domain Requested by
33 hananjeardansht.com hananjeardansht.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com hananjeardansht.com
1 gelemadiniooten.com 1 redirects
1 offvulcan.ru 1 redirects
36 5

This site contains no links.

Subject Issuer Validity Valid
hananjeardansht.com
Cloudflare Inc ECC CA-3
2023-08-31 -
2024-08-29
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Frame ID: AA800CEEA5A9B230BC9DAEFFB8C84E4F
Requests: 36 HTTP requests in this frame

Screenshot

Page Title

Ice Casino

Page URL History Show full URLs

  1. https://offvulcan.ru/ HTTP 302
    https://gelemadiniooten.com/13518/26798?lp=18&click_id=2l1b34n3bb6o&sub_id_1={REPLACE}&sub_id_2={REPLACE... HTTP 302
    https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

1687 kB
Transfer

1843 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://offvulcan.ru/ HTTP 302
    https://gelemadiniooten.com/13518/26798?lp=18&click_id=2l1b34n3bb6o&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}&param={ATP} HTTP 302
    https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request p7118
hananjeardansht.com/ice/
Redirect Chain
  • https://offvulcan.ru/
  • https://gelemadiniooten.com/13518/26798?lp=18&click_id=2l1b34n3bb6o&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}&param={ATP}
  • https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_i...
62 KB
8 KB
Document
General
Full URL
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
519eaa92de1d894b12c463a350336a3954d6dcd34d3aafe6cfdcfacc6dfcbdff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
825b2381fa403a73-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 00:29:11 GMT
server
cloudflare

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
825b23812b4603ec-FRA
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 00:29:11 GMT
location
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
server
cloudflare
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
152561f73df07297aba51127485bbb3575d43ce2121ec4d400672e6fd51c56aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 00:29:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 00:29:11 GMT
main.css
hananjeardansht.com/promo/7118/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://hananjeardansht.com/promo/7118/css/main.css
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ab574981a6a464141183f9be61f91e31283ae889bdd75dbbc5a23038c024c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 15:09:25 GMT
server
cloudflare
age
5994
etag
W/"645d0525-54f7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b23829a8f3a73-FRA
preloader.svg
hananjeardansht.com/promo/7118/img/
438 B
405 B
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/preloader.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1c38916ab9831bf7b8f6b3c937bd74e9a4bc18e06daf011cea40a110be658a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
5994
etag
W/"62fa285f-1b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b23829a903a73-FRA
logo-en.png
hananjeardansht.com/promo/7118/img/
5 KB
5 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/logo-en.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70449482e693997740b52daf00eacb6166d38ab0145cc2680fc4525e670530f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5085
etag
"631b0299-14f2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23829a913a73-FRA
content-length
5362
fs-icon.svg
hananjeardansht.com/promo/7118/img/
817 B
549 B
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/fs-icon.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91e16bc97ea40718488f974e2c88d75f2923b8c37691cb1f8db144fb9cd2255

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
5085
etag
W/"62fa285f-331"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382aa9e3a73-FRA
money-icon.svg
hananjeardansht.com/promo/7118/img/
729 B
445 B
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/money-icon.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002a06de64ea6d332ef4b9a9b5ad8f1e4d0fa02ef28c8fece7176059a4498b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
5085
etag
W/"62fa285f-2d9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382aa9f3a73-FRA
wheel-en.png
hananjeardansht.com/promo/7118/img/
197 KB
198 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-en.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29986a9291c031d6f6e155fc64ba9a1e0ceb792dfbb5242972f20ea0ec00e6fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 15:23:17 GMT
server
cloudflare
age
5085
etag
"638a1865-31577"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382aaa13a73-FRA
content-length
202103
scratch-anim.gif
hananjeardansht.com/promo/7118/img/
103 KB
103 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/scratch-anim.gif
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77b4c6f3b7731e069f88bc269498f77ea4984064cb94dd29e0045385332f6ac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:40 GMT
server
cloudflare
age
5085
etag
"631b0298-19aa0"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382aaa23a73-FRA
content-length
105120
scratch-used.png
hananjeardansht.com/promo/7118/img/
42 KB
42 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/scratch-used.png?v=1
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
979bd0355ab985809b2b9ea798bd96540b2bd164a40bfe98c1544a6930d6fea9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
399
etag
"631b029a-a798"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baa83a73-FRA
content-length
42904
euro.jpg
hananjeardansht.com/promo/7118/img/
21 KB
21 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/euro.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ae57a75965f5fea4071586f0d189f8e9879e7df7cde46442af8adfcfb2ac6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5084
etag
"631b0299-52e3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baaa3a73-FRA
content-length
21219
plzl.jpg
hananjeardansht.com/promo/7118/img/
39 KB
39 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/plzl.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1014c355b3cd37ab3f30ac6d7702d355316c2643dbb3b1c1244571933bc35e0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
399
etag
"631b0299-9d2e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baad3a73-FRA
content-length
40238
nok.jpg
hananjeardansht.com/promo/7118/img/
30 KB
30 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/nok.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c82e0e44c455f52ff766b841904f514b3d4aaba37cfb42c3d2354a61ac2769a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5084
etag
"631b0299-793c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baae3a73-FRA
content-length
31036
dkk.jpg
hananjeardansht.com/promo/7118/img/
58 KB
58 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/dkk.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ffe2eda01747d3be03a0d3181603826a1e98c2ed0baa4e1c533333d9f01a1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
3469
etag
"631b0299-e849"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baaf3a73-FRA
content-length
59465
ron.jpg
hananjeardansht.com/promo/7118/img/
49 KB
49 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/ron.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc402aa395e3b99f12d8610eb302d51e4400abf8a1d0bb10a8644a5f11dc84c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5084
etag
"631b0299-c451"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab13a73-FRA
content-length
50257
huf.jpg
hananjeardansht.com/promo/7118/img/
41 KB
41 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/huf.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b376cb7a61009d65b736ca83a97d5bfa035655d12501587c0ffe7c5531433f81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5084
etag
"631b0299-a3eb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab23a73-FRA
content-length
41963
x5.png
hananjeardansht.com/promo/7118/img/
6 KB
6 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/x5.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d310896da34763d66e50fff00ca506afbb72f957ba9923a1dc9d9221d6fa0938

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
5084
etag
"62fa285f-18df"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab33a73-FRA
content-length
6367
x15.png
hananjeardansht.com/promo/7118/img/
8 KB
8 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/x15.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf7634841d979668eef18051f5385a4f16fc84f4a39fbf3d0a024929856ab68

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:43 GMT
server
cloudflare
age
5084
etag
"631b029b-2042"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab43a73-FRA
content-length
8258
x7.png
hananjeardansht.com/promo/7118/img/
6 KB
6 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/x7.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d348aaa66efa2a55df56af37b0a77ebca7c258c32795246875050a5a37a70e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:44 GMT
server
cloudflare
age
5084
etag
"631b029c-18b0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab53a73-FRA
content-length
6320
anim-first.png
hananjeardansht.com/promo/7118/img/
23 KB
23 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/anim-first.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8dc71d62bf0999936baed3d5f8ac3176c9df559676b0ded5ba2f2df637fc94f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
399
etag
"631b0299-5a24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab73a73-FRA
content-length
23076
anim-second.png
hananjeardansht.com/promo/7118/img/
23 KB
23 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/anim-second.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fe1318c854ae582ff36bfa81bf78014493fab918b9173fd7da712112d13e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
5084
etag
"631b029a-5b4e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab83a73-FRA
content-length
23374
anim-front.png
hananjeardansht.com/promo/7118/img/
25 KB
25 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/anim-front.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abcb3ba15390a4ad8b49e10e7aee959735ae5c66acbd8a3c38fb65cc866b179f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
3468
etag
"631b029a-6295"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382bab93a73-FRA
content-length
25237
popup-anim.gif
hananjeardansht.com/promo/7118/img/
166 KB
167 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/popup-anim.gif
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a2c5dedfe3bfb3076bec9ef2a8ef8983b896f3dac8b31ac2625bdfa111e200

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:40 GMT
server
cloudflare
age
5083
etag
"631b0298-29956"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382baba3a73-FRA
content-length
170326
subtract.png
hananjeardansht.com/promo/7118/img/
575 B
658 B
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/subtract.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6dbc6f6558a8bc7210bdf2c0e171eaf95e09b9981c3b1965a72039e9d5cf2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
5083
etag
"631b029a-23f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b2382babb3a73-FRA
content-length
575
bundle-341220101100.min.js
hananjeardansht.com/assets/js/
35 KB
15 KB
Script
General
Full URL
https://hananjeardansht.com/assets/js/bundle-341220101100.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2023 12:52:36 GMT
server
cloudflare
age
3749
etag
W/"6544ed14-8b65"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382babc3a73-FRA
lm-1.0.0.min.js
hananjeardansht.com/assets/js/
189 B
256 B
Script
General
Full URL
https://hananjeardansht.com/assets/js/lm-1.0.0.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2023 12:52:10 GMT
server
cloudflare
age
4130
etag
W/"6544ecfa-bd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382aa9a3a73-FRA
jquery-3.6.0.min.js
hananjeardansht.com/shared/js/
87 KB
31 KB
Script
General
Full URL
https://hananjeardansht.com/shared/js/jquery-3.6.0.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 10:11:03 GMT
server
cloudflare
age
3735
etag
W/"62f38437-15ae3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382aa9b3a73-FRA
index.js
hananjeardansht.com/promo/7118/js/
7 KB
2 KB
Script
General
Full URL
https://hananjeardansht.com/promo/7118/js/index.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eeab9c3fba7eae16f33cba7a55cfc3feb0e4e8eae118f98f192fc8efaf8839

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2l1b34n3bb6o&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 15:09:48 GMT
server
cloudflare
age
1976
etag
W/"645d053c-1afe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
825b2382aa9d3a73-FRA
bg-desk.jpg
hananjeardansht.com/promo/7118/img/
702 KB
703 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/bg-desk.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aadf4158780f2705c4ec562d7ff1e738eaf72f449b92b1fcf700854d5c865be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Mon, 15 Aug 2022 11:04:56 GMT
server
cloudflare
etag
"62fa2858-af680"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23835b2c3a73-FRA
content-length
718464
lang-arr.png
hananjeardansht.com/promo/7118/img/
328 B
429 B
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/lang-arr.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9056c85fdec83f5bec653b517cc947f822398fc047f8b2f3ba8286faa6298c9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
398
etag
"631b0299-148"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23835b2f3a73-FRA
content-length
328
wheel-win-frame.png
hananjeardansht.com/promo/7118/img/
4 KB
5 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-win-frame.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90210cfadb3ef9299d751b62105f4709bef9c676ec57b376cf0772c04a800d69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 15 Aug 2022 11:05:02 GMT
server
cloudflare
etag
"62fa285e-11f9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23835b323a73-FRA
content-length
4601
wheel-btn.png
hananjeardansht.com/promo/7118/img/
18 KB
18 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-btn.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf33ee1ab6caaf025239fe4349d4b6a4624d2879c7e34c40c91b5387c88ce4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
5083
etag
"631b029a-479b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23835b353a73-FRA
content-length
18331
anim-bg.png
hananjeardansht.com/promo/7118/img/
10 KB
10 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/anim-bg.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff45cf59e2c089b464b103af54742308d162bbd3e30173cb5ed7e74e03482046

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
2604
etag
"631b0299-2685"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23835b373a73-FRA
content-length
9861
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hananjeardansht.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:19:05 GMT
x-content-type-options
nosniff
age
367806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 18:19:05 GMT
flags.png
hananjeardansht.com/promo/7118/img/
3 KB
3 KB
Image
General
Full URL
https://hananjeardansht.com/promo/7118/img/flags.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c33c5c384bd368390f6a2a4d902feedcff9ff52b9b39aed8b22f75c24c89dbe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:29:11 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
4754
etag
"631b0299-ac0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825b23846bd13a73-FRA
content-length
2752
Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
fonts.gstatic.com/s/russoone/v16/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/russoone/v16/Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hananjeardansht.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:15:17 GMT
x-content-type-options
nosniff
age
288834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7368
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:05:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 16:15:17 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| onLoadBundle function| $ function| jQuery function| bs function| _typeof object| fp function| pm object| devtools

13 Cookies

Domain/Path Name / Value
offvulcan.ru/ Name: _subid
Value: 2l1b34n3bb6o
offvulcan.ru/ Name: 9f1b9
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3MjJcIjoxNjk5OTIxNzUxfSxcImNhbXBhaWduc1wiOntcIjMyNlwiOjE2OTk5MjE3NTF9LFwidGltZVwiOjE2OTk5MjE3NTF9In0.JalVkDpT1-iw9B3xGcMfVGfGl7807ROS3_fULdc-5fk
offvulcan.ru/ Name: _token
Value: uuid_2l1b34n3bb6o_2l1b34n3bb6o6552bf5721b3d7.96987546
gelemadiniooten.com/ Name: _HGAU
Value: b7517af9-78ed-460d-a5f6-1065f8029f89
gelemadiniooten.com/ Name: vst_cnt_18903
Value: 1
.gelemadiniooten.com/ Name: __cf_bm
Value: 64e0seynHtXf73vuZMzoAqoiIy_PsFqMzeKjkwMY6y0-1699921751-0-AYKkK8VigJLK+62tugmOEkzRAmHumS4pEj5h4TGV1QmaquwnxdcFdWGmYx1+j0FjyrE8LO1sZYrIki0T+3MUdrc=
hananjeardansht.com/ Name: promouuid
Value: ed2304e4c52bcba90185eb9b7db614210ac65cf9
hananjeardansht.com/ Name: 8fda676483004cb04504196f9c8bd530
Value: 1
.hananjeardansht.com/ Name: __cf_bm
Value: A5UrjjxhT.Rpa4_J5P2cq0mVP6RCgV8BfNxd3Nn3jtI-1699921751-0-AbR1w6ZtQ/ivstShC4J0K1kVGqtl+EsLH43sglDSTmjDAZS6serTH9vvO3cAOvzyfp1vIvEowxdCGfcWnY9pKFU=
hananjeardansht.com/ Name: bl
Value: 1
hananjeardansht.com/ Name: bic
Value: 1
hananjeardansht.com/ Name: bct
Value: 0
hananjeardansht.com/ Name: fp
Value: e1201d4e0407f215284a9a319268e9e9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gelemadiniooten.com
hananjeardansht.com
offvulcan.ru
2a00:1450:4001:803::2003
2a00:1450:4001:812::200a
2a05:7880:56f:155f:1945:2e9b:ed55:ec68
2a06:98c1:3120::3
2a07:180:c6:e81e:6be5:d06:144a:3079
02ffe2eda01747d3be03a0d3181603826a1e98c2ed0baa4e1c533333d9f01a1a
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85
1014c355b3cd37ab3f30ac6d7702d355316c2643dbb3b1c1244571933bc35e0d
152561f73df07297aba51127485bbb3575d43ce2121ec4d400672e6fd51c56aa
25ae57a75965f5fea4071586f0d189f8e9879e7df7cde46442af8adfcfb2ac6e
29986a9291c031d6f6e155fc64ba9a1e0ceb792dfbb5242972f20ea0ec00e6fa
4aadf4158780f2705c4ec562d7ff1e738eaf72f449b92b1fcf700854d5c865be
519eaa92de1d894b12c463a350336a3954d6dcd34d3aafe6cfdcfacc6dfcbdff
5c82e0e44c455f52ff766b841904f514b3d4aaba37cfb42c3d2354a61ac2769a
5d348aaa66efa2a55df56af37b0a77ebca7c258c32795246875050a5a37a70e0
6002a06de64ea6d332ef4b9a9b5ad8f1e4d0fa02ef28c8fece7176059a4498b2
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
7c33c5c384bd368390f6a2a4d902feedcff9ff52b9b39aed8b22f75c24c89dbe
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
90210cfadb3ef9299d751b62105f4709bef9c676ec57b376cf0772c04a800d69
9056c85fdec83f5bec653b517cc947f822398fc047f8b2f3ba8286faa6298c9d
96eeab9c3fba7eae16f33cba7a55cfc3feb0e4e8eae118f98f192fc8efaf8839
979bd0355ab985809b2b9ea798bd96540b2bd164a40bfe98c1544a6930d6fea9
a48fe1318c854ae582ff36bfa81bf78014493fab918b9173fd7da712112d13e4
a6ab574981a6a464141183f9be61f91e31283ae889bdd75dbbc5a23038c024c2
abcb3ba15390a4ad8b49e10e7aee959735ae5c66acbd8a3c38fb65cc866b179f
acf7634841d979668eef18051f5385a4f16fc84f4a39fbf3d0a024929856ab68
b376cb7a61009d65b736ca83a97d5bfa035655d12501587c0ffe7c5531433f81
b91e16bc97ea40718488f974e2c88d75f2923b8c37691cb1f8db144fb9cd2255
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc402aa395e3b99f12d8610eb302d51e4400abf8a1d0bb10a8644a5f11dc84c3
c77b4c6f3b7731e069f88bc269498f77ea4984064cb94dd29e0045385332f6ac
cf6dbc6f6558a8bc7210bdf2c0e171eaf95e09b9981c3b1965a72039e9d5cf2a
d310896da34763d66e50fff00ca506afbb72f957ba9923a1dc9d9221d6fa0938
d3a2c5dedfe3bfb3076bec9ef2a8ef8983b896f3dac8b31ac2625bdfa111e200
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310
db1c38916ab9831bf7b8f6b3c937bd74e9a4bc18e06daf011cea40a110be658a
e8dc71d62bf0999936baed3d5f8ac3176c9df559676b0ded5ba2f2df637fc94f
edf33ee1ab6caaf025239fe4349d4b6a4624d2879c7e34c40c91b5387c88ce4b
f70449482e693997740b52daf00eacb6166d38ab0145cc2680fc4525e670530f
ff45cf59e2c089b464b103af54742308d162bbd3e30173cb5ed7e74e03482046