urlscan.io logo urlscan.io
SecurityTrails logo

farmasihelalkozmetik.com Open in urlscan Pro
168.206.83.82  Public Scan

Go To Rescan Add Verdict Report
URL: http://farmasihelalkozmetik.com/
Submission: On June 17 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 168.206.83.82, located in Chicago, United States and belongs to CLAYERLIMITED-AS-AP Clayer Limited, HK. The main domain is farmasihelalkozmetik.com.
This is the only time farmasihelalkozmetik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 168.206.83.82 137951 (CLAYERLIM...)
1 156.242.215.239 132839 (POWERLINE...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 120.52.95.242 133119 (UNICOM-CN...)
13 156.242.215.231 132839 (POWERLINE...)
19 6
1    168.206.83.82 (Chicago, United States)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)
farmasihelalkozmetik.com
1    156.242.215.239 (United States)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
omg24.cn
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    120.52.95.242 (China)

ASN133119 (UNICOM-CN China Unicom IP network, CN)
js.users.51.la
13    156.242.215.231 (United States)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
omg16.cn
Domain Requested by
13 omg16.cn farmasihelalkozmetik.com
omg16.cn
2 hm.baidu.com omg24.cn
farmasihelalkozmetik.com
1 js.users.51.la omg24.cn
1 omg24.cn farmasihelalkozmetik.com
1 farmasihelalkozmetik.com
0 ia.51.la Failed farmasihelalkozmetik.com
19 6

This site contains links to these domains. Also see Links.

Domain
www.51.la
Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2020-08-27 -
2022-04-19		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://farmasihelalkozmetik.com/
Frame ID: B146656BBB2DC7FE0A3B731C4338D310
Requests: 6 HTTP requests in this frame

Frame: http://omg16.cn/
Frame ID: 8FDB8C555DDAF65DD1D0FA5CFDE54952
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

16 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1367 kB
Transfer

1724 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
farmasihelalkozmetik.com/ 		69 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
http://farmasihelalkozmetik.com/
Protocol
HTTP/1.1
Server
168.206.83.82 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b97e8ecf531f17c85b16c2c3e914e537d73bb4936da448d4c1f3c1d142cf227e

Request headers

Host
farmasihelalkozmetik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 08:09:45 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
PHPSESSID=b8phtudmvgs6fvhkomdc9cn4u3; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip
tz.js
omg24.cn/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://omg24.cn/tz.js
Requested by
Host: farmasihelalkozmetik.com
URL: http://farmasihelalkozmetik.com/
Protocol
HTTP/1.1
Server
156.242.215.239 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
6291d88f4630b0c12d8b9074c4287fc7830a962276e8b6033d45887a5dbea4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://farmasihelalkozmetik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 17 Jun 2021 06:02:33 GMT
Server
nginx
ETag
W/"60cae579-40d"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:45 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?37b686e7cf30cb36f3ec73c17535ff9e
Requested by
Host: omg24.cn
URL: http://omg24.cn/tz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
80c293b159fb61223d13184b5d1a35c7e02f32a3b50e5a66814f4c2832e7a685
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://farmasihelalkozmetik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:46 GMT
Content-Encoding
gzip
Server
apache
Etag
11aa8dada3d333253a15f5f333f2682f
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14041
21058659.js
js.users.51.la/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21058659.js
Requested by
Host: omg24.cn
URL: http://omg24.cn/tz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
120.52.95.242 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software
openresty /
Resource Hash
491e8fe6ef5b94e6116a9f5d42bcf7e7db3206a7ee7ba9464a1c23b94c375edb

Request headers

Referer
http://farmasihelalkozmetik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit
1
Date
Thu, 17 Jun 2021 08:09:47 GMT
via
CHN-HElangfang-AREACUCC1-CACHE1[13],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,11],CHN-SH-GLOBAL1-CACHE73[108],CHN-SH-GLOBAL1-CACHE64[106,TCP_MISS,108]
X-CCDN-CacheTTL
86400
Age
1207418
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
00000179D10D22EE9052BF59296DCAE6
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
5207
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScCXEmGsPlWZvf3GMQBfnJO4Y+s6vEf
Last-Modified
Sun Feb 07 17:15:26 CST 2021
Server
openresty
ETag
"6d8260d769585553235a1334b47b3ed0"
Content-Type
application/javascript;charset=UTF-8
version-id
G00111777BC6405FFFFF9019065524A3
Accept-Ranges
bytes
x-hcs-proxy-type
1
go1
ia.51.la/ 		0
0
/
omg16.cn/ Frame 8FDB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/
Requested by
Host: farmasihelalkozmetik.com
URL: http://farmasihelalkozmetik.com/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
1778a722b27505775b64e150bcd2e591d36942b655e191b4eb0afecea0c9d1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
omg16.cn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://farmasihelalkozmetik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://farmasihelalkozmetik.com/

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 08:09:47 GMT
Content-Type
text/html
Last-Modified
Wed, 16 Jun 2021 11:05:21 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"60c9daf1-1199"
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
hm.gif
hm.baidu.com/ 		43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=636845807&si=37b686e7cf30cb36f3ec73c17535ff9e&v=1.2.80&lv=1&sn=25623&r=0&ww=1600&ct=!!&u=http%3A%2F%2Ffarmasihelalkozmetik.com%2F
Requested by
Host: farmasihelalkozmetik.com
URL: http://farmasihelalkozmetik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://farmasihelalkozmetik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 08:09:48 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
index.0a5e9b3.css
omg16.cn/css/ Frame 8FDB 		193 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/css/index.0a5e9b3.css
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
c994853350513265bde6c7f1c36202601eaf5002d95676050f87b0ec7f733613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 22 May 2021 12:15:42 GMT
Server
nginx
ETag
W/"60a8f5ee-304dd"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT
swiper.min.css
omg16.cn/css/ Frame 8FDB 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/css/swiper.min.css
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
67e54a2ad4686f2024e769df1f2f2d4ad53011cf2d83db0eec93729f995cc516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 22 May 2021 12:15:42 GMT
Server
nginx
ETag
W/"60a8f5ee-3563"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT
niubi.js
omg16.cn/js/ Frame 8FDB 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/js/niubi.js
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
6b21574cd6e153b5b8e86e74af72256ac02fac24e86e8359cdd6632018501fcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 17 Jun 2021 08:07:32 GMT
Server
nginx
ETag
W/"60cb02c4-6cc"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT
model1.254d9d6.jpg
omg16.cn/images/ Frame 8FDB 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/model1.254d9d6.jpg
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
e77a0f92cd0037fd9ade1b8dd0426acb34eefcd7990416cfa5009ec3ec72b4bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
"60a8f5ec-44440"
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
279616
Expires
Sat, 17 Jul 2021 08:09:48 GMT
model2.c82e6e7.jpg
omg16.cn/images/ Frame 8FDB 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/model2.c82e6e7.jpg
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
ea67677dea6fc9b2e52542d813dcb4ceb42d277b9a98bfab0b66e81c5d67b543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
"60a8f5ec-48225"
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
295461
Expires
Sat, 17 Jul 2021 08:09:48 GMT
logo_uefa.96e651d.png
omg16.cn/images/ Frame 8FDB 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/logo_uefa.96e651d.png
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
48acafbd54350a21dae18b1c3ba7359f871ef6d812822d30875c8f9b6550d6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
"60a8f5ec-30a2"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12450
Expires
Sat, 17 Jul 2021 08:09:48 GMT
logo.png
omg16.cn/images/ Frame 8FDB 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/logo.png
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
053b75cd334401702eb3f5226c896399ad1554b928930fcae1ee01e80a3c580c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:49 GMT
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
"60a8f5ec-98500"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
623872
Expires
Sat, 17 Jul 2021 08:09:49 GMT
service.png
omg16.cn/images/ Frame 8FDB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/service.png
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
2478b96f5336df2bca66501dffa39c53c19aca400d0de0913e41c8f347f5da48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
"60a8f5ec-3459"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13401
Expires
Sat, 17 Jul 2021 08:09:48 GMT
active.jpg
omg16.cn/images/ Frame 8FDB 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://omg16.cn/images/active.jpg
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
73c8026518f035992bd709ec3e9056f0c85e7d651a9ab37c52bad7203fc07484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:49 GMT
Last-Modified
Sat, 22 May 2021 12:15:38 GMT
Server
nginx
ETag
"60a8f5ea-5e63"
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24163
Expires
Sat, 17 Jul 2021 08:09:49 GMT
jquery.min.js
omg16.cn/js/ Frame 8FDB 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/js/jquery.min.js
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
W/"60a8f5ec-16dc5"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT
swiper.min.js
omg16.cn/js/ Frame 8FDB 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/js/swiper.min.js
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
3cad5361705995f61ac053ca047f4e9b02eb99832561de41809e9ffb4d671063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 22 May 2021 12:15:42 GMT
Server
nginx
ETag
W/"60a8f5ee-21d03"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT
clipboard.min.js
omg16.cn/js/ Frame 8FDB 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://omg16.cn/js/clipboard.min.js
Requested by
Host: omg16.cn
URL: http://omg16.cn/
Protocol
HTTP/1.1
Server
156.242.215.231 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
f2aec03a30d279e05723c1132f59a918efe6d420094cee4270effffaf0a88f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://omg16.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 08:09:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 22 May 2021 12:15:40 GMT
Server
nginx
ETag
W/"60a8f5ec-5193"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Jun 2021 20:09:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ia.51.la
URL
http://ia.51.la/go1?id=21058659&rt=1623917387292&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1623917387292&tt=&kw=&cu=http%253A%252F%252Ffarmasihelalkozmetik.com%252F&pu=

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _hmt string| url boolean| _bdhm_loaded_37b686e7cf30cb36f3ec73c17535ff9e object| mini_tangram_log_w8cwxy

2 Cookies

Domain/Path Name / Value
.farmasihelalkozmetik.com/ Name: Hm_lpvt_37b686e7cf30cb36f3ec73c17535ff9e
Value: 1623917388
.farmasihelalkozmetik.com/ Name: Hm_lvt_37b686e7cf30cb36f3ec73c17535ff9e
Value: 1623917388

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

farmasihelalkozmetik.com
hm.baidu.com
ia.51.la
js.users.51.la
omg16.cn
omg24.cn
ia.51.la
103.235.46.191
120.52.95.242
156.242.215.231
156.242.215.239
168.206.83.82
053b75cd334401702eb3f5226c896399ad1554b928930fcae1ee01e80a3c580c
1778a722b27505775b64e150bcd2e591d36942b655e191b4eb0afecea0c9d1dc
2478b96f5336df2bca66501dffa39c53c19aca400d0de0913e41c8f347f5da48
3cad5361705995f61ac053ca047f4e9b02eb99832561de41809e9ffb4d671063
48acafbd54350a21dae18b1c3ba7359f871ef6d812822d30875c8f9b6550d6dc
491e8fe6ef5b94e6116a9f5d42bcf7e7db3206a7ee7ba9464a1c23b94c375edb
6291d88f4630b0c12d8b9074c4287fc7830a962276e8b6033d45887a5dbea4bb
67e54a2ad4686f2024e769df1f2f2d4ad53011cf2d83db0eec93729f995cc516
6b21574cd6e153b5b8e86e74af72256ac02fac24e86e8359cdd6632018501fcb
73c8026518f035992bd709ec3e9056f0c85e7d651a9ab37c52bad7203fc07484
80c293b159fb61223d13184b5d1a35c7e02f32a3b50e5a66814f4c2832e7a685
b97e8ecf531f17c85b16c2c3e914e537d73bb4936da448d4c1f3c1d142cf227e
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c994853350513265bde6c7f1c36202601eaf5002d95676050f87b0ec7f733613
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e77a0f92cd0037fd9ade1b8dd0426acb34eefcd7990416cfa5009ec3ec72b4bf
ea67677dea6fc9b2e52542d813dcb4ceb42d277b9a98bfab0b66e81c5d67b543
f2aec03a30d279e05723c1132f59a918efe6d420094cee4270effffaf0a88f8c