urlscan.io logo urlscan.io
SecurityTrails logo

hemkit.com Open in urlscan Pro
2606:4700:30::6812:312d  Public Scan

Go To Rescan Add Verdict Report
URL: https://hemkit.com/s.php?t=cool_banking
Submission: On December 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 57 HTTP transactions. The main IP is 2606:4700:30::6812:312d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is hemkit.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 30th 2019. Valid for: a year.
This is the only time hemkit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 198.145.13.13 2044 (IINET-2044)
57 10
34    2606:4700:30::6812:312d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hemkit.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
2    2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.getclicky.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    198.145.13.13 (United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com
in.getclicky.com
Domain Requested by
34 hemkit.com hemkit.com
ajax.cloudflare.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com hemkit.com
3 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
2 cdn.ampproject.org ajax.cloudflare.com
2 static.getclicky.com ajax.cloudflare.com
2 fonts.googleapis.com hemkit.com
1 in.getclicky.com static.getclicky.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ajax.cloudflare.com hemkit.com
57 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-30 -
2020-09-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
ssl468981.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-09 -
2020-06-16		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.getclicky.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-29 -
2020-10-15		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://hemkit.com/s.php?t=cool_banking
Frame ID: 825CC454ADBFD4986EC6A437BF1DC47C
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 65567445961DAB3FA9C2822B25C249D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&adk=1812271804&adf=3025194257&lmt=1577359477&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577371078596&bpp=73&bdt=508&fdt=163&idt=163&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5579965502612&frm=20&pv=2&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=8777272063&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=183
Frame ID: D263AB0A5E06D5C9B199BEA901018B16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=194&slotname=6861648673&adk=47369643&adf=3539623950&w=774&fwrn=4&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x194&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078669&bpp=16&bdt=581&fdt=143&idt=143&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=2760768667644&dssz=26&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=306&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ii0tH5t3pX&p=https%3A//hemkit.com&dtd=149
Frame ID: 100A037819598995B932C919B93CD169
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=100&slotname=9272189594&adk=3989401107&adf=567554676&w=774&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x100&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078685&bpp=6&bdt=597&fdt=139&idt=139&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=11043074670588&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=1829&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmXh4XEZ2i&p=https%3A//hemkit.com&dtd=169
Frame ID: 87A1C72E6A1C11CCA047913CB431CBAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=600&slotname=2660550370&adk=2761606506&adf=111991330&w=233&fwrn=4&fwrnh=100&lmt=1577359477&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=233x600&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1577371078691&bpp=5&bdt=603&fdt=207&idt=208&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194%2C774x100&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=44172298682364&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=706&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bgx5vmvuqa&p=https%3A//hemkit.com&dtd=212
Frame ID: FADF3F79DEDE094E6EE76317BCD4564B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

100 %
HTTPS

90 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

775 kB
Transfer

2541 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s.php
hemkit.com/ 		273 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
c075c4b19038e212cfe17e1f53b122fa1e1c21a4b560cc76d3f9508ce4c646df

Request headers

:method
GET
:authority
hemkit.com
:scheme
https
:path
/s.php?t=cool_banking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 26 Dec 2019 14:37:58 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d5545f7ceaf9d47c79481bef10f88a91d1577371077; expires=Sat, 25-Jan-20 14:37:57 GMT; path=/; domain=.hemkit.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
last-modified
Thu, 26 December 2019 03:24:37 -0800
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
54b3cbb42e0ee007-FRA
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,400,700,500,300,300italic
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e3df303a823ce8fded5f20e712e8d5367c1d74ef7abe4aa44c10d581f5fb8dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Dec 2019 14:37:58 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 26 Dec 2019 14:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 26 Dec 2019 14:37:58 GMT
css
fonts.googleapis.com/ 		2 KB
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Dec 2019 14:37:58 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 26 Dec 2019 14:37:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 26 Dec 2019 14:37:58 GMT
bootstrap.min.css
hemkit.com/assets/plugins/bootstrap/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/bootstrap/css/bootstrap.min.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2015 09:34:20 GMT
server
cloudflare
age
2026562
etag
W/"56542f1c-1d9ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c8ce007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
hemkit.com/assets/plugins/font-awesome/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/font-awesome/css/font-awesome.min.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2015 23:28:44 GMT
server
cloudflare
age
2026562
etag
W/"56524fac-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c8fe007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
et-line.css
hemkit.com/assets/plugins/et-line/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/et-line/et-line.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jan 2014 04:25:08 GMT
server
cloudflare
age
2026562
etag
W/"52e5dfa4-1b8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c91e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.mCustomScrollbar.css
hemkit.com/assets/plugins/scrollbar/ 		42 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/scrollbar/jquery.mCustomScrollbar.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4556959bc328f8e3ed6954a6a117c61d762b7226f2461d4eb95a763fb228f6b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Sep 2015 14:18:12 GMT
server
cloudflare
age
2026562
etag
W/"55f828a4-a79c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c94e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
magnific-popup.css
hemkit.com/assets/plugins/magnific-popup/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/magnific-popup/magnific-popup.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c51eafd98bc3f46e2f924e0c014950463cabd4b7ccdabb4402e3a5aa8de386b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Oct 2015 12:54:56 GMT
server
cloudflare
age
2019210
etag
W/"56151620-1e21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c97e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.css
hemkit.com/assets/css/ 		650 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/css/global.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b6384262df16c5ba7298eeb812eac1a5fbbe14ea99d97b8e4b27aa041a6587

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Jul 2016 10:07:30 GMT
server
cloudflare
age
2026562
etag
W/"5780cce2-a2730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c99e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
dark.css
hemkit.com/assets/css/theme/ 		102 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/css/theme/dark.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30416c8fcf04173499d73b871c699188b32fe4d9dbe660c24438b821fc37744b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2016 10:59:08 GMT
server
cloudflare
age
2026561
etag
W/"56dd5efc-198f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c9be007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
base.css
hemkit.com/assets/css/theme/ 		58 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/css/theme/base.css
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9326376aa94d9aeb5a9f84470252f4e39ba3ea291877ba6c2d01306fe1b8dc89

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2016 10:59:20 GMT
server
cloudflare
age
2026562
etag
W/"56dd5f08-e745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb61c9fe007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
12.jpg
hemkit.com/assets/img/250x250/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/250x250/12.jpg
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c3518ad34560aaa4c696dec1830329f6ba2e3c9cf39fa3c1748a88a0f75ddf

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2026561
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
8543
last-modified
Mon, 23 Nov 2015 12:09:28 GMT
server
cloudflare
etag
"565301f8-215f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb61ca0e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
13.jpg
hemkit.com/assets/img/250x250/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/250x250/13.jpg
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c3518ad34560aaa4c696dec1830329f6ba2e3c9cf39fa3c1748a88a0f75ddf

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2026562
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
8543
last-modified
Mon, 23 Nov 2015 12:09:28 GMT
server
cloudflare
etag
"565301f8-215f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb61ca1e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-default-white.png
hemkit.com/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/logo-default-white.png
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08dde8e167f56aa3015fc03739d49f7ce00b6c76fb3bd48cdc11839cbfc4eb0f

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2026562
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
4732
last-modified
Wed, 10 Feb 2016 04:33:54 GMT
server
cloudflare
etag
"56babdb2-127c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb61ca3e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-default.png
hemkit.com/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/logo-default.png
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8236360d7ad95c36c634e51a467eaf95531e065ad2d40c6691b3c4f5385b431f

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2019210
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
4912
last-modified
Wed, 10 Feb 2016 04:37:58 GMT
server
cloudflare
etag
"56babea6-1330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb61ca4e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
hemkit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
last-modified
Wed, 18 Dec 2019 10:56:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dfa05cc-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
54b3cbb61ca2e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sat, 28 Dec 2019 14:37:58 GMT
22.jpg
hemkit.com/assets/img/1920x1080/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/1920x1080/22.jpg
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae845788c8ddc94020f4a785adda130482a5376f5ed74a535b15b5fc9193f1fa

Request headers

Referer
https://hemkit.com/assets/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2026561
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
73082
last-modified
Mon, 23 Nov 2015 12:23:30 GMT
server
cloudflare
etag
"56530542-11d7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb6be94e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
hemkit.com/assets/plugins/font-awesome/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/assets/plugins/font-awesome/css/font-awesome.min.css
Origin
https://hemkit.com

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2015 23:28:42 GMT
server
cloudflare
age
320
etag
"10440-525297813be80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54b3cbb6beb8e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
66624
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,400,700,500,300,300italic
Origin
https://hemkit.com

Response headers

date
Thu, 21 Nov 2019 23:39:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
2991524
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:39:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,400,700,500,300,300italic
Origin
https://hemkit.com

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
3144734
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
06.jpg
hemkit.com/assets/img/250x250/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hemkit.com/assets/img/250x250/06.jpg
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d13408a31dff970a57563417f04555f634109809fd559974bfcf14fb6bb487

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
cf-cache-status
HIT
age
2026562
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
85621
last-modified
Sun, 21 Aug 2016 03:56:17 GMT
server
cloudflare
etag
"57b92661-14e75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
54b3cbb77988e007-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
last-modified
Wed, 18 Dec 2019 10:56:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dfa05cc-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
54b3cbb7e8a3c2f4-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sat, 28 Dec 2019 14:37:58 GMT
et-line.woff
hemkit.com/assets/plugins/et-line/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/et-line/fonts/et-line.woff
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/assets/plugins/et-line/et-line.css
Origin
https://hemkit.com

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jan 2014 13:09:30 GMT
server
cloudflare
age
320
etag
W/"d7b4-4f0f36b043680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
54b3cbb7fb32e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
tDbK2oqRg1oM3QBjjcaDkOr4nAfcHi6FRUI.woff2
fonts.gstatic.com/s/droidserif/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v10/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHi6FRUI.woff2
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f2ba1ded7e2eb4858034a62ce137b8f27ba4797c89d58a619770e665f40da7b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic
Origin
https://hemkit.com

Response headers

date
Thu, 05 Dec 2019 23:00:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:02 GMT
server
sffe
age
1784222
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10304
x-xss-protection
0
expires
Fri, 04 Dec 2020 23:00:56 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: hemkit.com
URL: https://hemkit.com/s.php?t=cool_banking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,400,700,500,300,300italic
Origin
https://hemkit.com

Response headers

date
Wed, 20 Nov 2019 11:45:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:39 GMT
server
sffe
age
3120724
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12824
x-xss-protection
0
expires
Thu, 19 Nov 2020 11:45:54 GMT
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
384086
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=604800
cf-ray
54b3cbb869556509-FRA
x-proxy-cache
HIT
expires
Thu, 02 Jan 2020 14:37:58 GMT
comment-form.js
hemkit.com/assets/scripts/components/ 		486 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/comment-form.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6c22d9e063316c29d5eb3bef0352e960071697cbdbfc3c5816ce5d8c68581b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2015 15:10:38 GMT
server
cloudflare
age
2026562
etag
W/"5640b76e-1e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82bfbe007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
magnific-popup.js
hemkit.com/assets/scripts/components/ 		2 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/magnific-popup.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e57ac9d7a647eccb370b5eebb4c1c474f76320a2f9bd01a8bf5bbcdcd07c71f

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Jan 2016 13:05:24 GMT
server
cloudflare
age
1262021
etag
W/"56910594-96e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82bfde007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-modal.js
hemkit.com/assets/scripts/components/ 		4 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/form-modal.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
437c6d22e148bbbd63fab4393e43eef61706bf1f991fdb60bcb698e910a94263

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2015 06:10:02 GMT
server
cloudflare
age
1860419
etag
W/"565e8b3a-11a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82bffe007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollbar.js
hemkit.com/assets/scripts/components/ 		448 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/scrollbar.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc645cc70c0c6a464ae7551613e51568bb21045caef04ec860a5e0641d5ff9d

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Sep 2015 04:50:06 GMT
server
cloudflare
age
2026562
etag
W/"55fa467e-1c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c01e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
animsition.js
hemkit.com/assets/scripts/components/ 		1 KB
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/animsition.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfe74fbca12ea48404ace91fce1cf1b128cac7a377788664afa70e8d0aefc49

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2016 15:41:06 GMT
server
cloudflare
age
2026562
etag
W/"56bb5a12-575"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c02e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
header-sticky.js
hemkit.com/assets/scripts/components/ 		917 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/components/header-sticky.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b32b83b1f1745c6ee8dd74b67f4ad63ec18b03e9cd415c8b5170cc944daf67c

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Feb 2016 04:24:46 GMT
server
cloudflare
age
2026562
etag
W/"56ca8d8e-395"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c06e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
hemkit.com/assets/scripts/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/scripts/app.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
361dab4e1867827c41f8a6efe70c8fed8aff74909432b6f754eb4cfe5f0719ff

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Mar 2016 11:45:40 GMT
server
cloudflare
age
2026562
etag
W/"56d6d264-31ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c07e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.validate.min.js
hemkit.com/assets/plugins/validation/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/validation/jquery.validate.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33ae76ab1965771fb50a06f80cf0bfbb0a06059eaf96f004141c651a99c806b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2015 01:25:00 GMT
server
cloudflare
age
2026562
etag
W/"563ff5ec-5267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c08e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.magnific-popup.min.js
hemkit.com/assets/plugins/magnific-popup/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d806251606bc9565f1b81a83bc9aa04cb3ad88fcb2c53cd48cb0b57d1ffcd6e

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Sep 2015 14:13:14 GMT
server
cloudflare
age
2026562
etag
W/"55f8277a-529a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c0be007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.mCustomScrollbar.concat.min.js
hemkit.com/assets/plugins/scrollbar/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/scrollbar/jquery.mCustomScrollbar.concat.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bdf1f8faded2bb35ce46e0833ac249813c92d77acc512dc232539dddfada43

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Sep 2015 14:18:12 GMT
server
cloudflare
age
2026562
etag
W/"55f828a4-9e69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c0ce007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.animsition.min.js
hemkit.com/assets/plugins/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/jquery.animsition.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0119188a95fff0586ebe6a2ffcf863575d8caf6ddfee42c1eed9734931e384a

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2016 15:11:22 GMT
server
cloudflare
age
2026562
etag
W/"56bb531a-15ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c0ee007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.smooth-scroll.js
hemkit.com/assets/plugins/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/jquery.smooth-scroll.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69c8078c64b8de462bdeedfdc5e8ca34cddfa6afbfdec70f6054e323b78a578

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Dec 2015 23:20:10 GMT
server
cloudflare
age
2019210
etag
W/"566b5a2a-52a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c12e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.back-to-top.js
hemkit.com/assets/plugins/ 		1 KB
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/jquery.back-to-top.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ad6e9e9a80fbb419a79d642c8effd87ec34a274acd97a2e6c64b8400d97c14

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Feb 2016 03:44:06 GMT
server
cloudflare
age
2011342
etag
W/"56ca8406-42a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c13e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
hemkit.com/assets/plugins/bootstrap/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/bootstrap/js/bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2015 09:34:22 GMT
server
cloudflare
age
2011342
etag
W/"56542f1e-9004"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c16e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.migrate.min.js
hemkit.com/assets/plugins/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/jquery.migrate.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Sep 2015 14:13:14 GMT
server
cloudflare
age
2026562
etag
W/"55f8277a-1c20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c18e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Dec 2019 14:37:58 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1a14af886721056f5311a1206507986daf72e09f991f0c84098ff947ffb2becb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10161
x-xss-protection
0
server
sffe
date
Thu, 26 Dec 2019 14:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"456a26135e187d86"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2019 14:37:58 GMT
jquery.min.js
hemkit.com/assets/plugins/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hemkit.com/assets/plugins/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:312d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Sep 2015 14:13:14 GMT
server
cloudflare
age
2026561
etag
W/"55f8277a-176da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
54b3cbb82c19e007-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Dec 2019 14:37:58 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1a14af886721056f5311a1206507986daf72e09f991f0c84098ff947ffb2becb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10161
x-xss-protection
0
server
sffe
date
Thu, 26 Dec 2019 14:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"456a26135e187d86"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2019 14:37:58 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hemkit.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hemkit.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
86385
x-xss-protection
0
server
cafe
etag
4513681422076315165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Dec 2019 14:37:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 6556 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://hemkit.com/s.php?t=cool_banking
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/s.php?t=cool_banking

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 19 Dec 2019 17:43:23 GMT
expires
Thu, 02 Jan 2020 17:43:23 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
593675
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame D263 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&adk=1812271804&adf=3025194257&lmt=1577359477&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577371078596&bpp=73&bdt=508&fdt=163&idt=163&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5579965502612&frm=20&pv=2&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=8777272063&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=183
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5837731659277774&output=html&adk=1812271804&adf=3025194257&lmt=1577359477&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577371078596&bpp=73&bdt=508&fdt=163&idt=163&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=5579965502612&frm=20&pv=2&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=8777272063&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=183
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://hemkit.com/s.php?t=cool_banking
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/s.php?t=cool_banking

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 26 Dec 2019 14:37:58 GMT
server
cafe
content-length
306
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Dec-2019 14:52:58 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 26 Dec 2019 14:37:58 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Thu, 26 Dec 2019 14:37:58 GMT
in.php
in.getclicky.com/ 		63 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101228046&type=pageview&href=%2Fs.php%3Ft%3Dcool_banking&title=cool%20banking&res=1600x1200&lang=en&jsuid=283302010&mime=js&x=0.7973967573629037
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.13 , United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:59 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 100A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=194&slotname=6861648673&adk=47369643&adf=3539623950&w=774&fwrn=4&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x194&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078669&bpp=16&bdt=581&fdt=143&idt=143&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=2760768667644&dssz=26&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=306&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ii0tH5t3pX&p=https%3A//hemkit.com&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5837731659277774&output=html&h=194&slotname=6861648673&adk=47369643&adf=3539623950&w=774&fwrn=4&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x194&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078669&bpp=16&bdt=581&fdt=143&idt=143&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=2760768667644&dssz=26&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=306&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ii0tH5t3pX&p=https%3A//hemkit.com&dtd=149
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://hemkit.com/s.php?t=cool_banking
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/s.php?t=cool_banking

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 26 Dec 2019 14:37:58 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Dec-2019 14:52:58 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 26 Dec 2019 14:37:58 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 87A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=100&slotname=9272189594&adk=3989401107&adf=567554676&w=774&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x100&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078685&bpp=6&bdt=597&fdt=139&idt=139&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=11043074670588&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=1829&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmXh4XEZ2i&p=https%3A//hemkit.com&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5837731659277774&output=html&h=100&slotname=9272189594&adk=3989401107&adf=567554676&w=774&lmt=1577359477&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=774x100&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&wgl=1&adsid=NT&dt=1577371078685&bpp=6&bdt=597&fdt=139&idt=139&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=11043074670588&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=248&ady=1829&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmXh4XEZ2i&p=https%3A//hemkit.com&dtd=169
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://hemkit.com/s.php?t=cool_banking
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/s.php?t=cool_banking

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 26 Dec 2019 14:37:58 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Dec-2019 14:52:58 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 26 Dec 2019 14:37:58 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FADF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5837731659277774&output=html&h=600&slotname=2660550370&adk=2761606506&adf=111991330&w=233&fwrn=4&fwrnh=100&lmt=1577359477&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=233x600&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1577371078691&bpp=5&bdt=603&fdt=207&idt=208&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194%2C774x100&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=44172298682364&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=706&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bgx5vmvuqa&p=https%3A//hemkit.com&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5837731659277774&output=html&h=600&slotname=2660550370&adk=2761606506&adf=111991330&w=233&fwrn=4&fwrnh=100&lmt=1577359477&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=233x600&url=https%3A%2F%2Fhemkit.com%2Fs.php%3Ft%3Dcool_banking&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1577371078691&bpp=5&bdt=603&fdt=207&idt=208&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C774x194%2C774x100&nras=1&correlator=5579965502612&frm=20&pv=1&ga_vid=1058854230.1577371079&ga_sid=1577371079&ga_hid=268569604&ga_fc=0&iag=0&icsg=44172298682364&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1115&ady=706&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=240197794062241&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bgx5vmvuqa&p=https%3A//hemkit.com&dtd=212
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://hemkit.com/s.php?t=cool_banking
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://hemkit.com/s.php?t=cool_banking

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 26 Dec 2019 14:37:59 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
IDE=AHWqTUkfSuAckIcrvVdw6-JWIIG9ZGwi_KmUKDnrn-iNxBWd_k97Isi_hq2Kstp9; expires=Tue, 19-Jan-2021 14:37:58 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 26 Dec 2019 14:37:59 GMT
cache-control
private
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b

Request headers

Referer
https://hemkit.com/s.php?t=cool_banking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Dec 2019 14:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
384086
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=604800
cf-ray
54b3cbbb7cb56509-FRA
x-proxy-cache
HIT
expires
Thu, 02 Jan 2020 14:37:58 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR object| adsbygoogle object| AMP function| $ function| jQuery object| clicky_site_ids object| clicky_obj object| clicky object| clicky_custom object| _genericStats object| _genericStatsCustom object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| jQuery111303502878234695015 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| SmoothScroll boolean| mCustomScrollbar function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| App object| HeaderSticky object| Animsition object| Scrollbar object| FormModal object| MagnificPopup boolean| __cfRLUnblockHandlers

1 Cookies

Domain/Path Name / Value
.hemkit.com/ Name: __cfduid
Value: d5545f7ceaf9d47c79481bef10f88a91d1577371077

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hemkit.com
in.getclicky.com
pagead2.googlesyndication.com
static.getclicky.com
www.googletagservices.com
198.145.13.13
2606:4700:30::6812:312d
2606:4700::6810:a010
2606:4700::6811:4004
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08dde8e167f56aa3015fc03739d49f7ce00b6c76fb3bd48cdc11839cbfc4eb0f
09b6384262df16c5ba7298eeb812eac1a5fbbe14ea99d97b8e4b27aa041a6587
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
1a14af886721056f5311a1206507986daf72e09f991f0c84098ff947ffb2becb
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2f6c22d9e063316c29d5eb3bef0352e960071697cbdbfc3c5816ce5d8c68581b
30416c8fcf04173499d73b871c699188b32fe4d9dbe660c24438b821fc37744b
361dab4e1867827c41f8a6efe70c8fed8aff74909432b6f754eb4cfe5f0719ff
41c3518ad34560aaa4c696dec1830329f6ba2e3c9cf39fa3c1748a88a0f75ddf
437c6d22e148bbbd63fab4393e43eef61706bf1f991fdb60bcb698e910a94263
4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
52d13408a31dff970a57563417f04555f634109809fd559974bfcf14fb6bb487
5b32b83b1f1745c6ee8dd74b67f4ad63ec18b03e9cd415c8b5170cc944daf67c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
6fc645cc70c0c6a464ae7551613e51568bb21045caef04ec860a5e0641d5ff9d
711ef32c301e5348481682e2a9618215f6964bf1a5c1dec268a10ef39c50793f
7bfe74fbca12ea48404ace91fce1cf1b128cac7a377788664afa70e8d0aefc49
7c51eafd98bc3f46e2f924e0c014950463cabd4b7ccdabb4402e3a5aa8de386b
7e57ac9d7a647eccb370b5eebb4c1c474f76320a2f9bd01a8bf5bbcdcd07c71f
8236360d7ad95c36c634e51a467eaf95531e065ad2d40c6691b3c4f5385b431f
8d806251606bc9565f1b81a83bc9aa04cb3ad88fcb2c53cd48cb0b57d1ffcd6e
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9326376aa94d9aeb5a9f84470252f4e39ba3ea291877ba6c2d01306fe1b8dc89
ae845788c8ddc94020f4a785adda130482a5376f5ed74a535b15b5fc9193f1fa
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b4556959bc328f8e3ed6954a6a117c61d762b7226f2461d4eb95a763fb228f6b
c075c4b19038e212cfe17e1f53b122fa1e1c21a4b560cc76d3f9508ce4c646df
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c69c8078c64b8de462bdeedfdc5e8ca34cddfa6afbfdec70f6054e323b78a578
d1ad6e9e9a80fbb419a79d642c8effd87ec34a274acd97a2e6c64b8400d97c14
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3bdf1f8faded2bb35ce46e0833ac249813c92d77acc512dc232539dddfada43
e3df303a823ce8fded5f20e712e8d5367c1d74ef7abe4aa44c10d581f5fb8dcb
eaf0fdaf39995776ab355a621c66e0ba2da52f8f3a55b1b859eeb8eab2ca644b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f0119188a95fff0586ebe6a2ffcf863575d8caf6ddfee42c1eed9734931e384a
f2ba1ded7e2eb4858034a62ce137b8f27ba4797c89d58a619770e665f40da7b9
f33ae76ab1965771fb50a06f80cf0bfbb0a06059eaf96f004141c651a99c806b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995