urlscan.io logo urlscan.io
SecurityTrails logo

www.hemofertas.online Open in urlscan Pro
80.71.144.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hemofertas.online/
Effective URL: https://www.hemofertas.online/
Submission Tags: suspect
Submission: On August 27 via api from BR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 47 HTTP transactions. The main IP is 80.71.144.217, located in United States and belongs to MALAKMADZE, GE. The main domain is www.hemofertas.online.
TLS certificate: Issued by R11 on August 26th 2024. Valid for: 3 months.
This is the only time www.hemofertas.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

35    80.71.144.217 (United States)

ASN199242 (MALAKMADZE, GE)
hemofertas.online
www.hemofertas.online
2    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net
www.google.com
3    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
Apex Domain
Subdomains		 Transfer
35 hemofertas.online
hemofertas.online
www.hemofertas.online
250 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
td.doubleclick.net — Cisco Umbrella Rank: 481
5 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
152 B
2 gstatic.com
fonts.gstatic.com
28 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
64 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
91 KB
47 7
Domain Requested by
34 www.hemofertas.online www.hemofertas.online
3 googleads.g.doubleclick.net www.hemofertas.online
www.googletagmanager.com
3 www.google.com 1 redirects www.hemofertas.online
2 td.doubleclick.net www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.hemofertas.online
1 pagead2.googlesyndication.com www.googletagmanager.com
1 www.googletagmanager.com www.hemofertas.online
1 hemofertas.online 1 redirects
47 9

This site contains no links.

Subject Issuer Validity Valid
www.hemofertas.online
R11		 2024-08-26 -
2024-11-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.hemofertas.online/
Frame ID: 43789711516D2A70FB8F628797FF0B50
Requests: 45 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16676903811?random=1724765507447&cv=11&fst=1724765507447&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 59001730213A7F11B0845EE851578048
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16676903811?random=1724765507455&cv=11&fst=1724765507455&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: F498B56AA8B36B7DF0A2076A171C1426
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hemofertas.online/ HTTP 307
    https://hemofertas.online/ HTTP 301
    https://www.hemofertas.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

47
Requests

98 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

375 kB
Transfer

759 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hemofertas.online/ HTTP 307
    https://hemofertas.online/ HTTP 301
    https://www.hemofertas.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=322642205.1724765507&frm=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=322642205.1724765507&frm=0

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hemofertas.online/
Redirect Chain
  • http://hemofertas.online/
  • https://hemofertas.online/
  • https://www.hemofertas.online/
90 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
155396ea5f2507d4f1718c33a26d5f356b72814296e75cb8b4b1b7e07daae826

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

cache-control
max-age=14400
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Aug 2024 13:31:45 GMT
expires
Tue, 27 Aug 2024 17:31:45 GMT
last-modified
Tue, 27 Aug 2024 03:04:14 GMT
server
nginx/1.14.2
vary
Accept-Encoding

Redirect headers

content-length
185
content-type
text/html
date
Tue, 27 Aug 2024 13:31:45 GMT
location
https://www.hemofertas.online/
server
nginx/1.14.2
vendor1.js
www.hemofertas.online/assets/js/libs/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/js/libs/vendor1.js
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f01d9c0e154784c72335f50666c966e59a46fbc1e999aa936b9cb1067e24fcf1

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Jun 2024 12:49:38 GMT
server
nginx/1.14.2
etag
"666847e2-8202"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
33282
expires
Wed, 28 Aug 2024 13:31:45 GMT
vendor2.js
www.hemofertas.online/assets/js/libs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/js/libs/vendor2.js
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
487e969ca4d6ada65093b4432ebf03b14e441ad4c65add5079236c71f49e57d0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2024 18:39:44 GMT
server
nginx/1.14.2
etag
"669ab2f0-af5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
2805
expires
Wed, 28 Aug 2024 13:31:45 GMT
vendor3.js
www.hemofertas.online/assets/js/libs/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/js/libs/vendor3.js
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bf2542a2784c31bc744e0ec24fa92ecc4a367e83b04fc94993e6a96dff2b2286

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2024 13:08:14 GMT
server
nginx/1.14.2
etag
"66bdfdbe-2660"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
9824
expires
Wed, 28 Aug 2024 13:31:45 GMT
slick.min.js
www.hemofertas.online/assets/js/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/js/slick.min.js
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
87d79a3cc09fd6b26d5aa65ed902add047ef1a30ff45f6ab66a5b9258617d377

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Mon, 22 Jul 2024 19:44:24 GMT
server
nginx/1.14.2
etag
"669eb698-2c87"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
11399
expires
Wed, 28 Aug 2024 13:31:45 GMT
home.js
www.hemofertas.online/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/js/home.js
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8e9a4a700d5a9bf5abe055e5b59ea6ada91b6babaebbb2a93262e9af0c7dacf3

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Fri, 23 Aug 2024 12:59:08 GMT
server
nginx/1.14.2
etag
"66c8879c-1241"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
4673
expires
Wed, 28 Aug 2024 13:31:45 GMT
iconfont.woff2
www.hemofertas.online/assets/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/fonts/iconfont.woff2?t=1704435659055
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
889e39aeca49e526493063833fe5f2a1473b38ac8d9d32798a2d7f8ec4091a59

Request headers

Referer
https://www.hemofertas.online/
Origin
https://www.hemofertas.online
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 14:37:08 GMT
server
nginx/1.14.2
etag
W/"666b0414-1b78"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1296000
expires
Wed, 11 Sep 2024 13:31:45 GMT
image-fail.png
www.hemofertas.online/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/assets/images/image-fail.png
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c457f33bcad253e5355838294ae96e7f57d5e87b8ceb2bb6b2e963c6397883f0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Fri, 21 Jun 2024 19:10:40 GMT
server
nginx/1.14.2
etag
"6675d030-669"
content-type
image/png
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1641
expires
Wed, 11 Sep 2024 13:31:46 GMT
loading.gif
www.hemofertas.online/assets/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/assets/images/loading.gif
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
362337756191c6ab62af6e3d250d1647922b8a162a812ca12e683622baf57d07

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Tue, 11 Jun 2024 12:48:46 GMT
server
nginx/1.14.2
etag
"666847ae-6a1f"
content-type
image/gif
cache-control
max-age=1296000
accept-ranges
bytes
content-length
27167
expires
Wed, 11 Sep 2024 13:31:46 GMT
templatebanner37.webp
www.hemofertas.online/pic/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/templatebanner37.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2d301c2e759505b46c22e086883c932e14195b3292cb1fb2d1665f5c4581e6e1

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
last-modified
Wed, 12 Jun 2024 09:19:28 GMT
server
nginx/1.14.2
etag
"66696820-95c6"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
38342
expires
Wed, 11 Sep 2024 13:31:45 GMT
css2
fonts.googleapis.com/ 		5 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f03726cd16329a7aa43c023a5ec698995d0b10c3dc06ad5ecd35cbb55488dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Aug 2024 13:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Aug 2024 13:31:46 GMT
css2
fonts.googleapis.com/ 		4 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Spartan:wght@300;400;500;600;700&display=swap
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9faec0f51d7692c7b4f4c94f373295497598b189d76fd4b2c5acd6d59be47e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Aug 2024 13:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Aug 2024 13:31:46 GMT
hemofertas-24082622.webp
www.hemofertas.online/pic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/hemofertas-24082622.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f5aee50ded7c22a6884c43420b20502d7728581dd16f33cdef35b95be1e81af8

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
last-modified
Tue, 27 Aug 2024 02:58:43 GMT
server
nginx/1.14.2
etag
"66cd40e3-ca8"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3240
expires
Wed, 11 Sep 2024 13:31:45 GMT
templatebanner38.webp
www.hemofertas.online/pic/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/templatebanner38.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
69456847bbb61f0677d3fec59b61378231fe4ccad38458ce94b3f0acb5e7241e

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 09:19:28 GMT
server
nginx/1.14.2
etag
"66696820-87a6"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
34726
expires
Wed, 11 Sep 2024 13:31:46 GMT
JEWELRYBL230209001silver01_s.webp
www.hemofertas.online/pic/ 		368 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/JEWELRYBL230209001silver01_s.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0d667daada5ed5014fec8198e8850c35e2da74a285ac6b68bb403d85ddec02fb

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:45 GMT
last-modified
Wed, 12 Jun 2024 09:05:17 GMT
server
nginx/1.14.2
etag
"666964cd-170"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
368
expires
Wed, 11 Sep 2024 13:31:45 GMT
20230428121038550174_s.webp
www.hemofertas.online/pic/ 		596 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038550174_s.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
673630a1cf68ac65ba5ccef95d6b33d67947e49c89d6abedd908e5641083bd93

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:12 GMT
server
nginx/1.14.2
etag
"666961f8-254"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
596
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230428121038550174_5_s.webp
www.hemofertas.online/pic/ 		494 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038550174_5_s.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9223a06a7d193ce4f4baa93e05abe8b010811671e71379dcd7c96b3bbddf1ad6

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:12 GMT
server
nginx/1.14.2
etag
"666961f8-1ee"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
494
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230428121038550991_5_s.webp
www.hemofertas.online/pic/ 		398 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038550991_5_s.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d3c10e077c009ddd1707b60acc6f04352fa232b80c71c7192c08eb30be24ec92

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:14 GMT
server
nginx/1.14.2
etag
"666961fa-18e"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
398
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230428121038550991_s.webp
www.hemofertas.online/pic/ 		514 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038550991_s.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
39a05768d6af2254b76cb6cc7d4c1cce8228ec5996fa21ec3dc49f765984d11f

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:14 GMT
server
nginx/1.14.2
etag
"666961fa-202"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
514
expires
Wed, 11 Sep 2024 13:31:46 GMT
vendor.css
www.hemofertas.online/assets/css/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/assets/css/vendor.css
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
content-encoding
gzip
last-modified
Wed, 14 Aug 2024 12:51:56 GMT
server
nginx/1.14.2
etag
"66bca86c-13d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
content-length
5072
expires
Wed, 28 Aug 2024 13:31:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hemofertas.online
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 23 Aug 2024 16:54:52 GMT
x-content-type-options
nosniff
age
333414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14168
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:29:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Aug 2025 16:54:52 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hemofertas.online
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 23 Aug 2024 13:12:06 GMT
x-content-type-options
nosniff
age
346780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13980
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Aug 2025 13:12:06 GMT
20230710090812973_m.webp
www.hemofertas.online/pic/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230710090812973_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f6efe44273b68be7775a2ae6d1df309c5ceb3168d52c3471c1daa0c91df77a7b

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:55:22 GMT
server
nginx/1.14.2
etag
"6669627a-14be"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5310
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230710090706757_m.webp
www.hemofertas.online/pic/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230710090706757_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
649bf5c2d531cbbc73516a3189dfb29489b523f0d3803978506a81614658d226

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:55:22 GMT
server
nginx/1.14.2
etag
"6669627a-1c66"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
7270
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230410170818350_m.webp
www.hemofertas.online/pic/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230410170818350_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1207467bbb5e13996ea4303a70f201f868c08c379d64e9ceb3307e3f80176a45

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:48:05 GMT
server
nginx/1.14.2
etag
"666960c5-141a"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5146
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230411161542866_m.webp
www.hemofertas.online/pic/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230411161542866_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4c87fa751c3c24df99e57258629ea02cb57605cadcb1d37c65e6c6b017246558

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:48:06 GMT
server
nginx/1.14.2
etag
"666960c6-d74"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3444
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230502080813574190.webp
www.hemofertas.online/pic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230502080813574190.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2f0c54fc733dd8f08fffcd43c087a764f4eabf866ac2e35436dc4d46a07a3b8d

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:41 GMT
server
nginx/1.14.2
etag
"66696215-e4a"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3658
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230428121038550991_5_m.webp
www.hemofertas.online/pic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038550991_5_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
19e2fa58d26eddcabb3e3d5ef3b9eda2b489d5daf0ed3d390c2298a0be0a3bf0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:14 GMT
server
nginx/1.14.2
etag
"666961fa-a0c"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2572
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230424160535094_m.webp
www.hemofertas.online/pic/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230424160535094_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bca6cf9e14274e7845ac0588282811e6f39f0db1354e8eb5a306a54434f5ded3

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:48:10 GMT
server
nginx/1.14.2
etag
"666960ca-e0e"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3598
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230315094303376868.webp
www.hemofertas.online/pic/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230315094303376868.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0625c422cf95aaa966a76af04c7881e79461399fe213d425baa882637e712425

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:46:23 GMT
server
nginx/1.14.2
etag
"6669605f-1e44"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
7748
expires
Wed, 11 Sep 2024 13:31:46 GMT
strings_pt.properties
www.hemofertas.online/data/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/data/strings_pt.properties
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
67fb5c2b1a72661469ce83aa5e774bbd9ba872c076be76b04511a4bee8bdff58

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.hemofertas.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2024 15:08:46 GMT
server
nginx/1.14.2
etag
W/"66be19fe-2871"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1296000
expires
Wed, 11 Sep 2024 13:31:46 GMT
get_loginstatus
www.hemofertas.online/api/ 		50 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/api/get_loginstatus
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
df74e920e8a1fcdf4adfa04d7cacbdc21b11eae7c05e7b87115620e466dedb5c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hemofertas.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-origin
https://www.hemofertas.online
date
Tue, 27 Aug 2024 13:31:46 GMT
access-control-allow-credentials
true
server
nginx/1.14.2
content-length
50
content-type
application/json;charset=UTF-8
statistic
www.hemofertas.online/api/ 		31 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/api/statistic
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
bd2296204802fad53ac68a0d28e3d7064f3c30b824f1d2dabce8a90151564d87

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hemofertas.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.hemofertas.online
date
Tue, 27 Aug 2024 13:31:46 GMT
access-control-allow-credentials
true
server
nginx/1.14.2
content-length
31
content-type
application/json;charset=UTF-8
js
www.googletagmanager.com/gtag/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cee2b543d7763a2d3748f467bbf4faeed77d9df60d451a64c9af695cb1a65abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93108
x-xss-protection
0
last-modified
Tue, 27 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Aug 2024 13:31:46 GMT
20230428121038522551_3_m.webp
www.hemofertas.online/pic/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230428121038522551_3_m.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a9595aea5e169ca07149158014203db7f58a5170fb660e1e55389adbdb7013ec

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:52:17 GMT
server
nginx/1.14.2
etag
"666961c1-628"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1576
expires
Wed, 11 Sep 2024 13:31:46 GMT
20230502080336496097.webp
www.hemofertas.online/pic/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemofertas.online/pic/20230502080336496097.webp
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8bf9f0193f33cf28ef82a7dc3fde9a1504ff606959f10d74626f9ca7aef5d0a7

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:46 GMT
last-modified
Wed, 12 Jun 2024 08:53:35 GMT
server
nginx/1.14.2
etag
"6669620f-9f0"
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2544
expires
Wed, 11 Sep 2024 13:31:46 GMT
curflashsaleproducts
www.hemofertas.online/api/ 		21 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/api/curflashsaleproducts
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7d9ca3a7ce51904a83543633e67b6eea2a7ea84d97c887af801531315f0c8732

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hemofertas.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.hemofertas.online
date
Tue, 27 Aug 2024 13:31:46 GMT
access-control-allow-credentials
true
server
nginx/1.14.2
content-length
21
content-type
application/json;charset=UTF-8
shopping_cart
www.hemofertas.online/api/ 		93 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/api/shopping_cart
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/assets/js/libs/vendor1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
fe992c40d08999a7297f5361b11eded19a6924d11d1c1cc05983fef70cd4ab41

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hemofertas.online/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.hemofertas.online
date
Tue, 27 Aug 2024 13:31:46 GMT
access-control-allow-credentials
true
server
nginx/1.14.2
content-length
93
content-type
application/json;charset=UTF-8
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p3p5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma_cps=-&dma=0&npa=1&gtm=45be48q0za200&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=322642205.1724...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=3...
42 B
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=322642205.1724765507&frm=0
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H3
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=13r3r3r3r5l1&tag_exp=0&rnd=990082201.1724765507&url=https%3A%2F%2Fwww.hemofertas.online%2F&dma=0&npa=0&gtm=45be48q0za200&auid=322642205.1724765507&frm=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16676903811/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16676903811/?random=1724765507447&cv=11&fst=1724765507447&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
d39776b0c6b5544f684b61abcd5490c0777a289a7da5acb3a177c2198bc7c4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
16676903811
td.doubleclick.net/td/rul/ Frame 5900 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16676903811?random=1724765507447&cv=11&fst=1724765507447&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Aug 2024 13:31:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16676903811/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16676903811/?random=1724765507455&cv=11&fst=1724765507455&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
772ddb16009b076f3719dfca2c8d916111015476b382390ad402e6147c62da16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
16676903811
td.doubleclick.net/td/rul/ Frame F498 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16676903811?random=1724765507455&cv=11&fst=1724765507455&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16676903811&_=1724765506277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Aug 2024 13:31:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/16676903811/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16676903811/?random=1724765507455&cv=11&fst=1724763600000&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfjwfAN2NRW32uiCkdW8VgEwfXPgPexw&random=956151566&rmt_tld=0&ipr=y
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/16676903811/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16676903811/?random=1724765507447&cv=11&fst=1724763600000&bg=ffffff&guid=ON&async=1&gtm=45be48q0za200&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hemofertas.online%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=322642205.1724765507&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf86pIps-S0t9LwtQKc8RpbBgqgQnT9g&random=1894453241&rmt_tld=0&ipr=y
Requested by
Host: www.hemofertas.online
URL: https://www.hemofertas.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Tue, 27 Aug 2024 13:31:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
www.hemofertas.online/pic/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hemofertas.online/pic/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.71.144.217 , United States, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
31bd77bc3b02908e984d019381e13ee70b1e8fe9888139c024f32c76257bd3c8

Request headers

Referer
https://www.hemofertas.online/
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 27 Aug 2024 13:31:48 GMT
last-modified
Fri, 30 Jun 2023 03:57:00 GMT
server
nginx/1.14.2
etag
"649e528c-ac0"
content-type
image/x-icon
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2752
expires
Wed, 11 Sep 2024 13:31:48 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| backstageData function| getTempCookie function| _typeof function| $ function| jQuery object| API string| PIC_URL string| COMMENT_PIC_URL object| systemConf function| checkSystemConfig function| initSystemConfig function| handleFackbookData function| decodePxid function| getBJDate function| loadLanguage function| getQueryString function| getCookie function| setCookie function| getSystemConfig function| commonAjax function| handleSourceTime function| md5Ajax function| updateAjax function| getIdToken function| getArrayLength function| getKey function| getParamPos function| getParamFilter function| getMd5Params function| formatOrderDateTime function| formatDateTime function| getCurrencyByCode function| formatProductPrice function| numberFormat function| checkEmail function| checkPassword function| checkNull function| isMobile function| getOS function| getResolution function| getTimezone function| getBrowser function| getBrowserLang function| getCategoryNameById function| getUvid function| setUvid function| getCurrentCurrency function| setCurrentCurrency function| getAdvSourceU function| setAdvSourceU function| formatName object| Base64 function| encodeId function| decodeId function| formatListUrl function| formatDetailUrl function| getListIdByUrl function| getDetailIdByUrl function| recordAds function| disableButton function| handleButtonClick object| header object| win object| headerCartData boolean| canUserLoginStatus object| searchInput object| currencyConfWithCountry boolean| isTemp function| initHeader function| addGooglePixel function| addFacebookPixel function| getCurrencyByCountry function| initHeaderTop function| initHeaderMenu function| initHeaderEvent function| notifyCurrencyChange function| requestCurrencyByIp function| initUserIcon function| requestHeaderCart function| getHeaderCart function| initCartInfo function| debounce function| requestLoginStatus function| handleScroll function| getLoginStatusTask function| getUserInfo function| addStatistic function| handleQueryParams function| requestStatistic function| requestLogError function| handleLogJsError function| hideRecentlyPurchasedPop function| handleCookieDialog function| showCookieDialog function| hideCookieDialog function| updateGoogleCode function| initFooter function| initFooterMenu function| initHelpList function| initFooterEvent function| requestLatestOrderInfo function| getLatestOrderInfo function| showRecentlyPurchasedPop number| imageWidth number| space function| createImages function| initWaterFall function| cal function| setPositions object| wallPage function| getHomeProduct function| getHomeCustomHtml function| requestCustomHtml function| initListData function| initCustonTemp function| initHome function| handlerHomeProduct function| getFalshList function| requestFalshList function| getWaterFall function| requestWaterFall function| gtag object| dataLayer object| jQuery1113018090321331693238 object| google_tag_manager object| google_tag_data object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
www.hemofertas.online/ Name: uvid
Value: 46052408270931450479
www.hemofertas.online/ Name: currentCurrency
Value: CRY103
www.hemofertas.online/ Name: isFirst
Value: 1
www.hemofertas.online/ Name: JSESSIONID
Value: 22ED6BB23AB2B358AFAFDA531A529F1E
www.hemofertas.online/ Name: cartCount
Value: 0
www.hemofertas.online/ Name: click_cookie_setting
Value: true
.hemofertas.online/ Name: _gcl_au
Value: 1.1.322642205.1724765507
.doubleclick.net/ Name: IDE
Value: AHWqTUkl_jyZ02koEFa8iAWPE1rzNMYK2gg_lojrhm6u4YObW1zbDc0Sok7fHLmG

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.hemofertas.online/
Message:
The resource https://www.hemofertas.online/assets/images/image-fail.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hemofertas.online
pagead2.googlesyndication.com
td.doubleclick.net
www.google.com
www.googletagmanager.com
www.hemofertas.online
142.250.72.98
142.250.80.100
142.251.40.226
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2003
80.71.144.217
0625c422cf95aaa966a76af04c7881e79461399fe213d425baa882637e712425
0d667daada5ed5014fec8198e8850c35e2da74a285ac6b68bb403d85ddec02fb
1207467bbb5e13996ea4303a70f201f868c08c379d64e9ceb3307e3f80176a45
155396ea5f2507d4f1718c33a26d5f356b72814296e75cb8b4b1b7e07daae826
19e2fa58d26eddcabb3e3d5ef3b9eda2b489d5daf0ed3d390c2298a0be0a3bf0
2d301c2e759505b46c22e086883c932e14195b3292cb1fb2d1665f5c4581e6e1
2f0c54fc733dd8f08fffcd43c087a764f4eabf866ac2e35436dc4d46a07a3b8d
31bd77bc3b02908e984d019381e13ee70b1e8fe9888139c024f32c76257bd3c8
362337756191c6ab62af6e3d250d1647922b8a162a812ca12e683622baf57d07
39a05768d6af2254b76cb6cc7d4c1cce8228ec5996fa21ec3dc49f765984d11f
487e969ca4d6ada65093b4432ebf03b14e441ad4c65add5079236c71f49e57d0
4c87fa751c3c24df99e57258629ea02cb57605cadcb1d37c65e6c6b017246558
5f03726cd16329a7aa43c023a5ec698995d0b10c3dc06ad5ecd35cbb55488dc6
649bf5c2d531cbbc73516a3189dfb29489b523f0d3803978506a81614658d226
673630a1cf68ac65ba5ccef95d6b33d67947e49c89d6abedd908e5641083bd93
67fb5c2b1a72661469ce83aa5e774bbd9ba872c076be76b04511a4bee8bdff58
69456847bbb61f0677d3fec59b61378231fe4ccad38458ce94b3f0acb5e7241e
772ddb16009b076f3719dfca2c8d916111015476b382390ad402e6147c62da16
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7d9ca3a7ce51904a83543633e67b6eea2a7ea84d97c887af801531315f0c8732
87d79a3cc09fd6b26d5aa65ed902add047ef1a30ff45f6ab66a5b9258617d377
889e39aeca49e526493063833fe5f2a1473b38ac8d9d32798a2d7f8ec4091a59
8bf9f0193f33cf28ef82a7dc3fde9a1504ff606959f10d74626f9ca7aef5d0a7
8e9a4a700d5a9bf5abe055e5b59ea6ada91b6babaebbb2a93262e9af0c7dacf3
9223a06a7d193ce4f4baa93e05abe8b010811671e71379dcd7c96b3bbddf1ad6
9faec0f51d7692c7b4f4c94f373295497598b189d76fd4b2c5acd6d59be47e08
a9595aea5e169ca07149158014203db7f58a5170fb660e1e55389adbdb7013ec
bca6cf9e14274e7845ac0588282811e6f39f0db1354e8eb5a306a54434f5ded3
bd2296204802fad53ac68a0d28e3d7064f3c30b824f1d2dabce8a90151564d87
bf2542a2784c31bc744e0ec24fa92ecc4a367e83b04fc94993e6a96dff2b2286
c457f33bcad253e5355838294ae96e7f57d5e87b8ceb2bb6b2e963c6397883f0
cee2b543d7763a2d3748f467bbf4faeed77d9df60d451a64c9af695cb1a65abe
d39776b0c6b5544f684b61abcd5490c0777a289a7da5acb3a177c2198bc7c4c5
d3c10e077c009ddd1707b60acc6f04352fa232b80c71c7192c08eb30be24ec92
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
df74e920e8a1fcdf4adfa04d7cacbdc21b11eae7c05e7b87115620e466dedb5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01d9c0e154784c72335f50666c966e59a46fbc1e999aa936b9cb1067e24fcf1
f5aee50ded7c22a6884c43420b20502d7728581dd16f33cdef35b95be1e81af8
f6efe44273b68be7775a2ae6d1df309c5ceb3168d52c3471c1daa0c91df77a7b
fe992c40d08999a7297f5361b11eded19a6924d11d1c1cc05983fef70cd4ab41