urlscan.io logo urlscan.io
SecurityTrails logo

www.hemibio.eu Open in urlscan Pro
2606:4700:3036::6815:359f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hemibio.eu/
Effective URL: https://www.hemibio.eu/
Submission: On August 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3036::6815:359f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hemibio.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2020. Valid for: a year.
This is the only time www.hemibio.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 2600:9000:215... 16509 (AMAZON-02)
9 2606:2800:234... 15133 (EDGECAST)
4 95.211.229.246 60781 (LEASEWEB-...)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
54 9
31    2606:4700:3036::6815:359f (United States)

ASN13335 (CLOUDFLARENET, US)
www.hemibio.eu
i.hemibio.eu
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2600:9000:2156:c600:d:ed96:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn3.big7.com
9    2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)
a.exosrv.com
4    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exosrv.com
4    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
s3t3d2y7.ackcdn.net
Domain Requested by
23 i.hemibio.eu 1 redirects www.hemibio.eu
9 a.exosrv.com www.hemibio.eu
a.exosrv.com
8 www.hemibio.eu 1 redirects www.hemibio.eu
5 mc.yandex.com 2 redirects www.hemibio.eu
4 s3t3d2y7.ackcdn.net syndication.exosrv.com
4 syndication.exosrv.com a.exosrv.com
2 mc.yandex.ru 1 redirects www.hemibio.eu
1 cdn3.big7.com www.hemibio.eu
1 ajax.googleapis.com www.hemibio.eu
1 cdn.onesignal.com www.hemibio.eu
0 cdnu.porndoe.com Failed www.hemibio.eu
54 11

This site contains links to these domains. Also see Links.

Domain
www.parentalcontrolbar.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-22 -
2021-09-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.big7.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-04-01		 a year crt.sh
*.ackcdn.net
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-03 -
2022-07-04		 a year crt.sh
exosrv.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
ackcdn.net
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.hemibio.eu/
Frame ID: D9828987477EA235ED6456A893125415
Requests: 38 HTTP requests in this frame

Frame: https://a.exosrv.com/iframe.php?idzone=3596727&size=900x250
Frame ID: 5D23BEE4EBF01D1C4F37705D9CF55222
Requests: 2 HTTP requests in this frame

Frame: https://a.exosrv.com/iframe.php?idzone=3595953&size=300x250
Frame ID: D9AED0692292B04B44B7D87D9A7C819D
Requests: 2 HTTP requests in this frame

Frame: https://a.exosrv.com/iframe.php?idzone=3595965&size=300x250
Frame ID: 272CA38199D29C7CB116B011712DACB4
Requests: 2 HTTP requests in this frame

Frame: https://a.exosrv.com/iframe.php?idzone=3595969&size=300x250
Frame ID: F7B51CCCC0668A030A220CDCA4136A32
Requests: 2 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3596727&type=900x250&p=https%3A//www.hemibio.eu/&dt=1628087829575&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 82CA70E7C5532BCDE945D7C68CA901FF
Requests: 2 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595953&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829577&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 44BC6A7FC34AD439CAE39A731D966BC5
Requests: 2 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595965&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829578&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: CBDA6AFACD891C9283002D5B44E0BDB5
Requests: 2 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595969&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829579&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: B8603FBDE7911B5F7987DFE2706F1F77
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.hemibio.eu/ HTTP 301
    https://www.hemibio.eu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

54
Requests

98 %
HTTPS

88 %
IPv6

9
Domains

11
Subdomains

9
IPs

4
Countries

1053 kB
Transfer

1463 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hemibio.eu/ HTTP 301
    https://www.hemibio.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://i.hemibio.eu/rx/290x175,c_1,g_Center/http://cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/what-the-winner-gets_1595493024_26.jpg HTTP 0
  • http://cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/what-the-winner-gets_1595493024_26.jpg
Request Chain 25
  • https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg HTTP 302
  • https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9355.o7raYCsdLFPiFp6KdKmO_uu1ToDwG3bYDzTw80X_08zW7T0Cgs4DLo2rY10vSdG7.nZY_i37Gb6ry468LZvVRyaXjlfs%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9355.2vJQzipqPZXmHddDkJRRxxbDDwwrPryrcAji2KUSgvYOPsYNiVFTvZU_H2JprOAdaP0LJBvDOcMRNGUkrshI5A%2C%2C.KCUZfYmwZDpNCy7lQL3_DOEkGn0%2C
Request Chain 48
  • https://mc.yandex.com/watch/66980197?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A213085101322%3Ahid%3A807581820%3Az%3A120%3Ai%3A20210804163709%3Aet%3A1628087829%3Ac%3A1%3Arn%3A31777780%3Au%3A1628087829673537972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628087828846%3Ads%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C154%2C0%2C%2C%2C%2C382%3Adsn%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C153%2C0%2C%2C%2C%2C382%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1628087830%3At%3AGenie%C3%9Fe%20brandneue%20deutsche%20HD%20Amateur%20Pornos HTTP 302
  • https://mc.yandex.com/watch/66980197/1?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A213085101322%3Ahid%3A807581820%3Az%3A120%3Ai%3A20210804163709%3Aet%3A1628087829%3Ac%3A1%3Arn%3A31777780%3Au%3A1628087829673537972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628087828846%3Ads%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C154%2C0%2C%2C%2C%2C382%3Adsn%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C153%2C0%2C%2C%2C%2C382%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1628087830%3At%3AGenie%C3%9Fe%20brandneue%20deutsche%20HD%20Amateur%20Pornos

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hemibio.eu/
Redirect Chain
  • http://www.hemibio.eu/
  • https://www.hemibio.eu/
111 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7d023941b5f55856d891833da97048eebfe5773c29eade86586cbe61314ed5

Request headers

:method
GET
:authority
www.hemibio.eu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-cache
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJYSUfuKy6wkyGBjEy0cGnxR%2FIfYn%2FZZMRKd7b4KXGJMgaU1HJMrTWIZMYbkE3Qzpn70QqGHlvghPJO5SAidF692NAUSF3as3kpeZKsiYV8CsV3vflbfnR1SczJQe3xkgRM%2FoczPliYntrL6%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
679885a2cb4cd729-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Wed, 04 Aug 2021 14:37:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.hemibio.eu/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q1A7ilwg0W3EFGfKF84V2TMHny4tnUrbVSwvI%2F7vopGw6Ul9BcP%2F2%2F3XAdeShuYa3GrYWGXwhAq9qE2Hj9JGcZa%2FF7dtKmhtrNdNqPycjG5sKMc5c1evcTm4ltO0FtN0Q%2BlbMdB5acTaiYkcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
679885a2684e4dd0-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
app.c05799a6a486b1b88a80d9a964dce912.css
www.hemibio.eu/css/ 		92 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/css/app.c05799a6a486b1b88a80d9a964dce912.css
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f1da3dcd8a429a6088eea8192a3e380f993f9fdc103b651b12962c66b4bd65

Request headers

:path
/css/app.c05799a6a486b1b88a80d9a964dce912.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Sep 2020 09:31:37 GMT
server
cloudflare
etag
W/"5f745079-16f1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxup%2BfTf1F9ySMSDjRFFATIEuwsNIJ7zM4Y9O%2Bs8d6ZEbZwZBAoFJNuKBr6pzndMgnVeCsMn5W8%2FglMAdLMC5p9DNMfA9OKle0gEdYdX7kLLdQ%2FhNSI%2FlT5Mwx73G9gamwYrYhPacHyxanLBLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
679885a3d80b4a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
551
etag
W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
679885a3dc2f4de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Sat, 07 Aug 2021 14:37:09 GMT
f.js
www.hemibio.eu/placeholder/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/placeholder/f.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88cc0149c2a7a3e2166b12436235bed1038b2f461095326f4a5e05b6598f9aee

Request headers

:path
/placeholder/f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Sep 2020 09:14:11 GMT
server
cloudflare
etag
W/"5f744c63-66ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKisMHGJG0m3ARZbbhgHj%2B%2FaxFNzCiYjbRkv%2BFm1439G%2Bn6dIoLbSFp6pzQBkuTnxN%2BDNE7wi8sURuvHFwh2icNRzhvdrv7tjRy%2BcAopiIOl6x29ADVEk%2F9Kwr59GuFlDD12swAPYjTNtJ0XpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
679885a3d8084a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
default.png
www.hemibio.eu/img/ 		815 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hemibio.eu/img/default.png
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f066e442711a491337c98e13fd447e1a2ce3dfb27b6f1a99d3770ee15eb85d

Request headers

:path
/img/default.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
815
last-modified
Wed, 30 Sep 2020 09:14:11 GMT
server
cloudflare
etag
"5f744c63-32f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7Lm0ffkzG5gE2CAsuSmZKZruLOwbyC06VX1ptqHckJDn3YSviVzlpMuu%2Fz3dpiP1YJePqCI2OvtqNtmZ%2Fhf5mkysRPFFP1R0bQ2TL3dRcWolHqK%2Bx42bK4a7yMgsDFLbsBlb8elz5rFdnxAzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
679885a418b34a79-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Aug 2022 14:20:17 GMT
app.984454556ada976fbecaf4ed39f302a4.js
www.hemibio.eu/js/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a132a20cd8ec9687345a39626130d5e7160f3c22431497de3c07ca9236eb12

Request headers

:path
/js/app.984454556ada976fbecaf4ed39f302a4.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Sep 2020 09:31:37 GMT
server
cloudflare
etag
W/"5f745079-a306"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW5YeWuRykknqNekN6YMeR2Z3EguuxJ9%2BEo2xa6Yp5znDJHAT5EWWQi6Lg%2FVZ9sTLaWcnxV6Z4mJZ7PckdYYQKIsoy%2FpSYvq411F9APVhWFc9KhGOecHi0iYSBmc7X2xAVa1mvYVCiAhWLJidw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
679885a418944a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontello.woff2
www.hemibio.eu/font/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/font/fontello.woff2?97009442
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/css/app.c05799a6a486b1b88a80d9a964dce912.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac4e46712ed8440e95c9203527441a9241cb14c8a212709ad44413eb145de39

Request headers

:path
/font/fontello.woff2?97009442
pragma
no-cache
origin
https://www.hemibio.eu
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/css/app.c05799a6a486b1b88a80d9a964dce912.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.hemibio.eu
Referer
https://www.hemibio.eu/css/app.c05799a6a486b1b88a80d9a964dce912.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Sep 2020 09:14:11 GMT
server
cloudflare
etag
"5f744c63-b74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEMDTBcHAQ5WpxUTh0zri54bisYqTSoGXiwuSCqTzaKgZaSIGYZwvOA9Ebke6e1ktqLkAuXvcRYHjESDD6SbJAmJbN79NMUerkKL2xPrCDESy7%2Bc7ppvK1qKkCRw01azQMoeJc5z5wM8RNHUGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
679885a428da4a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2932
watch.js
mc.yandex.ru/metrika/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
66dc19f5644fe6fac24a19fc890e36278d8d2b0d089791a67f7ff0c628a7f7bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
last-modified
Tue, 03 Aug 2021 10:32:13 GMT
etag
"61029ac0-b96f"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47471
expires
Wed, 04 Aug 2021 15:37:09 GMT
og_018729abe3dfc98029d107554f58101f_1.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/5/865/8547/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/5/865/8547/og_018729abe3dfc98029d107554f58101f_1.jpg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469c43394f06232957baddeb9b1a5bd708014808f8f28b189a804eab335ae3ec

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
24530
pragma
public
x-imageproxy-debug
https://cdn3.big7.com/videos/5/865/8547/og_018729abe3dfc98029d107554f58101f_1.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=claOp%2Fytew7N%2BNkFiYjbEdhmRk5HDGalcwuAxz0VK8IAshxgkqH7YcvjgFwTD%2F%2F9w0pxACwSTn9p49xdab4i4gS0EtK%2BfJuwOlMpoYLS%2BuG5QEHRTrBzouUcljTuwvqbvnnQE2dP5mN5odU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
679885a4ff0bd729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
56a61c308533e_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F97uA12YBC/d/u/tmp/img/user/hashed/videos/1/1/7/10805711/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F97uA12YBC/d/u/tmp/img/user/hashed/videos/1/1/7/10805711/56a61c308533e_orig.jpg?validfrom=1597097980&validto=1601417980&hash=9z7ftqE%2FoKL1fsv3ry0czKOsDS4%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633e13fef0201e69b53b6fdaad1894521ef9ece521ab7c4752bf805ba6c164e0

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28576
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F97uA12YBC/d/u/tmp/img/user/hashed/videos/1/1/7/10805711/56a61c308533e_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgZGeuf%2FdWp3hq2DJZndXmmkXHpUocONKH3uBOfpjWtxQaFswt%2Fx08txTfFiwwSQYxOlOaZbDRj4KzdyHIv2i04fPA1dmDqHOqGV9c2ITeN0y649JDNmg3YrynoFrv2IRkQo2ymeR%2FPPStI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19028-2-46086-h-0-0---;19028-9-53200----0-0-1
accept-ranges
bytes
cf-ray
679885a4ef03d729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5eadc756140df_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1H7Ex7lVHPQR9_RE67U2b/d/u/tmp/img/user/hashed/videos/2/1/6/104608612/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1H7Ex7lVHPQR9_RE67U2b/d/u/tmp/img/user/hashed/videos/2/1/6/104608612/5eadc756140df_orig.jpg?validfrom=1597089644&validto=1601409644&hash=aofL1DXQZUBc6BOOoNXx5wwiGVU%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109e5b9d76a7ed44f272f1138a97b40361867ef707373d229708bbfbab1f2bc9

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29724
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1H7Ex7lVHPQR9_RE67U2b/d/u/tmp/img/user/hashed/videos/2/1/6/104608612/5eadc756140df_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuw9eQyHV7GE78vQh1jdDWNuAO6nHuihjZZi7YEtIBTAKr4jf890VRar36ND9H9as3M6lfuWqQ6PAGvNrLFYNM%2FEK%2FZukFkrki7QDyiFB31Gf6N8Gl8PAX3sjZR56A2NpoXz49oiGfIrvD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19004-2-11934-h-0-0---;19006-9-10446----0-0-1
accept-ranges
bytes
cf-ray
679885a4ff09d729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
14c87c1e63ae19_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/6/7/4/2575476/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/6/7/4/2575476/14c87c1e63ae19_orig.jpg?validfrom=1597104325&validto=1601424325&hash=TemCOGmUZpIM9K7SO2Fgzu1eSIc%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f6f003f0ef709b5ae675ecda1b25945ee40b8647860da58d2d1d05e3233f0b

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39426
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/6/7/4/2575476/14c87c1e63ae19_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmbcg1mez9rq%2FAdbJz8tgFNcc3Pk9XjWxD3zJSGfvOqtbELC3mn7hO%2FFx8fB7%2FlbiZjjTfrpP8O37RjlDKDDcK94%2F0WBlo3vKeNPokbNb6xksaCp3WnBE1u6zbHVV3Ijjs1uo6kkwnHHbsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-1-51755-h-0-0---;19028-10-53200----0-0-2
accept-ranges
bytes
cf-ray
679885a4ff0ad729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
57e048c1b24f3_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FFVTQ93YBC/d/u/tmp/img/user/hashed/videos/1/0/9/15809901/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FFVTQ93YBC/d/u/tmp/img/user/hashed/videos/1/0/9/15809901/57e048c1b24f3_orig.jpg?validfrom=1597096853&validto=1601416853&hash=Incf0N27rEWa%2BQzZxfUx%2B1crjlw%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ff68a7e636e6dde8ad573cabfc6ce695042857917c4b69ffb7d3a372b46fa0

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
104443
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FFVTQ93YBC/d/u/tmp/img/user/hashed/videos/1/0/9/15809901/57e048c1b24f3_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6ttFbML9CUcRAywZWYgTtwLCzOPMle5ev%2BwzKfxJ7F%2BVdI9JtM5hYM%2FPpwzRuR8rI5yxmv8JepITiiqTPGXIiv5Tw3eGSyJCwrx6CtVAhXWSsfVv1zFijoX8hRF9oF1mLwXEuJK1eZQL3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
x-cdn-diag
par1-19028-1-46024-h-0-0---;19005-10-43154----0-0-1
accept-ranges
bytes
cf-ray
679885a4ff07d729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
og_c344c87e9e9f4ee0b65ecc8906285b85_1.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/1/3701811/231040/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/1/3701811/231040/og_c344c87e9e9f4ee0b65ecc8906285b85_1.jpg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e43beede6e7883609fb3e5e8d75512c067179ddfa6465dceac390e9b00c1383

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34042
pragma
public
x-imageproxy-debug
https://cdn3.big7.com/videos/1/3701811/231040/og_c344c87e9e9f4ee0b65ecc8906285b85_1.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lon4gqiHaFo5kSoQ1jpPq9bek08Tm0gdFK4mAm%2FOMURQ6JKxfWgU8blVnBpQzpRNT%2FxH%2BitNuY2F4qzA14jHis2FvG17wbrD4RbRXEnyIaY1n4ciZHD6Su4zW7lh97t%2BooonQfD4r1YrYcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
679885a4ff0dd729-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5dfbaf268fdd8_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1V79_3lVH6h66_9_72b/d/u/tmp/img/user/hashed/videos/2/5/6/2652/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1V79_3lVH6h66_9_72b/d/u/tmp/img/user/hashed/videos/2/5/6/2652/5dfbaf268fdd8_orig.jpg?validfrom=1597110681&validto=1601430681&hash=ekr%2BczBG50McPGEG%2BEqZ96Ks1dw%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fb7694179ef235fa78b14d1d2a800c06a6704659912c228a2c02c2a2df8a90

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28735
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-1V79_3lVH6h66_9_72b/d/u/tmp/img/user/hashed/videos/2/5/6/2652/5dfbaf268fdd8_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x%2B4GS6nKYfj5H%2FC5seX%2BwqE8o6lVLRi28EWOIhR767PNAWExPyiRXZF%2B9plj6lZ3xO9kTAFKABYpnpCAR0KXqppUUoUQC2P34OKmK%2B6ib6p%2BEkGNSvYrViDVWWiNElE3%2FMXHTBg51MM2kY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19004-2-11937-e-0-0-200-0.220--;19006-9-10446----0-0-225
accept-ranges
bytes
cf-ray
679885a5cc354a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
145c34044f32d1_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG4a/d/u/tmp/img/user/videos/170490/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG4a/d/u/tmp/img/user/videos/170490/145c34044f32d1_orig.jpg?validfrom=1597110094&validto=1601430094&hash=n7s%2F3JG3o1BDKisSoVvx932BRn8%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85050ef60e43e38b94a32873c331b8df511e4da3007881f5d6f9ad32a00ea252

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20621
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG4a/d/u/tmp/img/user/videos/170490/145c34044f32d1_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUqvsC2BN85G%2Bg2bsRtx6djT%2BmCXDkatdpTXRSF0yleQ4vOr8wgPH%2BBIUzLxibolAkqTIYN%2F9bO9gq2f4QviB71483Tgc5xVIN9khNX5l4ypk5qqerId51LluMQPwhW9pOeIJgdB8LOX9Is%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19028-3-46123-h-0-0---;19006-10-10446----0-0-2
accept-ranges
bytes
cf-ray
679885a5cc374a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
what-the-winner-gets_1595493024_26.jpg
cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/
Redirect Chain
  • https://i.hemibio.eu/rx/290x175,c_1,g_Center/http://cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/what-the-winner-gets_1595493024_26.jpg
  • http://cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/what-the-winner-gets_1595493024_26.jpg
0
0
153c947ddecd9f_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/3/3/5/2022533/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/3/3/5/2022533/153c947ddecd9f_orig.jpg?validfrom=1597105187&validto=1601425187&hash=mX52Y1XSOzlWq0BPiqDs8ACrDYY%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d834bcc04a5bf8b559f1c5119707d8965b35fbfbd8569cc8b5368206c3ad539

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
30483
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/3/3/5/2022533/153c947ddecd9f_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s%2Bn5L7OBAwhAna6bNd9UWgS7VlYqnro5CBArsHcexc0hrojO7dih6%2FYfbt4XCrnL0NCzsu1B%2F8ElOOQRWxSZeXv7q9rHTXjo%2FVfK5ILUUwt%2Bt%2BfEj6O94KfojwRdSOPZR7huVV88N0sWuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19028-2-46087-h-0-0---;19006-62-10446----0-0-1
accept-ranges
bytes
cf-ray
679885a5cc3a4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
150147e79e9db2_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/5/9/1/4613195/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/5/9/1/4613195/150147e79e9db2_orig.jpg?validfrom=1597099989&validto=1601419989&hash=0NwlFnqzLFG%2FkGLCexBzbgpQSlk%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6356d862909581a879d83241f13c038cc7121a5b3fb51e66aebf0747c2b170c4

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20344
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/5/9/1/4613195/150147e79e9db2_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ndNyxeWbce9UKk%2F%2BIlEXXAyjZmuxc46Bg3Z7FIew7i1FLCyOH9N9RZOnuLYwDPM4trVLK1IGghwFtVrHh4TLwaCt1x%2Fp7Y16GsWj8V3MswADl54flIdKPn7EwmkzUN5gHpMu7fFREY9w5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-3-51863-h-0-0---;19005-9-43154----0-1-9
accept-ranges
bytes
cf-ray
679885a5cc3b4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
150d92c5e2f52a_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/7/3/9/4148937/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/7/3/9/4148937/150d92c5e2f52a_orig.jpg?validfrom=1597101288&validto=1601421288&hash=aoMXa0PEsFi9XP2sofqCLoqlezE%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9656fa70709f85dbfdc1431e5a2dc6420132c3170104c36fa3b52fcf88120e

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29933
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FG34a/d/u/tmp/img/user/hashed/videos/7/3/9/4148937/150d92c5e2f52a_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyNSy%2BOM%2FpH1JoGZcvin%2FjWtqr6pau%2B7Dz7%2BS%2FjOzl5Bgu5ZosQGV8bIsrfrx6LalSs5xe552uRPQi5FlDx%2F86afo%2BpYsWXMPkLIF42tY9pRDVFw5UQVOnb%2B8LKnkHis4Rwris%2F%2B9HQXPcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19028-3-46121-h-0-0---;19004-10-21317----0-0-1
accept-ranges
bytes
cf-ray
679885a5cc3c4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5c8800d69b201_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zPCigZlVbOU-N-_Bh/d/u/tmp/img/user/hashed/videos/2/7/5/90057572/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zPCigZlVbOU-N-_Bh/d/u/tmp/img/user/hashed/videos/2/7/5/90057572/5c8800d69b201_orig.jpg?validfrom=1597091879&validto=1601411879&hash=%2BbOnX5CHSzAJzVAoA0O8ZLJNcbg%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c5607f572ce0276c437460acd5ddf75b6c08acbed418a1d360952a74c8ecaf

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38767
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zPCigZlVbOU-N-_Bh/d/u/tmp/img/user/hashed/videos/2/7/5/90057572/5c8800d69b201_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SU056c%2FDid8NJMOwWpDf1EmoWX8oZsGxuiNOFQJfN1N4uqaNNcKnUY1BOS286%2BdbH6Th%2BPE6Bh9dRcpk28dJggg5%2FSKESK%2BbdA2R2M9RY3MjGty4mjzIvW6T3a%2B6TpsWl3DnyoRjYRPWp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19005-1-31477-h-0-0---;19004-10-21317----0-0-1
accept-ranges
bytes
cf-ray
679885a5cc3e4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
1572edbb776afd_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F3Sn_L3YBC/d/u/tmp/img/user/hashed/videos/1/9/8/23720891/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F3Sn_L3YBC/d/u/tmp/img/user/hashed/videos/1/9/8/23720891/1572edbb776afd_orig.jpg?validfrom=1597096749&validto=1601416749&hash=p1UT3cPlm1zSYKppA0Ei3%2FhdeE8%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87adc21d02b97f46d82a01c099357601399850b76e86aa890fd4a910cd53cbed

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19880
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7F3Sn_L3YBC/d/u/tmp/img/user/hashed/videos/1/9/8/23720891/1572edbb776afd_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPGRSzfawcKBh%2BzsUQwcDgicoSPuPkerVReDlQDvrmSf%2FQXPN5MLwiORRU18Eb1zFYBTgygGB1s0jplkaarEiP5X6j3%2FmGmkldr7k%2F1xDY3zZicFkgdLS%2BGUhDnbqm7ffsRD85KlT9zRwp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-2-51819-e-0-0-200-0.256--;19028-9-53200----0-0-259
accept-ranges
bytes
cf-ray
679885a5cc3f4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
14d46de1a2f1b7_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/7/6/5/3853567/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/7/6/5/3853567/14d46de1a2f1b7_orig.jpg?validfrom=1597102013&validto=1601422013&hash=%2BIEVIY%2BEkWXLyBr7byiXsGycHv0%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c457b3fc9e1941cb4fda3d8f42cdc82f7e614b98fa03a05da14aecf78442831e

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26267
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/7/6/5/3853567/14d46de1a2f1b7_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jFYVhOZhOVIuTRLszYhdDrS1CMxjxO4zMfl3O%2B7Vd%2Bh6tlzR8%2BzJqmnzY7CyeFHXp7wfG5ayxP%2BxNbdYeQ0UBUI8ua9uiME0d2%2Fs7pM23tJT79RXiByG3iq%2FuRCzMGpDWcZFw7BoJkXa0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19004-2-11937-h-0-0---;19004-9-21317----0-0-7
accept-ranges
bytes
cf-ray
679885a5cc404a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5c7b6018b6819_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-5Tx8_YlVX6hQVBUQAh/d/u/tmp/img/user/hashed/videos/1/6/6/40961661/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-5Tx8_YlVX6hQVBUQAh/d/u/tmp/img/user/hashed/videos/1/6/6/40961661/5c7b6018b6819_orig.jpg?validfrom=1597095662&validto=1601415662&hash=priO6vQB2jLtoWBM2%2F6lKcNaH3Q%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f9a18cc9f9bce7b4997b4e15bf496361e1186f31b2008d1f56f9da4b5345c96

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
97989
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-5Tx8_YlVX6hQVBUQAh/d/u/tmp/img/user/hashed/videos/1/6/6/40961661/5c7b6018b6819_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdNhA3w45XcP%2B%2FTwmOECt0uXtdDrrcKW1K%2Fv%2FzCPW8PWXq0eOqqR%2F3nKl1rJ2o3LhJLAdh1LtbbI93exMt87oU4lxmIbylBG8MX%2FcQAiuE75%2BZGSBOYiTH5tstuYnBjglzoA%2Blo%2Fu8V2WDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
x-cdn-diag
par1-19005-3-31584-h-0-0---;19004-10-21317----0-0-2
accept-ranges
bytes
cf-ray
679885a5cc414a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
56940ed6905a2_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FqpwsZ2YBC/d/u/tmp/img/user/hashed/videos/7/7/8/2762877/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FqpwsZ2YBC/d/u/tmp/img/user/hashed/videos/7/7/8/2762877/56940ed6905a2_orig.jpg?validfrom=1597104059&validto=1601424059&hash=1Gb1B1sQEldO6FyRYr17Nbu5Ys0%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6544d151d18217de3957caf3c6ab8827e3d535844080ad7f990714922d229fc

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26228
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FqpwsZ2YBC/d/u/tmp/img/user/hashed/videos/7/7/8/2762877/56940ed6905a2_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEFa0p3xFfVkWsON5nThfCIBv2Bs86%2B%2BrNdGe0t00DlWK8gtVBk7ZHQG6bs4zMMmiJhY5ANT%2BLC5%2BYH7jzLjiEuh%2BA%2FLxnDs3J6rMGhJBg0lv0cFsOoPstXefTQpHy70Tq2YQOBR1wITnmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19005-1-31477-h-0-0---;19004-10-21317----0-0-1
accept-ranges
bytes
cf-ray
679885a5cc424a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
cdn3.big7.com/videos/3/63/26375/
Redirect Chain
  • https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
  • https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c600:d:ed96:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuBTJqCIV7XryI70LW6cQ613EuMYxx8TtFM1UsFQXm3okBCeWZTJfAmpImzNg%2F%2FPvT%2FA4XRdJ3ydhfbktU8HNaeKOfaYkSzzzzIms8G92MKafSKLEhgDe8EqdL94rajUqTUB3mzGN1dE69M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg
cf-ray
679885a5cc444a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-imageproxy-debug
https://cdn3.big7.com/videos/3/63/26375/og_6046b28005ad8739ecfc59a1c7c9b6ff_1.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
14e17737e4fe3d_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/3/1/8/4257813/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/3/1/8/4257813/14e17737e4fe3d_orig.jpg?validfrom=1597101023&validto=1601421023&hash=znmfrrgpXYestnrhD6uDeGfCj3w%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c148cd9db93c32a97496361bb660cf302bf7b964d1f98143eecc22cab9bbd5a6

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15951
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGpo/d/u/tmp/img/user/hashed/videos/3/1/8/4257813/14e17737e4fe3d_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIkBLajO9gGDOYN3Hn4he0l%2FIVOu8bS5dTQgFwj8fl%2FbIGhjw%2FIjDhePMsO9NqLEYbYNO1ZUFL2u5YDwuXPns3eCJaaiZUXLWUPfzzqyHE%2B0FtdZzDAfafy8n9YQKvwBMDujcRX8sasZ3XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-2-51822-m-0-0-200-0.260--;19005-9-43154----0-0-260
accept-ranges
bytes
cf-ray
679885a5cc454a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
og_53e964a93ec37464be0770cad0780583_1.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/6/2093626/136835/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/6/2093626/136835/og_53e964a93ec37464be0770cad0780583_1.jpg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0896775b8010fa0b83045b7e2b179463609cf756867a9b308d67841c34c9dd22

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21154
pragma
public
x-imageproxy-debug
https://cdn3.big7.com/videos/6/2093626/136835/og_53e964a93ec37464be0770cad0780583_1.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bh9xMLEfUZrHD6LWJylnEBwlOulKHQHmNR7wfK84Oegb4VlovsGstG0awnZLXBzNRDlJzXcvdRoJMWw0HwGDxkGhG4yWgufdWJAmvryM4Hhfjtzi4m5IJ9ZU4X9sJlbKIC85RYJMJWljaTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
679885a5cc474a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5c3cf849dd8de_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-9XtyFYlVHURH_7VTRVAh/d/u/tmp/img/user/hashed/videos/2/8/9/88218982/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-9XtyFYlVHURH_7VTRVAh/d/u/tmp/img/user/hashed/videos/2/8/9/88218982/5c3cf849dd8de_orig.jpg?validfrom=1597092053&validto=1601412053&hash=1gIvB%2BqUIHYK09VdngZQ%2FJu%2Fy%2Fc%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f14c0a629946df71c80ee32a9ce8c47dc05943f185956c934a1c89d69608eae

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28097
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-9XtyFYlVHURH_7VTRVAh/d/u/tmp/img/user/hashed/videos/2/8/9/88218982/5c3cf849dd8de_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imckkAH%2BeI4a0UAzoK7z8ZeADYI2EgjJf%2BJ5U9GRwqWN%2F0J4EyC%2Fo%2FF%2BQ2CNhc5HZUJfTv1%2F5Bh3JnCiEx3pIxIMXs%2FaIM9S6aHvkyRocGV%2B7G2mJO%2B1ZCgHAhJedQChznWqVtUedeuuIH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-3-51863-h-0-0---;19028-9-53200----0-0-18
accept-ranges
bytes
cf-ray
679885a5cc484a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
og_6e8e89b15a7f224d3d50afeecc27f93f_1.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/1/151/33352/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn3.big7.com/videos/1/151/33352/og_6e8e89b15a7f224d3d50afeecc27f93f_1.jpg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05747b148b1134669f36c0f4c87fef258e90170e7eab3e86bac73f5c5046

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
23153
pragma
public
x-imageproxy-debug
https://cdn3.big7.com/videos/1/151/33352/og_6e8e89b15a7f224d3d50afeecc27f93f_1.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKw%2BVrLvdqTHTvzbdP9n%2BLl4r1Zl7k65eWvUpc%2Fb1WEZwQeJ50X1EJg7RKQCa%2BmJVZAB6igHTBnrlYdYfQ2hD267nTLrSvf09qyKDj%2FRnSfdvo2cRf4JuDZybTNvSvg2N7b8EHYAqKTaU6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
679885a5cc494a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
1486a57ee9f3a8_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGJd/d/u/tmp/img/user/videos/873461/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGJd/d/u/tmp/img/user/videos/873461/1486a57ee9f3a8_orig.jpg?validfrom=1597108412&validto=1601428412&hash=M7MQsCnXUdaEkv6UcH4GWrxkDzI%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0b46e1c4466b7bcd48e4a48c6529b281b9acb9087d0f85f43fb48e2e3f98c5

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22975
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/M7QBU7FGJd/d/u/tmp/img/user/videos/873461/1486a57ee9f3a8_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkCyP%2BstIQvbdbnvLrCrqH7Ybvaj%2BnvJfobSvE6bJThPO75c99YEKAcoUT4s8%2F5WRjQH8%2BqwKXwFChq2vkFVZJMe1VettiWUL8d4WTcQOp5o1SAl0L0QcYXvBf1iAiKK2%2BmGXgfhUeiCREk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-3-51864-m-0-0-200-0.340--;19028-9-53200----0-0-339
accept-ranges
bytes
cf-ray
679885a5cc4c4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
5d3092f8271d8_orig.jpg
i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zVwnC2lVb-T-6MV-3b/d/u/tmp/img/user/hashed/videos/2/7/6/94708672/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hemibio.eu/rx/290x175,c_1,g_Center/https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zVwnC2lVb-T-6MV-3b/d/u/tmp/img/user/hashed/videos/2/7/6/94708672/5d3092f8271d8_orig.jpg?validfrom=1597091471&validto=1601411471&hash=H7%2BsZIuilJfI4%2FfdosV8VRwn4LY%3D
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01f71a120ab1fda08c249c643ec1e32d779707fe6569d8ae1d25b9461cc700f

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
all
x-imageproxy-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
42995
x-imageproxy-debug
https://cdn1-s-ha-e17.mdhcdn.com/BURU5U-zVwnC2lVb-T-6MV-3b/d/u/tmp/img/user/hashed/videos/2/7/6/94708672/5d3092f8271d8_orig.jpg?w=290&h=175&q=96&r=0&e=0&cmd=crop
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sf1F5TJ8ELfNeUAJCAQvSvkvAYy8F9cUAIqf5r%2F3ura3x7%2FerAHoWdpyeFdQJxgvRO6MI5caleQoL1tpIC7lW3yRSn0%2FojzRe3%2FB1zl1oN6DUkXFUG7v1EAOwVU2kPTWZO%2BkAzLqDzFDfGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
x-cdn-diag
par1-19006-3-51863-m-0-0-200-0.260--;19028-9-53200----0-0-262
accept-ranges
bytes
cf-ray
679885a5cc4d4a79-FRA
expires
Thu, 05 Aug 2021 02:37:09 GMT
placeholder
www.hemibio.eu/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hemibio.eu/api/placeholder?ab=0&q[]=header-hidden&q[]=menu-top&q[]=menu-bottom&q[]=header&q[]=content-top&q[]=content-bottom&q[]=footer&q[]=footer-a&q[]=footer-b&q[]=footer-c&q[]=footer-hidden&viewport=lg
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:359f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44503c6ae86ce528a8ab3d029424d71f22c0bd13366c6c266f4a895f16d0f2d

Request headers

:path
/api/placeholder?ab=0&q[]=header-hidden&q[]=menu-top&q[]=menu-bottom&q[]=header&q[]=content-top&q[]=content-bottom&q[]=footer&q[]=footer-a&q[]=footer-b&q[]=footer-c&q[]=footer-hidden&viewport=lg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.hemibio.eu
referer
https://www.hemibio.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
59
x-cache
BYPASS
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adiw6AlK4O7LwcAJmAENKMkIS%2BdEy67iOXBzC0GJmsGn1viIsgp5U6j6Dg%2FYt3z0v5zqog%2B3kYRpDDAuCh2g3P3FuykSqFKcQOkfXcssDvJ4ndHnXFrEaPBeV0hMZUDvzCxGFXbusIjAS%2BdaYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
679885a54b3d4a79-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9355.o7raYCsdLFPiFp6KdKmO_uu1ToDwG3bYDzTw80X_08zW7T0Cgs4DLo2rY10vSdG7.nZY_i37Gb6ry468LZvVRyaXjlfs%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9355.2vJQzipqPZXmHddDkJRRxxbDDwwrPryrcAji2KUSgvYOPsYNiVFTvZU_H2JprOAdaP0LJBvDOcMRNGUkrshI5A%2C%2C.KCUZfYmwZDpNCy7lQL3_DOEkGn0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9355.2vJQzipqPZXmHddDkJRRxxbDDwwrPryrcAji2KUSgvYOPsYNiVFTvZU_H2JprOAdaP0LJBvDOcMRNGUkrshI5A%2C%2C.KCUZfYmwZDpNCy7lQL3_DOEkGn0%2C
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9355.2vJQzipqPZXmHddDkJRRxxbDDwwrPryrcAji2KUSgvYOPsYNiVFTvZU_H2JprOAdaP0LJBvDOcMRNGUkrshI5A%2C%2C.KCUZfYmwZDpNCy7lQL3_DOEkGn0%2C
date
Wed, 04 Aug 2021 14:37:09 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
last-modified
Tue, 03 Aug 2021 10:32:13 GMT
etag
"61029ac0-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 04 Aug 2021 15:37:09 GMT
iframe.php
a.exosrv.com/ Frame 5D23 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/iframe.php?idzone=3596727&size=900x250
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
8707274df1d56dd139c1dc0c1c82ecc999079fde5acae329109ec0d69ba9ae86

Request headers

:method
GET
:authority
a.exosrv.com
:scheme
https
:path
/iframe.php?idzone=3596727&size=900x250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hemibio.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hemibio.eu/

Response headers

content-encoding
gzip
accept-ranges
bytes
age
983
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
date
Wed, 04 Aug 2021 14:37:09 GMT
expires
Wed, 04 Aug 2021 17:37:09 GMT
last-modified
Wed, 04 Aug 2021 14:20:46 GMT
server
ECS (frb/67DF)
vary
Accept-Encoding
x-cache
HIT
content-length
1103
iframe.php
a.exosrv.com/ Frame D9AE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/iframe.php?idzone=3595953&size=300x250
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
1d41397f3e84ba4e5e625d873f48cec07fffb3ef3d1d5615cce00b1d88aa940a

Request headers

:method
GET
:authority
a.exosrv.com
:scheme
https
:path
/iframe.php?idzone=3595953&size=300x250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hemibio.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hemibio.eu/

Response headers

content-encoding
gzip
accept-ranges
bytes
age
2115
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
date
Wed, 04 Aug 2021 14:37:09 GMT
expires
Wed, 04 Aug 2021 17:37:09 GMT
last-modified
Wed, 04 Aug 2021 14:01:54 GMT
server
ECS (frb/67A7)
vary
Accept-Encoding
x-cache
HIT
content-length
1102
iframe.php
a.exosrv.com/ Frame 272C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/iframe.php?idzone=3595965&size=300x250
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
06b23f398cb686c71fbcac9142602bd817f785ff2ad0ad7a5867b5fffb430170

Request headers

:method
GET
:authority
a.exosrv.com
:scheme
https
:path
/iframe.php?idzone=3595965&size=300x250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hemibio.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hemibio.eu/

Response headers

content-encoding
gzip
accept-ranges
bytes
age
2115
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
date
Wed, 04 Aug 2021 14:37:09 GMT
expires
Wed, 04 Aug 2021 17:37:09 GMT
last-modified
Wed, 04 Aug 2021 14:01:54 GMT
server
ECS (frb/6795)
vary
Accept-Encoding
x-cache
HIT
content-length
1105
iframe.php
a.exosrv.com/ Frame F7B5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/iframe.php?idzone=3595969&size=300x250
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
d04b71d91ab800ccc001ce8d01e0b1ded860a815f32dc5203344d9bb075dc4f4

Request headers

:method
GET
:authority
a.exosrv.com
:scheme
https
:path
/iframe.php?idzone=3595969&size=300x250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hemibio.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hemibio.eu/

Response headers

content-encoding
gzip
accept-ranges
bytes
age
2115
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
date
Wed, 04 Aug 2021 14:37:09 GMT
expires
Wed, 04 Aug 2021 17:37:09 GMT
last-modified
Wed, 04 Aug 2021 14:01:54 GMT
server
ECS (frb/6752)
vary
Accept-Encoding
x-cache
HIT
content-length
1105
popunder1000.js
a.exosrv.com/ 		92 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/popunder1000.js
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/js/app.984454556ada976fbecaf4ed39f302a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
b32d7dd6d2ac719fca6a18929a184d19a34b919d0360963d672e29a0e2a0d27c

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 13:11:42 GMT
server
ECS (frb/675D)
age
5127
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
content-length
40470
expires
Wed, 04 Aug 2021 17:37:09 GMT
ads.js
a.exosrv.com/ Frame 5D23 		2 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/ads.js
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/iframe.php?idzone=3596727&size=900x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c

Request headers

Referer
https://a.exosrv.com/iframe.php?idzone=3596727&size=900x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 13:11:42 GMT
server
ECS (frb/67BC)
age
5127
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
content-length
959
expires
Wed, 04 Aug 2021 17:37:09 GMT
ads.js
a.exosrv.com/ Frame D9AE 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/ads.js
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/iframe.php?idzone=3595953&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c

Request headers

Referer
https://a.exosrv.com/iframe.php?idzone=3595953&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 13:11:42 GMT
server
ECS (frb/67BC)
age
5127
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
content-length
959
expires
Wed, 04 Aug 2021 17:37:09 GMT
ads.js
a.exosrv.com/ Frame 272C 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/ads.js
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/iframe.php?idzone=3595965&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c

Request headers

Referer
https://a.exosrv.com/iframe.php?idzone=3595965&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 13:11:42 GMT
server
ECS (frb/67BC)
age
5127
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
content-length
959
expires
Wed, 04 Aug 2021 17:37:09 GMT
ads.js
a.exosrv.com/ Frame F7B5 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exosrv.com/ads.js
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/iframe.php?idzone=3595969&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c

Request headers

Referer
https://a.exosrv.com/iframe.php?idzone=3595969&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 14:37:09 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 13:11:42 GMT
server
ECS (frb/67BC)
age
5127
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
content-length
959
expires
Wed, 04 Aug 2021 17:37:09 GMT
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 82CA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3596727&type=900x250&p=https%3A//www.hemibio.eu/&dt=1628087829575&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d51c38e0663afb51ef316c9966cce5d8fb3c0fec33666297909dc8b5752ebcc

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://a.exosrv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a.exosrv.com/

Response headers

Server
nginx
Date
Wed, 04 Aug 2021 14:37:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22610aa615990dc3.577167481641002915%22%3B%7D; expires=Fri, 04 Aug 2023 14:37:09 GMT; path=; domain=.exosrv.com; Secure; SameSite=none impressions=x%9C%ABV21276%B6%B0%D05%B10%B6057%B6P%B2%8A6%D4143%B20%B00%B70%B2%D4Q2411P%8A%AD%05%00%C3+%09%26; expires=Thu, 05 Aug 2021 14:37:09 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 44BC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595953&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829577&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ba06f8ae934bc7ad3406cc27e60aead7c372f1037467fc81aed858061993ccdd

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://a.exosrv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a.exosrv.com/

Response headers

Server
nginx
Date
Wed, 04 Aug 2021 14:37:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22610aa61598f3b7.635514304284151899%22%3B%7D; expires=Fri, 04 Aug 2023 14:37:09 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame CBDA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595965&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829578&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
58d26156334fcffda4000bc608dea743706df11b03a2f0a0f1f88639ab9ab580

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://a.exosrv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a.exosrv.com/

Response headers

Server
nginx
Date
Wed, 04 Aug 2021 14:37:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22610aa61599edd8.532681821894427470%22%3B%7D; expires=Fri, 04 Aug 2023 14:37:09 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame B860 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595969&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829579&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.exosrv.com
URL: https://a.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
deac2f8e95ee71f242d0a8804591c6101ed35ea9245747967735c8200a536bca

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://a.exosrv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a.exosrv.com/

Response headers

Server
nginx
Date
Wed, 04 Aug 2021 14:37:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22610aa615995282.983555961240618484%22%3B%7D; expires=Fri, 04 Aug 2023 14:37:09 GMT; path=; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding
gzip
1
mc.yandex.com/watch/66980197/
Redirect Chain
  • https://mc.yandex.com/watch/66980197?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.com/watch/66980197/1?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
316 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66980197/1?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A213085101322%3Ahid%3A807581820%3Az%3A120%3Ai%3A20210804163709%3Aet%3A1628087829%3Ac%3A1%3Arn%3A31777780%3Au%3A1628087829673537972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628087828846%3Ads%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C154%2C0%2C%2C%2C%2C382%3Adsn%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C153%2C0%2C%2C%2C%2C382%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1628087830%3At%3AGenie%C3%9Fe%20brandneue%20deutsche%20HD%20Amateur%20Pornos
Requested by
Host: www.hemibio.eu
URL: https://www.hemibio.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
79e93e65df720c48db8b5221ec1d8787d42630b4bb67d0807eb33cff5553e08d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hemibio.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 14:37:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 04-Aug-2021 14:37:09 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hemibio.eu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Wed, 04-Aug-2021 14:37:09 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 14:37:09 GMT
last-modified
Wed, 04-Aug-2021 14:37:09 GMT
location
/watch/66980197/1?wmode=7&page-url=https%3A%2F%2Fwww.hemibio.eu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A383%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A213085101322%3Ahid%3A807581820%3Az%3A120%3Ai%3A20210804163709%3Aet%3A1628087829%3Ac%3A1%3Arn%3A31777780%3Au%3A1628087829673537972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628087828846%3Ads%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C154%2C0%2C%2C%2C%2C382%3Adsn%3A0%2C19%2C145%2C5%2C59%2C0%2C%2C153%2C0%2C%2C%2C%2C382%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1628087830%3At%3AGenie%C3%9Fe%20brandneue%20deutsche%20HD%20Amateur%20Pornos
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.hemibio.eu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 04-Aug-2021 14:37:09 GMT
b4962bbffd25d86cfb47aae357d11d6662300c99.png
s3t3d2y7.ackcdn.net/library/415055/ Frame 82CA 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3t3d2y7.ackcdn.net/library/415055/b4962bbffd25d86cfb47aae357d11d6662300c99.png
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3596727&type=900x250&p=https%3A//www.hemibio.eu/&dt=1628087829575&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9e5cb5c621924ca75d56e7212e68987411b3201843f393a739446ca67f134e69

Request headers

Referer
https://syndication.exosrv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 14:37:09 GMT
Last-Modified
Fri, 19 Feb 2021 10:47:21 GMT
ETag
"1613731641"
X-HW
1628087829.dop240.fr8.t,1628087829.cds150.fr8.shn,1628087829.dop240.fr8.t,1628087829.cds097.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10652
e11de73fc3e0d1be40fbbcf2e751db1022071ae2.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame B860 		21 KB
22 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e11de73fc3e0d1be40fbbcf2e751db1022071ae2.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595969&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829579&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
55ff0a8a98c0713ff986d128c923b0c2462f1831305bf554d1dac0ba6df966a2

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 04 Aug 2021 14:37:09 GMT
Last-Modified
Thu, 26 Mar 2020 22:21:47 GMT
Access-Control-Allow-Origin
*
ETag
"1585261307"
X-HW
1628087829.dop240.fr8.t,1628087829.cds150.fr8.shn,1628087829.dop240.fr8.t,1628087829.cds097.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-21630/21631
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21631
e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 44BC 		51 KB
51 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595953&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829577&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 04 Aug 2021 14:37:09 GMT
Last-Modified
Thu, 26 Mar 2020 22:21:37 GMT
Access-Control-Allow-Origin
*
ETag
"1585261297"
X-HW
1628087829.dop237.fr8.shc,1628087829.dop237.fr8.t,1628087829.cds285.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-51899/51900
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51900
e11de73fc3e0d1be40fbbcf2e751db1022071ae2.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame CBDA 		21 KB
22 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/348620/e11de73fc3e0d1be40fbbcf2e751db1022071ae2.mp4
Requested by
Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=3595965&type=300x250&p=https%3A//www.hemibio.eu/&dt=1628087829578&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
55ff0a8a98c0713ff986d128c923b0c2462f1831305bf554d1dac0ba6df966a2

Request headers

Referer
https://syndication.exosrv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 04 Aug 2021 14:37:09 GMT
Last-Modified
Thu, 26 Mar 2020 22:21:47 GMT
Access-Control-Allow-Origin
*
ETag
"1585261307"
X-HW
1628087829.dop164.fr8.t,1628087829.cds229.fr8.shn,1628087829.cds229.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-21630/21631
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21631

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdnu.porndoe.com
URL
http://cdnu.porndoe.com/image/movie/crop/0x1080/1/4/3/2/0/2/5/what-the-winner-gets_1595493024_26.jpg

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| OneSignal undefined| ExoLoader object| mgv5zlxPO8X function| $ function| jQuery object| App function| popunder function| ExitIntent function| initCaptcha function| Cookies object| toastr function| Blazy object| Ya object| yaCounter66980197 string| ad_idzone boolean| ad_popup_fallback boolean| ad_popup_force boolean| ad_chrome_enabled boolean| ad_new_tab number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method string| ad_trigger_class boolean| ad_only_inline function| f488 function| Q888 function| n800 function| s488 function| F7ss function| x233 function| M5GG function| C7ss string| e94dfadd0 function| t0xx object| exoJsPop101 string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_tags string| ad_el boolean| ad_t_venor boolean| ad_cookieconsent

6 Cookies

Domain/Path Name / Value
.exosrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22610aa61599edd8.532681821894427470%22%3B%7D
.exosrv.com/ Name: impressions
Value: x%9C%ABV21276%B6%B0%D05%B10%B6057%B6P%B2%8A6%D4143%B20%B00%B70%B2%D4Q2411P%8A%AD%05%00%C3+%09%26
www.hemibio.eu/ Name: pop
Value: 1
.hemibio.eu/ Name: _ym_isad
Value: 2
.hemibio.eu/ Name: _ym_d
Value: 1628087829
.hemibio.eu/ Name: _ym_uid
Value: 1628087829673537972

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exosrv.com
ajax.googleapis.com
cdn.onesignal.com
cdn3.big7.com
cdnu.porndoe.com
i.hemibio.eu
mc.yandex.com
mc.yandex.ru
s3t3d2y7.ackcdn.net
syndication.exosrv.com
www.hemibio.eu
cdnu.porndoe.com
2001:4de0:ac19::1:b:2a
2600:9000:2156:c600:d:ed96:5bc0:93a1
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:3036::6815:359f
2606:4700::6812:e234
2a00:1450:4001:827::200a
2a02:6b8::1:119
95.211.229.246
06b23f398cb686c71fbcac9142602bd817f785ff2ad0ad7a5867b5fffb430170
0896775b8010fa0b83045b7e2b179463609cf756867a9b308d67841c34c9dd22
0d51c38e0663afb51ef316c9966cce5d8fb3c0fec33666297909dc8b5752ebcc
0f9a18cc9f9bce7b4997b4e15bf496361e1186f31b2008d1f56f9da4b5345c96
109e5b9d76a7ed44f272f1138a97b40361867ef707373d229708bbfbab1f2bc9
19a132a20cd8ec9687345a39626130d5e7160f3c22431497de3c07ca9236eb12
1d41397f3e84ba4e5e625d873f48cec07fffb3ef3d1d5615cce00b1d88aa940a
40f6f003f0ef709b5ae675ecda1b25945ee40b8647860da58d2d1d05e3233f0b
469c43394f06232957baddeb9b1a5bd708014808f8f28b189a804eab335ae3ec
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4e43beede6e7883609fb3e5e8d75512c067179ddfa6465dceac390e9b00c1383
4f14c0a629946df71c80ee32a9ce8c47dc05943f185956c934a1c89d69608eae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f1da3dcd8a429a6088eea8192a3e380f993f9fdc103b651b12962c66b4bd65
55ff0a8a98c0713ff986d128c923b0c2462f1831305bf554d1dac0ba6df966a2
58c5607f572ce0276c437460acd5ddf75b6c08acbed418a1d360952a74c8ecaf
58d26156334fcffda4000bc608dea743706df11b03a2f0a0f1f88639ab9ab580
633e13fef0201e69b53b6fdaad1894521ef9ece521ab7c4752bf805ba6c164e0
6356d862909581a879d83241f13c038cc7121a5b3fb51e66aebf0747c2b170c4
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645
66dc19f5644fe6fac24a19fc890e36278d8d2b0d089791a67f7ff0c628a7f7bd
681965ef88d5f2ef1319d704c3a9b40de5bc4d180f1e2d0130b4b16c5935e85c
71f066e442711a491337c98e13fd447e1a2ce3dfb27b6f1a99d3770ee15eb85d
79e93e65df720c48db8b5221ec1d8787d42630b4bb67d0807eb33cff5553e08d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85050ef60e43e38b94a32873c331b8df511e4da3007881f5d6f9ad32a00ea252
8707274df1d56dd139c1dc0c1c82ecc999079fde5acae329109ec0d69ba9ae86
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87adc21d02b97f46d82a01c099357601399850b76e86aa890fd4a910cd53cbed
88cc0149c2a7a3e2166b12436235bed1038b2f461095326f4a5e05b6598f9aee
8d0b46e1c4466b7bcd48e4a48c6529b281b9acb9087d0f85f43fb48e2e3f98c5
8d834bcc04a5bf8b559f1c5119707d8965b35fbfbd8569cc8b5368206c3ad539
9ac4e46712ed8440e95c9203527441a9241cb14c8a212709ad44413eb145de39
9b7d023941b5f55856d891833da97048eebfe5773c29eade86586cbe61314ed5
9e5cb5c621924ca75d56e7212e68987411b3201843f393a739446ca67f134e69
b01f71a120ab1fda08c249c643ec1e32d779707fe6569d8ae1d25b9461cc700f
b32d7dd6d2ac719fca6a18929a184d19a34b919d0360963d672e29a0e2a0d27c
b44503c6ae86ce528a8ab3d029424d71f22c0bd13366c6c266f4a895f16d0f2d
ba06f8ae934bc7ad3406cc27e60aead7c372f1037467fc81aed858061993ccdd
c148cd9db93c32a97496361bb660cf302bf7b964d1f98143eecc22cab9bbd5a6
c457b3fc9e1941cb4fda3d8f42cdc82f7e614b98fa03a05da14aecf78442831e
c5ff68a7e636e6dde8ad573cabfc6ce695042857917c4b69ffb7d3a372b46fa0
c6544d151d18217de3957caf3c6ab8827e3d535844080ad7f990714922d229fc
cfac05747b148b1134669f36c0f4c87fef258e90170e7eab3e86bac73f5c5046
d04b71d91ab800ccc001ce8d01e0b1ded860a815f32dc5203344d9bb075dc4f4
deac2f8e95ee71f242d0a8804591c6101ed35ea9245747967735c8200a536bca
e0fb7694179ef235fa78b14d1d2a800c06a6704659912c228a2c02c2a2df8a90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9656fa70709f85dbfdc1431e5a2dc6420132c3170104c36fa3b52fcf88120e