pqr.haseradet.com Open in urlscan Pro
104.21.51.16  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pqr.haseradet.com/	44 KB 21 KB	397ms 243ms	Document text/html	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 317a8ecb054da6ce0b2f0e59a1947696687e19ff93d03f3aa5c2dd11e4c079f9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 840d25a5b9ca6a4e-EWR content-encoding br content-type text/html; charset=utf-8 date Fri, 05 Jan 2024 16:37:39 GMT expires Fri, 05 Jan 2024 16:37:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mGuBvZuswIVcjiThMymm3CyGnYN26MbxtAWecXZytt5Yea5o8J30ZQv9Wid%2F3dj91cfGzX%2Bwry9iHsFJMmL%2BwgZXX0nVExv%2FOSR62DhAJc%2F07D0xZLtXl9yoY1%2B4brw6rTZJA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	nicepage.css pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/	1 MB 99 KB	373ms 369ms	Stylesheet text/css	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/nicepage.css Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d2a72f73f54341a576f67fb3d2bdc20f046d1a3c74c6248a1ec67789049a8df Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Dec 2023 10:51:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6570521b-158289" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqciWQLMDMCapBZQzh5ZrK8k%2FIQdnzkMPSZjo3iGNPyoWeAy1HdZo9B3E3%2BcnILujqjfpuja%2BEZtmHt5CSs7ead9XTs9aXMu5duCyUZ2I7cuWBXPcv6MMENg%2B1s6le55OdHeMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 840d25a74bea6a4e-EWR alt-svc h3=":443"; ma=86400 expires Mon, 15 Jan 2024 16:37:39 GMT
GET H2	200	nicepage-site.css pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/	764 KB 50 KB	378ms 375ms	Stylesheet text/css	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/nicepage-site.css Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fa72c52fc2f056bb8bd8f6cd8e4ad479d03d017b99a9b4e77d644775e4a1de2 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Dec 2023 10:51:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6570521b-beed3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIYkhdOdzmjjKOx2JmcgeOcC58tsiaDXC1CcKNGDPRE6Um0oxFtN6roPjpBCLfni3n21A0HDtDaCsE50lSTKGOx5MFRgLWRGzxZSJQ6nOagMVP3QFZ%2FbQkc4wKsPuQSkUHWTZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 840d25a74beb6a4e-EWR alt-svc h3=":443"; ma=86400 expires Mon, 15 Jan 2024 16:37:39 GMT
GET H2	200	Landing.css pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/	31 KB 4 KB	108ms 106ms	Stylesheet text/css	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/Landing.css Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5a751b1621bbe49adbe6c91473e6c63a91dd7f0dbef11350db1ccc55403759a Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Dec 2023 10:51:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6570521b-7c55" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSP7Yxxr7ERBynnug%2BoXRQ1BgJzgX7UiQ5hq%2Bvm%2BiTtHJGSev3OoDF9X8adgP57i4MuS00FGZ0k44jpYV9O012F0d9rkjcFNejxzQVK4jBPCfQQD3nThgODed5RgzRamedvMEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 840d25a74bf06a4e-EWR alt-svc h3=":443"; ma=86400 expires Mon, 15 Jan 2024 16:37:39 GMT
GET H3	200	jquery-3.5.1.min.js Show response pqr.haseradet.com/lander/wg-mk-egnfie8mk/js/	87 KB 32 KB	283ms 282ms	Script application/javascript	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/js/jquery-3.5.1.min.js Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Dec 2023 10:51:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6570521b-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNNflWFQ2eSJzcD8ORZmAGrCSvO57Qal%2BKcJpBOanvwfoBeSwDfpYpMuIElZppGpTZfQI1WWb8jRIPStdwGJ9We5T5%2BHW0HFauyhHxInNvkWVp26%2BnTpt3uJeDd%2F3%2Foko6zUCg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 840d25a77ca00f46-EWR alt-svc h3=":443"; ma=86400 expires Mon, 15 Jan 2024 16:37:39 GMT
GET H3	200	nicepage.js Show response pqr.haseradet.com/lander/wg-mk-egnfie8mk/js/	275 KB 87 KB	384ms 384ms	Script application/javascript	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/js/nicepage.js Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b37bab3c1763bc5f4f5f9af83b5b9ae2ff261881b57a7e6e060b8b5ef81904 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Dec 2023 10:51:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6570521b-44bae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdaYnonWSR74l16RzUboNN67yd5I3o%2FQEtqQt53BoC2hvJGYLiL3bJPVy2yHtsDIUx6qtS0v9m73DFxdRe24NizGRFbm93CP5fDJbnCX1NTcXyWnuF%2F3urQUuliRxYozPocPXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 840d25a77ca20f46-EWR alt-svc h3=":443"; ma=86400 expires Mon, 15 Jan 2024 16:37:39 GMT
GET H2	200	css fonts.googleapis.com/	96 KB 3 KB	38ms 19ms	Stylesheet text/css	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48b0740d7126516a18e781856f8ebe8def1b8c1f6b8a1c325994841c930acbd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 05 Jan 2024 16:37:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 05 Jan 2024 16:31:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 05 Jan 2024 16:37:39 GMT
GET H2	200	css fonts.googleapis.com/	14 KB 917 B	45ms 26ms	Stylesheet text/css	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 05 Jan 2024 16:37:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 05 Jan 2024 14:56:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 05 Jan 2024 16:37:39 GMT
GET H2	200	1701859863.png pqr.haseradet.com/lander/wg-mk-egnfie8mk/image_def/	192 KB 193 KB	364ms 363ms	Image image/png	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/image_def/1701859863.png Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45aa00ce66b8f6371b33ac79a61b76de8b1571efcbf3bac0c3aff264197f21a1 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 197109 last-modified Wed, 06 Dec 2023 10:51:07 GMT server cloudflare etag "6570521b-301f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG0t9ZpaZKz4Alf%2FXjkK52IM6y%2FblclYTNj1qHiOqKfinbOHXIG5N4RL%2FfF4isnS8y4UhlP99zB3lf4jXRC7xCxc2uTUrJ85982aoadJrgZmNgHOofEra14SIBzfhynvXStN8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 840d25a74bf16a4e-EWR expires Mon, 15 Jan 2024 16:37:39 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bc8e137fc76588d97c062c5167d9154000c76fe3d92f079001c5a5471c994b5 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6171c5646c387a66d3da82d83f866aa21cf8e811270023fd596bcdf4fdd87486 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f24c4ce184e56f8d891731756184a171f7e588995dbd73d2bf8818ce1f6f1c58 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bacc8bd18b548fb4af3834fcf5847583eb89fafba28c1f2f5072949cf0bcc88e Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Content-Type image/png
GET H3	200	aa49e5bbcb321c65e1d4ba4d4afa599b.png pqr.haseradet.com/lander/wg-mk-egnfie8mk/images/	21 KB 21 KB	263ms 263ms	Image image/png	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/images/aa49e5bbcb321c65e1d4ba4d4afa599b.png Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8234bdb2cf4ee47b08af54afb100c52de42baa1c55c71d00309d33e60e0feaa Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 21223 last-modified Wed, 06 Dec 2023 10:51:07 GMT server cloudflare etag "6570521b-52e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQeWTaSd%2Bi9AkGIVrK2qPjCy4SdQs0zm0140GYOYIJUVyKCekdkQXWDgARikS%2BUOsrdrAqLsntuGGbj1E8mAnhYmhrrqVuygQdXOU0Q5Ci5t01zW4IKfadaXAJRJd10dHFqNRg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 840d25a7ccea0f46-EWR expires Mon, 15 Jan 2024 16:37:39 GMT
GET H3	200	4316.jpg pqr.haseradet.com/lander/wg-mk-egnfie8mk/image_def/	9 KB 9 KB	187ms 186ms	Image image/jpeg	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/image_def/4316.jpg Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7c207737d1ad37c0201512b54bdefa0c5bd8f198c4020e7ec384732a7757f30 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 8828 last-modified Wed, 06 Dec 2023 10:51:07 GMT server cloudflare etag "6570521b-227c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU4%2FM3cQ7vDWCAH0bS0mgXxPsJGigePNmHO%2F9qbbJ6wyKkzWhf%2Bq8M5BBpP%2FVN0QXMYVNBcLxoPRXBz%2FK4wute0LfM4cYMqrwScoHp1%2FVmLYv8UFMtvSl2NU3SPSHkgq1LG2HA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 840d25a7cced0f46-EWR expires Mon, 15 Jan 2024 16:37:39 GMT
GET H3	200	rt22.jpg pqr.haseradet.com/lander/wg-mk-egnfie8mk/images/	162 KB 163 KB	351ms 350ms	Image image/jpeg	104.21.51.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/images/rt22.jpg Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/Landing.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.51.16 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1ac4160320cb5f2ab2fb2055a00ecd75f6f8e325edf4534e96a544f9e4e9c71 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/css/Landing.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 166309 last-modified Wed, 06 Dec 2023 10:51:07 GMT server cloudflare etag "6570521b-289a5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4ui81G9ZGdAAdvhF%2FoDe0KocCgB6vD7wFyw8kxnB%2FkI1fkSTBek4bAyIfUeoeDESuH9%2FBSezvgSkxEtTnyo8o07jONv41I4h67304TibIHEOPP6Lbdns0358tNJKw87NrRhLA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 840d25aa9fd00f46-EWR expires Mon, 15 Jan 2024 16:37:39 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	26 KB 26 KB	51ms 22ms	Font font/woff2	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pqr.haseradet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 18:13:53 GMT x-content-type-options nosniff age 253426 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26736 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Jan 2025 18:13:53 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	59ms 29ms	Font font/woff2	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pqr.haseradet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 18:34:59 GMT x-content-type-options nosniff age 252160 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Jan 2025 18:34:59 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	38ms 9ms	Font font/woff2	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pqr.haseradet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 01:26:11 GMT x-content-type-options nosniff age 227488 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jan 2025 01:26:11 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 fonts.gstatic.com/s/montserrat/v26/	21 KB 21 KB	37ms 28ms	Font font/woff2	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pqr.haseradet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 13:42:14 GMT x-content-type-options nosniff age 269725 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21288 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:43:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Jan 2025 13:42:14 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	24 KB 25 KB	6ms 4ms	Font font/woff2	2607:f8b0:4006:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pqr.haseradet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Thu, 04 Jan 2024 15:33:20 GMT x-content-type-options nosniff age 90259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24984 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:04:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Jan 2025 15:33:20 GMT
GET H2	200	script.js Show response cdnstat.net/get/	129 B 696 B	290ms 192ms	Script text/html	172.67.176.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnstat.net/get/script.js?referrer=https://pqr.haseradet.com/ Requested by Host: pqr.haseradet.com URL: https://pqr.haseradet.com/lander/wg-mk-egnfie8mk/js/nicepage.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.176.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1 Request headers accept-language en-US,en;q=0.9 Referer https://pqr.haseradet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 16:37:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin https://pqr.haseradet.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWKsTSDQ1RKoDUj4OUGWaQwMG2tPevpCfBxuMBFXgdfhg9a8hW25w5yknOKlgYWG2exWhuY1gl00SlUbFR%2BEEeA%2FwuCngrBDzsaEYeC722z2sZXV%2FUJf5NIUth57Ag%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 840d25b20a82189d-EWR access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| MailChimpForm object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| _npStickyStack function| _npInitMenuLink function| AnimationInfo object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint function| AnimationFactory function| CountUp undefined| uAnimation object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| _npHorizontalLayoutSlider function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit function| _npAccordionInit function| setImmediate function| clearImmediate object| sha256 function| _npAuthInit object| CountryList function| signRequestAnimFrame object| _responsive string| waypointContextKey

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pqr.haseradet.com/	1970-01-20 18:12:31	Name: _subid Value: 1ds7h2m4lb1lc
			pqr.haseradet.com/	1970-01-21 03:03:52	Name: 05709 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2MTA5OVwiOjE3MDQ0NzI2NTh9LFwiY2FtcGFpZ25zXCI6e1wiMTIyMzkzXCI6MTcwNDQ3MjY1OH0sXCJ0aW1lXCI6MTcwNDQ3MjY1OH0ifQ.3Xs0H7Z2uThQ2ToupLRKmBKadmE4Nk4A1Xj4yv1ucxM
			pqr.haseradet.com/	1970-01-20 17:28:32	Name: PHPREFS Value: full

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstat.net
fonts.googleapis.com
fonts.gstatic.com
pqr.haseradet.com
104.21.51.16
172.67.176.240
2607:f8b0:4006:820::200a
2607:f8b0:4006:824::2003
1d2a72f73f54341a576f67fb3d2bdc20f046d1a3c74c6248a1ec67789049a8df
313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010
317a8ecb054da6ce0b2f0e59a1947696687e19ff93d03f3aa5c2dd11e4c079f9
36b37bab3c1763bc5f4f5f9af83b5b9ae2ff261881b57a7e6e060b8b5ef81904
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fa72c52fc2f056bb8bd8f6cd8e4ad479d03d017b99a9b4e77d644775e4a1de2
45aa00ce66b8f6371b33ac79a61b76de8b1571efcbf3bac0c3aff264197f21a1
48b0740d7126516a18e781856f8ebe8def1b8c1f6b8a1c325994841c930acbd2
6171c5646c387a66d3da82d83f866aa21cf8e811270023fd596bcdf4fdd87486
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
7bc8e137fc76588d97c062c5167d9154000c76fe3d92f079001c5a5471c994b5
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
bacc8bd18b548fb4af3834fcf5847583eb89fafba28c1f2f5072949cf0bcc88e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1ac4160320cb5f2ab2fb2055a00ecd75f6f8e325edf4534e96a544f9e4e9c71
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
d8234bdb2cf4ee47b08af54afb100c52de42baa1c55c71d00309d33e60e0feaa
e7c207737d1ad37c0201512b54bdefa0c5bd8f198c4020e7ec384732a7757f30
f24c4ce184e56f8d891731756184a171f7e588995dbd73d2bf8818ce1f6f1c58
f5a751b1621bbe49adbe6c91473e6c63a91dd7f0dbef11350db1ccc55403759a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d