urlscan.io logo urlscan.io
SecurityTrails logo

hananjeardansht.com Open in urlscan Pro
2a05:7880:56f:155f:1945:2e9b:ed55:ec68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://offvulcan.ru/
Effective URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&s...
Submission Tags: phishingrod
Submission: On November 11 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 36 HTTP transactions. The main IP is 2a05:7880:56f:155f:1945:2e9b:ed55:ec68, located in Cyprus and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is hananjeardansht.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2023. Valid for: a year.
This is the only time hananjeardansht.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a07:180:c6:e... 209242 (CLOUDFLAR...)
33 2a05:7880:56f... 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
36 3
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
offvulcan.ru
1    2a07:180:c6:e81e:6be5:d06:144a:3079 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gelemadiniooten.com
33    2a05:7880:56f:155f:1945:2e9b:ed55:ec68 (Cyprus)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
hananjeardansht.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
33 hananjeardansht.com
hananjeardansht.com
2 MB
2 gstatic.com
fonts.gstatic.com
40 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 gelemadiniooten.com
gelemadiniooten.com — Cisco Umbrella Rank: 608926
683 B
1 offvulcan.ru
offvulcan.ru
965 B
36 5
Domain Requested by
33 hananjeardansht.com hananjeardansht.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com hananjeardansht.com
1 gelemadiniooten.com 1 redirects
1 offvulcan.ru 1 redirects
36 5

This site contains no links.

Subject Issuer Validity Valid
hananjeardansht.com
Cloudflare Inc ECC CA-3		 2023-08-31 -
2024-08-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Frame ID: DBC936FCC4D62B3B2F3BB83320CAD00B
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ice Casino

Page URL History Show full URLs

  1. https://offvulcan.ru/ HTTP 302
    https://gelemadiniooten.com/13518/26798?lp=18&click_id=2om4mh23b5u5&sub_id_1={REPLACE}&sub_id_2={REPLACE... HTTP 302
    https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

1687 kB
Transfer

1843 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://offvulcan.ru/ HTTP 302
    https://gelemadiniooten.com/13518/26798?lp=18&click_id=2om4mh23b5u5&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}&param={ATP} HTTP 302
    https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request p7118
hananjeardansht.com/ice/
Redirect Chain
  • https://offvulcan.ru/
  • https://gelemadiniooten.com/13518/26798?lp=18&click_id=2om4mh23b5u5&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}&param={ATP}
  • https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_i...
62 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8efd3f129c990dde3ea17f7d7fd630c7088ed1f33995adde84330f6f5d6fdc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8245fa94ef4f1c10-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 10:51:14 GMT
server
cloudflare

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8245fa940bcf6651-AMS
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 10:51:13 GMT
location
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
server
cloudflare
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
152561f73df07297aba51127485bbb3575d43ce2121ec4d400672e6fd51c56aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 10:48:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 10:51:14 GMT
main.css
hananjeardansht.com/promo/7118/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/promo/7118/css/main.css
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ab574981a6a464141183f9be61f91e31283ae889bdd75dbbc5a23038c024c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 15:09:25 GMT
server
cloudflare
age
6310
etag
W/"645d0525-54f7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa957fcf1c10-AMS
preloader.svg
hananjeardansht.com/promo/7118/img/ 		438 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/preloader.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1c38916ab9831bf7b8f6b3c937bd74e9a4bc18e06daf011cea40a110be658a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
6310
etag
W/"62fa285f-1b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa957fd01c10-AMS
logo-en.png
hananjeardansht.com/promo/7118/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/logo-en.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70449482e693997740b52daf00eacb6166d38ab0145cc2680fc4525e670530f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
6310
etag
"631b0299-14f2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa957fd21c10-AMS
content-length
5362
fs-icon.svg
hananjeardansht.com/promo/7118/img/ 		817 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/fs-icon.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91e16bc97ea40718488f974e2c88d75f2923b8c37691cb1f8db144fb9cd2255

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
etag
W/"62fa285f-331"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa959fe91c10-AMS
money-icon.svg
hananjeardansht.com/promo/7118/img/ 		729 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/money-icon.svg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002a06de64ea6d332ef4b9a9b5ad8f1e4d0fa02ef28c8fece7176059a4498b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
6309
etag
W/"62fa285f-2d9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa959fea1c10-AMS
wheel-en.png
hananjeardansht.com/promo/7118/img/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-en.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29986a9291c031d6f6e155fc64ba9a1e0ceb792dfbb5242972f20ea0ec00e6fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 15:23:17 GMT
server
cloudflare
age
6310
etag
"638a1865-31577"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959feb1c10-AMS
content-length
202103
scratch-anim.gif
hananjeardansht.com/promo/7118/img/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/scratch-anim.gif
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77b4c6f3b7731e069f88bc269498f77ea4984064cb94dd29e0045385332f6ac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:40 GMT
server
cloudflare
age
6309
etag
"631b0298-19aa0"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959fec1c10-AMS
content-length
105120
scratch-used.png
hananjeardansht.com/promo/7118/img/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/scratch-used.png?v=1
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
979bd0355ab985809b2b9ea798bd96540b2bd164a40bfe98c1544a6930d6fea9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
1807
etag
"631b029a-a798"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959fef1c10-AMS
content-length
42904
euro.jpg
hananjeardansht.com/promo/7118/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/euro.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ae57a75965f5fea4071586f0d189f8e9879e7df7cde46442af8adfcfb2ac6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
6309
etag
"631b0299-52e3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff11c10-AMS
content-length
21219
plzl.jpg
hananjeardansht.com/promo/7118/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/plzl.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1014c355b3cd37ab3f30ac6d7702d355316c2643dbb3b1c1244571933bc35e0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
6309
etag
"631b0299-9d2e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff21c10-AMS
content-length
40238
nok.jpg
hananjeardansht.com/promo/7118/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/nok.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c82e0e44c455f52ff766b841904f514b3d4aaba37cfb42c3d2354a61ac2769a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
etag
"631b0299-793c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff41c10-AMS
content-length
31036
dkk.jpg
hananjeardansht.com/promo/7118/img/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/dkk.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ffe2eda01747d3be03a0d3181603826a1e98c2ed0baa4e1c533333d9f01a1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5056
etag
"631b0299-e849"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff51c10-AMS
content-length
59465
ron.jpg
hananjeardansht.com/promo/7118/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/ron.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc402aa395e3b99f12d8610eb302d51e4400abf8a1d0bb10a8644a5f11dc84c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
etag
"631b0299-c451"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff61c10-AMS
content-length
50257
huf.jpg
hananjeardansht.com/promo/7118/img/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/huf.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b376cb7a61009d65b736ca83a97d5bfa035655d12501587c0ffe7c5531433f81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
etag
"631b0299-a3eb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff71c10-AMS
content-length
41963
x5.png
hananjeardansht.com/promo/7118/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/x5.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d310896da34763d66e50fff00ca506afbb72f957ba9923a1dc9d9221d6fa0938

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 11:05:03 GMT
server
cloudflare
age
5056
etag
"62fa285f-18df"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ff91c10-AMS
content-length
6367
x15.png
hananjeardansht.com/promo/7118/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/x15.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf7634841d979668eef18051f5385a4f16fc84f4a39fbf3d0a024929856ab68

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:43 GMT
server
cloudflare
age
5056
etag
"631b029b-2042"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ffa1c10-AMS
content-length
8258
x7.png
hananjeardansht.com/promo/7118/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/x7.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d348aaa66efa2a55df56af37b0a77ebca7c258c32795246875050a5a37a70e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:44 GMT
server
cloudflare
age
1807
etag
"631b029c-18b0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ffd1c10-AMS
content-length
6320
anim-first.png
hananjeardansht.com/promo/7118/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/anim-first.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8dc71d62bf0999936baed3d5f8ac3176c9df559676b0ded5ba2f2df637fc94f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
6310
etag
"631b0299-5a24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa959ffe1c10-AMS
content-length
23076
anim-second.png
hananjeardansht.com/promo/7118/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/anim-second.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fe1318c854ae582ff36bfa81bf78014493fab918b9173fd7da712112d13e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
2320
etag
"631b029a-5b4e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa9598011c10-AMS
content-length
23374
anim-front.png
hananjeardansht.com/promo/7118/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/anim-front.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abcb3ba15390a4ad8b49e10e7aee959735ae5c66acbd8a3c38fb65cc866b179f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
6310
etag
"631b029a-6295"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa9598021c10-AMS
content-length
25237
popup-anim.gif
hananjeardansht.com/promo/7118/img/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/popup-anim.gif
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a2c5dedfe3bfb3076bec9ef2a8ef8983b896f3dac8b31ac2625bdfa111e200

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:40 GMT
server
cloudflare
age
5055
etag
"631b0298-29956"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa9598031c10-AMS
content-length
170326
subtract.png
hananjeardansht.com/promo/7118/img/ 		575 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/subtract.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6dbc6f6558a8bc7210bdf2c0e171eaf95e09b9981c3b1965a72039e9d5cf2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
1807
etag
"631b029a-23f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa9598051c10-AMS
content-length
575
bundle-341220101100.min.js
hananjeardansht.com/assets/js/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/assets/js/bundle-341220101100.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2023 12:52:36 GMT
server
cloudflare
age
5111
etag
W/"6544ed14-8b65"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa9598061c10-AMS
lm-1.0.0.min.js
hananjeardansht.com/assets/js/ 		189 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/assets/js/lm-1.0.0.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2023 12:52:10 GMT
server
cloudflare
age
5111
etag
W/"6544ecfa-bd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa959fe61c10-AMS
jquery-3.6.0.min.js
hananjeardansht.com/shared/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/shared/js/jquery-3.6.0.min.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 10:11:03 GMT
server
cloudflare
age
4720
etag
W/"62f38437-15ae3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa959fe71c10-AMS
index.js
hananjeardansht.com/promo/7118/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hananjeardansht.com/promo/7118/js/index.js
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eeab9c3fba7eae16f33cba7a55cfc3feb0e4e8eae118f98f192fc8efaf8839

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/ice/p7118?atp=%7BATP%7D&goto=sitereg&click_id=2om4mh23b5u5&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 15:09:48 GMT
server
cloudflare
age
6310
etag
W/"645d053c-1afe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8245fa959fe81c10-AMS
bg-desk.jpg
hananjeardansht.com/promo/7118/img/ 		702 KB
703 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/bg-desk.jpg
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aadf4158780f2705c4ec562d7ff1e738eaf72f449b92b1fcf700854d5c865be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Mon, 15 Aug 2022 11:04:56 GMT
server
cloudflare
etag
"62fa2858-af680"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa96488b1c10-AMS
content-length
718464
lang-arr.png
hananjeardansht.com/promo/7118/img/ 		328 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/lang-arr.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9056c85fdec83f5bec653b517cc947f822398fc047f8b2f3ba8286faa6298c9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
1163
etag
"631b0299-148"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa96488c1c10-AMS
content-length
328
wheel-win-frame.png
hananjeardansht.com/promo/7118/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-win-frame.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90210cfadb3ef9299d751b62105f4709bef9c676ec57b376cf0772c04a800d69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 15 Aug 2022 11:05:02 GMT
server
cloudflare
etag
"62fa285e-11f9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa96488d1c10-AMS
content-length
4601
wheel-btn.png
hananjeardansht.com/promo/7118/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/wheel-btn.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf33ee1ab6caaf025239fe4349d4b6a4624d2879c7e34c40c91b5387c88ce4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:42 GMT
server
cloudflare
age
6310
etag
"631b029a-479b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa96488e1c10-AMS
content-length
18331
anim-bg.png
hananjeardansht.com/promo/7118/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/anim-bg.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff45cf59e2c089b464b103af54742308d162bbd3e30173cb5ed7e74e03482046

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
6310
etag
"631b0299-2685"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa9648911c10-AMS
content-length
9861
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hananjeardansht.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:19:05 GMT
x-content-type-options
nosniff
age
145929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 18:19:05 GMT
flags.png
hananjeardansht.com/promo/7118/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hananjeardansht.com/promo/7118/img/flags.png
Requested by
Host: hananjeardansht.com
URL: https://hananjeardansht.com/promo/7118/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:56f:155f:1945:2e9b:ed55:ec68 , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c33c5c384bd368390f6a2a4d902feedcff9ff52b9b39aed8b22f75c24c89dbe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hananjeardansht.com/promo/7118/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 10:51:14 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2022 09:08:41 GMT
server
cloudflare
age
5054
etag
"631b0299-ac0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8245fa97b98e1c10-AMS
content-length
2752
Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
fonts.gstatic.com/s/russoone/v16/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/russoone/v16/Z9XUDmZRWg6M1LvRYsHOz8mJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700;900&family=Russo+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hananjeardansht.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:15:17 GMT
x-content-type-options
nosniff
age
66957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7368
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:05:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 16:15:17 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| onLoadBundle function| $ function| jQuery function| bs function| _typeof object| fp function| pm object| devtools

13 Cookies

Domain/Path Name / Value
offvulcan.ru/ Name: _subid
Value: 2om4mh23b5u5
offvulcan.ru/ Name: 9f1b9
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3MjJcIjoxNjk5Njk5ODczfSxcImNhbXBhaWduc1wiOntcIjMyNlwiOjE2OTk2OTk4NzN9LFwidGltZVwiOjE2OTk2OTk4NzN9In0.ftUITepOyN70FIyWK_oByncXuORb09whrtLGG_jVEg4
offvulcan.ru/ Name: _token
Value: uuid_2om4mh23b5u5_2om4mh23b5u5654f5ca1c819a0.31715724
gelemadiniooten.com/ Name: _HGAU
Value: 9b66cbd4-8777-4e53-ae0b-95d3e5247dd2
gelemadiniooten.com/ Name: vst_cnt_18903
Value: 1
.gelemadiniooten.com/ Name: __cf_bm
Value: U6WpTQp_qHS26H4_MJaEWt9xbZwK_wjSbjJGFglc7no-1699699873-0-AbgGg6EdPHWfJwrlJGUgBdIpDNF95xaTsUmhrJVWTuuqYa+kHbMLpuokKo0oF62W8MYB/ucqq2cW+04rWGoXkQ4=
hananjeardansht.com/ Name: promouuid
Value: 4ad7289237de7ee8d31a07ba0288b014ae750d30
hananjeardansht.com/ Name: 61abf1aa22c1be82538e8a7068c71bbd
Value: 1
.hananjeardansht.com/ Name: __cf_bm
Value: WtbgmQzW6Bv9leCKTuZ.GggWWGlB1W.QUZZ4xptWGbA-1699699874-0-AXUGjSJpVjRqJqJY17TB/tKRgl1OBWeftOZJT7P3h1tE3a4Erw/zreMQyfH9mPExcDjXtTvKRJhe3Tl+7VaVDE0=
hananjeardansht.com/ Name: bl
Value: 1
hananjeardansht.com/ Name: bic
Value: 1
hananjeardansht.com/ Name: bct
Value: 0
hananjeardansht.com/ Name: fp
Value: e1201d4e0407f215284a9a319268e9e9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gelemadiniooten.com
hananjeardansht.com
offvulcan.ru
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a05:7880:56f:155f:1945:2e9b:ed55:ec68
2a06:98c1:3121::3
2a07:180:c6:e81e:6be5:d06:144a:3079
02ffe2eda01747d3be03a0d3181603826a1e98c2ed0baa4e1c533333d9f01a1a
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85
1014c355b3cd37ab3f30ac6d7702d355316c2643dbb3b1c1244571933bc35e0d
152561f73df07297aba51127485bbb3575d43ce2121ec4d400672e6fd51c56aa
25ae57a75965f5fea4071586f0d189f8e9879e7df7cde46442af8adfcfb2ac6e
29986a9291c031d6f6e155fc64ba9a1e0ceb792dfbb5242972f20ea0ec00e6fa
4aadf4158780f2705c4ec562d7ff1e738eaf72f449b92b1fcf700854d5c865be
5c82e0e44c455f52ff766b841904f514b3d4aaba37cfb42c3d2354a61ac2769a
5d348aaa66efa2a55df56af37b0a77ebca7c258c32795246875050a5a37a70e0
6002a06de64ea6d332ef4b9a9b5ad8f1e4d0fa02ef28c8fece7176059a4498b2
6e8efd3f129c990dde3ea17f7d7fd630c7088ed1f33995adde84330f6f5d6fdc
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
7c33c5c384bd368390f6a2a4d902feedcff9ff52b9b39aed8b22f75c24c89dbe
82f191a65d38e50c45e0c35e15343690ea1d122402990b99d0c5a1585f9d47af
90210cfadb3ef9299d751b62105f4709bef9c676ec57b376cf0772c04a800d69
9056c85fdec83f5bec653b517cc947f822398fc047f8b2f3ba8286faa6298c9d
96eeab9c3fba7eae16f33cba7a55cfc3feb0e4e8eae118f98f192fc8efaf8839
979bd0355ab985809b2b9ea798bd96540b2bd164a40bfe98c1544a6930d6fea9
a48fe1318c854ae582ff36bfa81bf78014493fab918b9173fd7da712112d13e4
a6ab574981a6a464141183f9be61f91e31283ae889bdd75dbbc5a23038c024c2
abcb3ba15390a4ad8b49e10e7aee959735ae5c66acbd8a3c38fb65cc866b179f
acf7634841d979668eef18051f5385a4f16fc84f4a39fbf3d0a024929856ab68
b376cb7a61009d65b736ca83a97d5bfa035655d12501587c0ffe7c5531433f81
b91e16bc97ea40718488f974e2c88d75f2923b8c37691cb1f8db144fb9cd2255
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc402aa395e3b99f12d8610eb302d51e4400abf8a1d0bb10a8644a5f11dc84c3
c77b4c6f3b7731e069f88bc269498f77ea4984064cb94dd29e0045385332f6ac
cf6dbc6f6558a8bc7210bdf2c0e171eaf95e09b9981c3b1965a72039e9d5cf2a
d310896da34763d66e50fff00ca506afbb72f957ba9923a1dc9d9221d6fa0938
d3a2c5dedfe3bfb3076bec9ef2a8ef8983b896f3dac8b31ac2625bdfa111e200
d614c9f583f439281092ecdc396451c09ac47e52c358552001aae2d851f99310
db1c38916ab9831bf7b8f6b3c937bd74e9a4bc18e06daf011cea40a110be658a
e8dc71d62bf0999936baed3d5f8ac3176c9df559676b0ded5ba2f2df637fc94f
edf33ee1ab6caaf025239fe4349d4b6a4624d2879c7e34c40c91b5387c88ce4b
f70449482e693997740b52daf00eacb6166d38ab0145cc2680fc4525e670530f
ff45cf59e2c089b464b103af54742308d162bbd3e30173cb5ed7e74e03482046