urlscan.io logo urlscan.io
SecurityTrails logo

hannah.chat Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Submission: On February 08 via automatic, source openphish — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hannah.chat.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time hannah.chat was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
17 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a04:4e42:200... 54113 (FASTLY)
21 5
Apex Domain
Subdomains		 Transfer
17 hannah.chat
hannah.chat
582 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 360
8 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
31 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 298
33 KB
0 ipinfo.io Failed
ipinfo.io Failed
21 5
Domain Requested by
17 hannah.chat hannah.chat
code.jquery.com
1 cdn.jsdelivr.net code.jquery.com
1 code.jquery.com hannah.chat
1 ajax.googleapis.com hannah.chat
0 ipinfo.io Failed hannah.chat
21 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Frame ID: 48D3CD31737E0F55B4B0A2F30161C07C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tracking | DHL | Global

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

659 kB
Transfer

1931 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request execution.html
hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cae60a9b884a0024bddd91bd924815f221cbf127c414ebc3bd6a02124a3312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79648d3b6d490be4-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 08 Feb 2023 13:01:02 GMT
last-modified
Wed, 08 Feb 2023 03:45:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRD%2F7sFLqM%2F0F%2BUG%2Fi%2FbEuRG1JSEwlhFGFGVTSe1iZ4MTwp%2B51ZlfBV5drdpOyp1pLRwvuhXCVE7H0X%2FuN9rM1oA5nE097Jcf%2BIQuqy9jR%2BeNFNYPfa0nFM6G1hmbl5HYGi0TiCqx8xmPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dhl.css
hannah.chat/wp-includes/ID3/-/dist/ 		1 MB
307 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b452c628f8e71255d2f8fdbabe178594bf915b2ff15ada033e94f13a8e7b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
W/"63a6f0e2-15b189"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPY6SyUX7lijAnXWlZws48acFjTTXnNP30AgRGCAnhkJnjVp3ok%2BXD9BS9JrxwOVghqKhOT%2BA5FrUxU2J%2FPJFimQPCvOaQyy319%2BAMkSYWGSvZF2LJY26%2Bjy1TtxspAN0t3gY24osVXkww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
79648d3bbdbf0be4-AMS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 16:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 16:51:05 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://hannah.chat/
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJ7Wjp8GEo8BCiQ5ZjkyMjQ2ZC1jZWM2LTQzMDgtYjdhNC05N2Y4NWE4YzAyM2QQqKenrJKE/QIaBgiOuo6fBiIUMmEwMDoxNjMwOjI6MWMwMjo6MTQo3LcDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRkOTUxYTRiMy1lMjE5LTQyZGYtYTVmNy1mNzU4NmFhOTlhZGIYn/EBIhgIAhIUY2RzMzEyLmFtNS5od2Nkbi5uZXQ=.fIVZ3NE0yIUB6g944ITBgEQknO9ihoPMhL42ZHYLrA4=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d84"
vary
Accept-Encoding
x-hw
1675861262.dop141.am5.t,1675861262.cds005.am5.hn,1675861262.cds312.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
js.cookie.js
hannah.chat/wp-includes/ID3/-/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/js.cookie.js
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
W/"63a6f0e2-d60"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz4vMV9Zvq4eZsocvGWhJDVZz9wEIFGZCkrLhek4LaVpYGn4Iae2Uba3JAduTiV4h8btPUvea0Id28fSRVNSHPMczmKhoxNMRoyRW4%2BhfKVgGaGadqjUqK0AeOT5eLarQiTjVvnx43Ro8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
79648d3bbdc20be4-AMS
jquery-lang.js
hannah.chat/wp-includes/ID3/-/dist/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/jquery-lang.js
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
W/"63a6f0e2-6c2d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdBh0%2BhitcQgbHKptF4%2Bi8FFhovmL%2BkuB%2FaREkztJ69vBh%2Bh4lXpZxwcEZMXhDRNORtljCxWW2xu6R9jrxbbEV2yecp8F0amMrvAe9AY7xipABoClcyQ8Kpq87TbUWHGbdfFm%2BIVb5xbUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
79648d3bbdc30be4-AMS
default-274a65bae9742377aaf010bb1a7de971.woff
hannah.chat/wp-includes/ID3/-/dist/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41084
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
"63a6f0e2-a07c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhdjfKdXIAQyB6rRUCNxbRUtSeYVWUcVu%2BvEEBLewO4PCKMDxhOrBQgzEMnjbbUbp8fuKod21x68sKLp%2Bzm8zCw59wminpXdlnXmwrsJ9aC1O2NZjNaWniXKnwFf54BnWD2cAh%2FLy3vUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79648d3d3c9cb89a-AMS
load.php
hannah.chat/wp-includes/ID3/-/dist/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/load.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b332366c284ca97fc1e69f7b66810942e1623373de507ab574405a86a3079d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIjJ8Ct4D%2FCyL5WOVOymMhIcoZnfHLoomQDixGlLwjGDGoZpKN8shzWhUDKFoaNYzvjbvRP3JV%2BiwwHvdW0F2fedi37YapLq%2F8JBoEWl4XPV06lVPMYHDIEXXGFaiZP8vCT%2FU28e%2B4F%2FlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cf-ray
79648d3d4cb5b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
DHL_head.html
hannah.chat/wp-includes/ID3/-/dist/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/DHL_head.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909fffbce98741945a8887a4f944f9fa10bde44dc6c9126995c61d1359cd2507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=546QNX69Z2NFHYn8y68RVW0sP%2Bxpx7zObYwmQJw%2B8pVDOv9%2B6yn581L70CDX4Q7WioElqRw9nVKLn%2FwDjzPVRUuxpXmgA8%2FBI7mtdgI8TpW%2FUpv6W1T1MObcR9uHymiek0kBedR4CTB0tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79648d3d4cb7b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
DHL_footer.html
hannah.chat/wp-includes/ID3/-/dist/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/DHL_footer.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea4d7f341d2f2dfa767da56283620b8c4c454dcb92351a50b5dafc9c746031b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 17 Jan 2023 14:37:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEt%2Bq1oZn12yb6CnDpn2X7YE6uQWmtaF3Dvp4HsXnviPX%2BuVzx1h8xXVBrEbP3bRkWRZYWfro0hFOw0oXwKNs3k9iZZu3pCRJDqoPcd6hRHRK0bJEzDl0fxuonm%2F%2FAMv12gwQM%2FYsT0%2BZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79648d3d4cb9b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
country
ipinfo.io/ 		0
0
truncated
/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a001e8e960cf691881c9ae116c9ecc1af366e94545e498590feb1dcd3f4a9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		605 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff82d55778ba3b61dadfcb93e367a5ff53e5ffbcb831a5951db5d36a05ed022c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		488 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fb9845652885577f0309199beb51d1f5938b1f6ac662ca8b9cc3be827fd4ce6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		659 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f02587278297e427e0da3d6da6d806ed73d1cbb47de2636518f430e4570ca94

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f756eb552a635a349a79e6f166076d760ac1d3a66120abe9df53708130ba299

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
default-3e828e80f6e985c352eba4474518978d.woff
hannah.chat/wp-includes/ID3/-/dist/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44260
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
"63a6f0e2-ace4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VheCoV%2BQOqS2jQvO6VU%2Fzfh%2FvMbJvEe3IZQEF4FSJh0KMQPpL%2BeqWggG3Mg0iwwKVHOR%2FFCcCdCkErz56j%2B2GjahNb4%2BlTvLTGaRATb2e7EMUm%2FbVq3eYOGtd1GiaZikddJf7uIYrkR%2BTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79648d3dcd73b89a-AMS
default-815fcbb4d2c57901701125d768f09d67.woff
hannah.chat/wp-includes/ID3/-/dist/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41328
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
"63a6f0e2-a170"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06%2F3yMtPwTpT7RnhovdVQm0e4nyWFEuSmDrTSTRie8nXR2im4RZyS3kTCLr663jniDAs72Ms2asvbF5nSQMuMB1ErmcXwMR15oQ0A5nGkL3F%2BLdytWzbFhqS34OKSqsUMB%2FXPpcpKlBTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79648d3dcd76b89a-AMS
DHL_track.html
hannah.chat/wp-includes/ID3/-/dist/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/DHL_track.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2334fc7af3ebb185da20fdfa882fd2673d2e27350a91684808eb4895ba15390c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 17 Jan 2023 14:28:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4WPBVJM079dHoHelHEjgMemiJUZf0WWA2Uss3fKYl2lWDx1LDldJu7eb%2FiR04WSIGY6%2BfigVLRCMD4%2FNHq3N8TzioJukhEGhg%2BfzgMuC2CIbcaG%2BGOMnxYwDKn4ijbLs677ktqw6P7vlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79648d49cdb4b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.validate.min.js
hannah.chat/wp-includes/ID3/-/dist/ 		24 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/jquery.validate.min.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
W/"63a6f0e2-5f38"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtHv2Hr0%2FcPM6YK7Cv7cZ7u5UWGxSjnEosIPoxMf3f8mtWpKUGOdJCv1Encxy%2Fu%2BRcPxLOluD7QMZRSHBgkp1Hsequ0NxUtQZg3TfI99DoZikRapZUSDIs31WXZljT6WdnovMQ4awGr69w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
79648d4a3e39b89a-AMS
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 08 Feb 2023 13:01:05 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1287543
x-jsd-version
1.16.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7503
x-served-by
cache-fra-eddf8230069-FRA, cache-bom4750-BOM
x-jsd-version-type
version
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
en.json
hannah.chat/wp-includes/ID3/-/dist/langpack/ 		514 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/langpack/en.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a6f0e2-202"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2ZHJCYbA8d4uGsZzqKd7mNQb8fK4V0EkHvaXBOxb6YJcyUCEejktTA5JYl22aTp6eeIsu5q0tbrEEo%2Bk2DgO%2BgmcHVBcYlHyl59M50wLSPOozPYcLCfWRssPolhOkf79RSMWKRuHKhlCw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79648d4a7e9cb89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
en.json
hannah.chat/wp-includes/ID3/-/dist/langpack/ 		514 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/langpack/en.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a6f0e2-202"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5V3qDC8Lxg0i%2BRJrk0IF85LVzx5cVBB8Xw5UcLrHLN22FObtLU3F4elS%2F8WWXfh7wolDksN7UISnVsehpIT3wNY2hO2CIGT%2F5Ko5NQJnarWLxBl4ZRVBGQMowpCsql3TpiMmi5fA%2BmOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79648d4a7ea3b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
hannah.chat/wp-includes/ID3/-/dist/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9316
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
"63a6f0e2-2464"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvEDBzw%2BSkvdgPgYmuIRwTetgFWE%2FbnCTou5noQtU0zl%2FN71svOfWue7hIo135CukNns9FsbHbyZFYoHMSS%2BIezpKFZqp2r308x2XimQxCsQ%2Bpmd0zoWId3Z%2B8qZXSblcP%2BMuuPkEBPj6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79648d4a7eaeb89a-AMS
default-5a6dd86f272b304a8b83f7df61f11c2f.woff
hannah.chat/wp-includes/ID3/-/dist/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Origin
https://hannah.chat
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3002
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41352
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
"63a6f0e2-a188"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BSxFs%2F4AuRZqFFrw0dNWVAejKse1TQRtdZ2MvStba8fAyszVKoh6ZE10faSfFHIWU3OceHG8fXljzL5Le4gg%2FE%2B5x3oZM%2FqiInxcrvtSDxFJCzvv9vqr6ecbzFu1yjsxh4mxpooD0NwUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79648d4a7eafb89a-AMS
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6239160640a5be2d5a3e3bb42443e9121fea2e7bcca3b205c8b17c33646c8de9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/octet-stream
dhl.css
hannah.chat/wp-includes/ID3/-/dist/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Requested by
Host: hannah.chat
URL: https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hannah.chat/wp-includes/ID3/-/dist/dhl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 24 Dec 2022 12:30:26 GMT
server
cloudflare
etag
W/"63a6f0e2-15b189"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaWdlMp02jUxwPQN%2FC5Vdiwogsl91hhx%2FPXSUbcBeSHf6KBlBF18fCrE8Ass7LAB4oUkCzzYBadJYy%2Bki8IxXEQqxOmbBgctRncZvqtKROpfA6EgOYaqW0VnXBi4tstw0WaKVOvn7QR8SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
79648d51f8e7b89a-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ipinfo.io
URL
http://ipinfo.io/country

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| Cookies function| formCheck string| parameter undefined| message function| Lang object| lang string| pageURL string| newStr function| Popper

1 Cookies

Domain/Path Name / Value
hannah.chat/ Name: langCookie
Value: en

1 Console Messages

Source Level URL
Text
security error (Line 1)
Message:
Mixed Content: The page at 'https://hannah.chat/wp-includes/ID3/-/2c427433ede6295bb7f23333e0d7c12b/execution.html?validation=e1s1' was loaded over HTTPS, but requested an insecure resource 'http://ipinfo.io/country'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
hannah.chat
ipinfo.io
ipinfo.io
2001:4de0:ac18::1:a:1b
2a00:1450:400d:803::200a
2a04:4e42:200::485
2a06:98c1:3120::3
0ea4d7f341d2f2dfa767da56283620b8c4c454dcb92351a50b5dafc9c746031b
0fb9845652885577f0309199beb51d1f5938b1f6ac662ca8b9cc3be827fd4ce6
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
2334fc7af3ebb185da20fdfa882fd2673d2e27350a91684808eb4895ba15390c
4f756eb552a635a349a79e6f166076d760ac1d3a66120abe9df53708130ba299
50cae60a9b884a0024bddd91bd924815f221cbf127c414ebc3bd6a02124a3312
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
6239160640a5be2d5a3e3bb42443e9121fea2e7bcca3b205c8b17c33646c8de9
67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2
6b452c628f8e71255d2f8fdbabe178594bf915b2ff15ada033e94f13a8e7b6a5
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8f02587278297e427e0da3d6da6d806ed73d1cbb47de2636518f430e4570ca94
909fffbce98741945a8887a4f944f9fa10bde44dc6c9126995c61d1359cd2507
9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36
a001e8e960cf691881c9ae116c9ecc1af366e94545e498590feb1dcd3f4a9438
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b332366c284ca97fc1e69f7b66810942e1623373de507ab574405a86a3079d97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff82d55778ba3b61dadfcb93e367a5ff53e5ffbcb831a5951db5d36a05ed022c