URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Submission: On June 24 via api from CH

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 51 HTTP transactions. The main IP is 31.130.206.23, located in Minsk, Belarus and belongs to DATAHATA-AS, BY. The main domain is minsk-krovlya.by.
This is the only time minsk-krovlya.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 31.130.206.23 56740 (DATAHATA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 46.101.140.170 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 2a00:1450:400... 15169 (GOOGLE)
8 95.163.114.203 12695 (DINET-AS)
2 9 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
6 5.9.154.76 24940 (HETZNER-AS)
1 78.24.221.88 29182 (THEFIRST-AS)
1 1 88.212.201.210 39134 (UNITEDNET)
51 10
Domain Requested by
18 minsk-krovlya.by minsk-krovlya.by
9 mc.yandex.ru 2 redirects minsk-krovlya.by
mc.yandex.ru
8 w.uptolike.com minsk-krovlya.by
w.uptolike.com
6 fonts.gstatic.com minsk-krovlya.by
4 sonar.semantiqo.com w.uptolike.com
sonar.semantiqo.com
2 cdn3.caltat.com sonar.semantiqo.com
2 www.google-analytics.com minsk-krovlya.by
1 counter.yadro.ru 1 redirects
1 utl-utils.ru w.uptolike.com
1 code.jquery.com minsk-krovlya.by
1 api.callbacky.by minsk-krovlya.by
1 fonts.googleapis.com minsk-krovlya.by
51 12

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
plus.google.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
api.callbacky.by
Let's Encrypt Authority X3
2020-05-22 -
2020-08-20
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
sonar.semantiqo.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-12 -
2021-11-11
2 years crt.sh

This page contains 5 frames:

Primary Page: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Frame ID: B4D28E9D2183F38DDA1D21CC9439E9C7
Requests: 47 HTTP requests in this frame

Frame: http://w.uptolike.com/widgets/v1/share-counter.html?77067b93bc6214cddd2d7375412c98fe
Frame ID: 44A188576EF74984318BCDD0E43958A4
Requests: 1 HTTP requests in this frame

Frame: http://w.uptolike.com/widgets/v1/impression.html?77067b93bc6214cddd2d7375412c98fe
Frame ID: 63805CE5732BB724DC3079314DDD9211
Requests: 1 HTTP requests in this frame

Frame: http://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 7851F2203BFD67C10637435793223DCF
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: B39CCF7B225397C3624FCB7FD9302CDF
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

51
Requests

41 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

10
IPs

4
Countries

667 kB
Transfer

1341 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.ru/watch/39480315?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115227%3Aet%3A1592992347%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A954565229292%3Arqn%3A1%3Arn%3A459606926%3Ahid%3A252652402%3Ads%3A61%2C13%2C133%2C1%2C0%2C0%2C0%2C370%2C18%2C%2C%2C%2C581%3Afp%3A487%3Awn%3A32072%3Ahl%3A2%3Agdpr%3A14%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992347%3Au%3A1592992347546835871 HTTP 302
  • https://mc.yandex.ru/watch/39480315/1?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115227%3Aet%3A1592992347%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A954565229292%3Arqn%3A1%3Arn%3A459606926%3Ahid%3A252652402%3Ads%3A61%2C13%2C133%2C1%2C0%2C0%2C0%2C370%2C18%2C%2C%2C%2C581%3Afp%3A487%3Awn%3A32072%3Ahl%3A2%3Agdpr%3A14%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992347%3Au%3A1592992347546835871
Request Chain 38
  • http://mc.yandex.ru/metrika/watch.js HTTP 307
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 43
  • http://sonar.semantiqo.com/i/ HTTP 307
  • https://sonar.semantiqo.com/i/
Request Chain 46
  • http://sonar.semantiqo.com/c82up/analize.js HTTP 307
  • https://sonar.semantiqo.com/c82up/analize.js
Request Chain 47
  • http://counter.yadro.ru/id127/reff-id.gif?sid=8513dd0ef4b444ae81fbd6f7f9693588 HTTP 302
  • http://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588 HTTP 307
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588
Request Chain 48
  • https://mc.yandex.ru/watch/39480315?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115242%3Aet%3A1592992362%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A181%3Als%3A954565229292%3Arqn%3A2%3Arn%3A819240326%3Ahid%3A252652402%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1024%2C1024%2C6%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992362%3Au%3A1592992347546835871 HTTP 302
  • https://mc.yandex.ru/watch/39480315/1?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115242%3Aet%3A1592992362%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A181%3Als%3A954565229292%3Arqn%3A2%3Arn%3A819240326%3Ahid%3A252652402%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1024%2C1024%2C6%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992362%3Au%3A1592992347546835871

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set c2bPidys7v.zip
minsk-krovlya.by/gamgo/
13 KB
5 KB
Document
General
Full URL
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache / PHP/5.5.38
Resource Hash
c1bb94b35c138ade6892220375fdcbd7aa5f14cfe0e4bfd7c807ecbfd0ba6b72

Request headers

Host
minsk-krovlya.by
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Server
Apache
X-Powered-By
PHP/5.5.38
P3P
CP="NOI NID ADMa OUR IND UNI COM NAV"
Cache-Control
private, must-revalidate
Set-Cookie
SN5767a9bfda4a1=us9bbqnime8gn2kvhmv1vt2dd0; path=/ SN5767a9bfda4a1=us9bbqnime8gn2kvhmv1vt2dd0; path=/; httponly
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
4304
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fd6986a84a7e7b22b06375e6817590d85d7aec3a86231d821c3afa0a20c37b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Jun 2020 09:52:26 GMT
server
ESF
date
Wed, 24 Jun 2020 09:52:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jun 2020 09:52:26 GMT
bootstrap.css
minsk-krovlya.by/assets/templates/custom/webcity/css/
149 KB
21 KB
Stylesheet
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/css/bootstrap.css
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
03fd71b5486c03a9739d7f60d903b94611cf7abe4a70dd044d5be7f7a9f7cba8

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
21545
Expires
Fri, 24 Jul 2020 09:52:26 GMT
jquery.fancybox.css
minsk-krovlya.by/assets/templates/custom/webcity/css/
5 KB
2 KB
Stylesheet
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/css/jquery.fancybox.css
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
f683df772ef1e993bf15108ed1e11611a8edaca2bc9c632953dee2f2d9954071

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1430
Expires
Fri, 24 Jul 2020 09:52:26 GMT
flexslider.css
minsk-krovlya.by/assets/templates/custom/webcity/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/css/flexslider.css
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
928b419c0d8e8091d955521ec2eda854d35ac9523b2235a73fedd048f35307e9

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Apr 2017 14:55:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1568
Expires
Fri, 24 Jul 2020 09:52:26 GMT
styles.css
minsk-krovlya.by/assets/templates/custom/webcity/css/
25 KB
5 KB
Stylesheet
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/css/styles.css
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
7299e3da2392b896cdeee0d85638a9b71559f52e30de2ccb511e5354ad2ccc48

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Apr 2017 07:39:38 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5020
Expires
Fri, 24 Jul 2020 09:52:26 GMT
logo_krovla.png
minsk-krovlya.by/assets/images/logos/
15 KB
16 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/images/logos/logo_krovla.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
c815588c9fc3f701ac558faa5e95a17f292ac70d54170c3b5f3b6599c3e3f6f7

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Mon, 11 Jul 2016 06:15:00 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
15757
Expires
Fri, 24 Jul 2020 09:52:26 GMT
vk.png
minsk-krovlya.by/
3 KB
4 KB
Image
General
Full URL
http://minsk-krovlya.by/vk.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
a7ef87d56aa2e80ebf1efebec35011eebab31c5e1542351b74c5edc0f5a93966

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Wed, 02 Nov 2016 14:30:49 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3318
Expires
Fri, 24 Jul 2020 09:52:26 GMT
facebook.png
minsk-krovlya.by/
3 KB
3 KB
Image
General
Full URL
http://minsk-krovlya.by/facebook.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
8f3f1141f070aa2741663802fc2cc30d2bbc9e010de37dd48429885e41689b01

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Wed, 02 Nov 2016 14:30:49 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2568
Expires
Fri, 24 Jul 2020 09:52:26 GMT
google+.png
minsk-krovlya.by/
3 KB
4 KB
Image
General
Full URL
http://minsk-krovlya.by/google+.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
9733b98cfc0cce401cfeb601dfae304482cadf8ef5fe912ee2d3d90900d7ef99

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Wed, 02 Nov 2016 14:30:49 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3543
Expires
Fri, 24 Jul 2020 09:52:26 GMT
logo_krovla_fot.png
minsk-krovlya.by/assets/images/logos/
11 KB
12 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/images/logos/logo_krovla_fot.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
4e04aad0fc940941e4a7b576649397c90e9df9256564a2df1d9d0a61d11e4614

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Mon, 11 Jul 2016 09:27:00 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11729
Expires
Fri, 24 Jul 2020 09:52:26 GMT
code
api.callbacky.by/simple/
0
484 B
Script
General
Full URL
https://api.callbacky.by/simple/code?domain=minsk-krovlya.by
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.101.140.170 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
api.callbacky.by
Software
nginx / ToroPHP/GoDB
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:38 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
ToroPHP/GoDB
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-2.2.2.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
http://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2016 17:52:17 GMT
Server
nginx
ETag
"56eaeed1-14e98"
Vary
Accept-Encoding
X-HW
1592992346.dop147.fr8.t,1592992346.cds009.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29880
bootstrap.js
minsk-krovlya.by/assets/templates/custom/webcity/js/
67 KB
14 KB
Script
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/js/bootstrap.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14144
Expires
Fri, 24 Jul 2020 09:52:26 GMT
jquery.fancybox.pack.js
minsk-krovlya.by/assets/templates/custom/webcity/js/
23 KB
9 KB
Script
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/js/jquery.fancybox.pack.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8634
Expires
Fri, 24 Jul 2020 09:52:26 GMT
jquery.flexslider-min.js
minsk-krovlya.by/assets/templates/custom/webcity/js/
22 KB
7 KB
Script
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/js/jquery.flexslider-min.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Apr 2017 14:55:14 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6423
Expires
Fri, 24 Jul 2020 09:52:26 GMT
functions.js
minsk-krovlya.by/assets/templates/custom/webcity/js/
10 KB
2 KB
Script
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/js/functions.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
72c9865a5feef043750de5284828ea47faca94d614e4c8b927de86fbd20bc60d

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Apr 2017 14:56:22 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1801
Expires
Fri, 24 Jul 2020 09:52:26 GMT
phone-ico.png
minsk-krovlya.by/assets/templates/custom/webcity/img/
1 KB
1 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/img/phone-ico.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
c6b0700d8349fe1e9563f1c52542af0f8ce28ebd83d69e7c9b1400ae52392e29

Request headers

Referer
http://minsk-krovlya.by/assets/templates/custom/webcity/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1209
Expires
Fri, 24 Jul 2020 09:52:26 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1111742
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1011563
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 12 Jun 2021 16:53:03 GMT
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Wed, 10 Jun 2020 18:13:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:48 GMT
server
sffe
age
1179546
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5608
x-xss-protection
0
expires
Thu, 10 Jun 2021 18:13:20 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Thu, 11 Jun 2020 20:40:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
1084320
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Fri, 11 Jun 2021 20:40:26 GMT
mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Thu, 11 Jun 2020 12:59:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:04 GMT
server
sffe
age
1111976
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Fri, 11 Jun 2021 12:59:30 GMT
uptolike.js
w.uptolike.com/widgets/v1/
21 KB
9 KB
Script
General
Full URL
http://w.uptolike.com/widgets/v1/uptolike.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f35ed4a80d12c9fb20f2bd61885150f1d84554324ece2a00d2fc7828c65b37a9

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Wed, 24 Jun 2020 10:22:26 GMT
watch.js
mc.yandex.ru/metrika/
137 KB
41 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8e5dc5c8bfc5ecb0695f59edadc0ec80039556c1871ccc120cd2518aa61bfe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Encoding
br
Last-Modified
Tue, 16 Jun 2020 08:26:08 GMT
Server
nginx/1.14.2
ETag
"5ee88220-a0db"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
41179
Expires
Wed, 24 Jun 2020 10:52:27 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4368
date
Wed, 24 Jun 2020 08:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 24 Jun 2020 10:39:38 GMT
foto18.png
minsk-krovlya.by/assets/templates/custom/webcity/img/
295 KB
295 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/img/foto18.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
33a2cf795f66ad205a7848a0f497bc22ca9934003c58ef4f23f31c4fc67df14a

Request headers

Referer
http://minsk-krovlya.by/assets/templates/custom/webcity/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Mon, 10 Apr 2017 08:24:47 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
302050
Expires
Fri, 24 Jul 2020 09:52:26 GMT
phone-foot-ico.png
minsk-krovlya.by/assets/templates/custom/webcity/img/
1 KB
2 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/img/phone-foot-ico.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
4b75071cc201f1bae4f6cbc5c0b6c3a0b01ba04bc19e7a5c10d86aac24fbeaa6

Request headers

Referer
http://minsk-krovlya.by/assets/templates/custom/webcity/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1372
Expires
Fri, 24 Jul 2020 09:52:26 GMT
mail-foot-ico.png
minsk-krovlya.by/assets/templates/custom/webcity/img/
1 KB
1 KB
Image
General
Full URL
http://minsk-krovlya.by/assets/templates/custom/webcity/img/mail-foot-ico.png
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
31.130.206.23 Minsk, Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x09.login.by
Software
Apache /
Resource Hash
702a385d9ecfee455128d962ef63f499af0caf968ab4f064674466baad42fc0d

Request headers

Referer
http://minsk-krovlya.by/assets/templates/custom/webcity/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:26 GMT
Last-Modified
Thu, 07 Jul 2016 10:38:00 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1186
Expires
Fri, 24 Jul 2020 09:52:26 GMT
mem5YaGs126MiZpBA-UN_r8OVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OVuhpKKSTj5PW.woff2
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67eb785a2a8ba50388be15f88d34507786441641ac3ff36dbbef6c1f08981626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic&subset=latin,cyrillic-ext
Origin
http://minsk-krovlya.by

Response headers

date
Thu, 11 Jun 2020 20:41:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:45 GMT
server
sffe
age
1084245
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5552
x-xss-protection
0
expires
Fri, 11 Jun 2021 20:41:41 GMT
collect
www.google-analytics.com/r/
35 B
196 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1454486640&t=pageview&_s=1&dl=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1519449738&gjid=642990933&cid=701567449.1592992347&tid=UA-83790641-1&_gid=1194789211.1592992347&_r=1&z=1956380159
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jun 2020 09:52:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
version.js
w.uptolike.com/widgets/v1/
70 B
799 B
Script
General
Full URL
http://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1592992347061242
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2a359235c43a8c2f7fcd5943594c68ce7a5c5b147d4a8be833d738e53d667d27

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Thu, 12 Dec 2019 09:17:59 GMT
widgetsModule.js
w.uptolike.com/widgets/v1/
171 KB
42 KB
Script
General
Full URL
http://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
fb7b1f0cb8558f3bbdeae4c37d17566745b92c3ab1601a34989cd3ac4e52393d

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 24 Jun 2020 10:22:27 GMT
1
mc.yandex.ru/watch/39480315/
Redirect Chain
  • https://mc.yandex.ru/watch/39480315?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl...
  • https://mc.yandex.ru/watch/39480315/1?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ah...
171 B
722 B
XHR
General
Full URL
https://mc.yandex.ru/watch/39480315/1?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115227%3Aet%3A1592992347%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A954565229292%3Arqn%3A1%3Arn%3A459606926%3Ahid%3A252652402%3Ads%3A61%2C13%2C133%2C1%2C0%2C0%2C0%2C370%2C18%2C%2C%2C%2C581%3Afp%3A487%3Awn%3A32072%3Ahl%3A2%3Agdpr%3A14%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992347%3Au%3A1592992347546835871
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4003f7bec623ad52d480a81c139898c101488240f91495504ae384c5c4b02d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24-Jun-2020 09:52:27 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://minsk-krovlya.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:27 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:27 GMT
Last-Modified
Wed, 24-Jun-2020 09:52:27 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://minsk-krovlya.by
Strict-Transport-Security
max-age=31536000
Location
/watch/39480315/1?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115227%3Aet%3A1592992347%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A954565229292%3Arqn%3A1%3Arn%3A459606926%3Ahid%3A252652402%3Ads%3A61%2C13%2C133%2C1%2C0%2C0%2C0%2C370%2C18%2C%2C%2C%2C581%3Afp%3A487%3Awn%3A32072%3Ahl%3A2%3Agdpr%3A14%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992347%3Au%3A1592992347546835871
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:27 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 24 Jun 2020 10:52:27 GMT
share-counter.html
w.uptolike.com/widgets/v1/ Frame 44A1
0
0
Document
General
Full URL
http://w.uptolike.com/widgets/v1/share-counter.html?77067b93bc6214cddd2d7375412c98fe
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
w.uptolike.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
utl_id2=16018296524; utl_dat="CO/m+K2uLhAAIO+3w7auLijvt8O2ri4wAIE0GBQFTALnKUgPt1+3bPQ="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip

Response headers

Server
nginx
Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Wed, 24 Jun 2020 10:22:27 GMT
Content-Encoding
gzip
impression.html
w.uptolike.com/widgets/v1/ Frame 6380
0
0
Document
General
Full URL
http://w.uptolike.com/widgets/v1/impression.html?77067b93bc6214cddd2d7375412c98fe
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
w.uptolike.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
utl_id2=16018296524; utl_dat="CO/m+K2uLhAAIO+3w7auLijvt8O2ri4wAIE0GBQFTALnKUgPt1+3bPQ="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip

Response headers

Server
nginx
Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Wed, 24 Jun 2020 10:22:27 GMT
Content-Encoding
gzip
icomoon.woff
w.uptolike.com/static/buttons/fonts/
9 KB
9 KB
Font
General
Full URL
http://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by
Host: minsk-krovlya.by
URL: http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://minsk-krovlya.by/
Origin
http://minsk-krovlya.by

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Last-Modified
Wed, 16 Aug 2017 14:30:13 GMT
Server
nginx
ETag
"599456f5-23b8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9144
Expires
Wed, 24 Jun 2020 10:13:48 GMT
extra.js
w.uptolike.com/widgets/v1/
4 KB
3 KB
Script
General
Full URL
http://w.uptolike.com/widgets/v1/extra.js?rnd=0.7971293639102557
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cc7f992f8f355e85cbb95f852184db23bae0e3e2855b46ab163fb9c32a10b834

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Thu, 12 Dec 2019 09:17:59 GMT
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
137 KB
41 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8e5dc5c8bfc5ecb0695f59edadc0ec80039556c1871ccc120cd2518aa61bfe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Content-Encoding
br
Last-Modified
Tue, 16 Jun 2020 08:26:08 GMT
Server
nginx/1.14.2
ETag
"5ee88220-a0db"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
41179
Expires
Wed, 24 Jun 2020 10:52:27 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Non-Authoritative-Reason
HSTS
checking.js
sonar.semantiqo.com/c82up/
20 KB
20 KB
Script
General
Full URL
https://sonar.semantiqo.com/c82up/checking.js
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/extra.js?rnd=0.7971293639102557
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
d8e2fa41dda321056ce59ea5c5aacce8d7bb0cbe3ec85288b44c07a5f18b85d6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 09:52:27 GMT
mode
no-cors
last-modified
Mon, 15 Jun 2020 17:23:06 GMT
server
nginx/1.16.1
status
200
etag
"5ee7ae7a-4fff"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
20479
/
utl-utils.ru/check/
1 B
323 B
Script
General
Full URL
http://utl-utils.ru/check/
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/extra.js?rnd=0.7971293639102557
Protocol
HTTP/1.1
Server
78.24.221.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta15.ru
Software
nginx/1.13.12 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:27 GMT
Last-Modified
Wednesday, 24-Jun-2020 09:52:27 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
1
23414332
mc.yandex.ru/watch/
152 B
703 B
XHR
General
Full URL
https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115227%3Aet%3A1592992348%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A442620265452%3Arqn%3A1%3Arn%3A606281133%3Ahid%3A252652402%3Ads%3A61%2C13%2C133%2C1%2C0%2C0%2C0%2C370%2C18%2C1024%2C1024%2C6%2C581%3Afp%3A487%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992348%3Au%3A1592992347546835871
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
13837b7c224121d64bf711615f7e9dac9cdd5796240258c43e5e6f300cfba528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24-Jun-2020 09:52:27 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://minsk-krovlya.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:27 GMT
support.html
w.uptolike.com/widgets/v1/zp/ Frame 7851
0
0
Document
General
Full URL
http://w.uptolike.com/widgets/v1/zp/support.html
Requested by
Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/widgetsModule.js?v=77067b93bc6214cddd2d7375412c98fe
Protocol
HTTP/1.1
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
w.uptolike.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
utl_id2=16018296524; utl_dat="CO/m+K2uLhAAIO+3w7auLijvt8O2ri4wAIE0GBQFTALnKUgPt1+3bPQ="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip

Response headers

Server
nginx
Date
Wed, 24 Jun 2020 09:52:28 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Wed, 24 Jun 2020 10:22:28 GMT
Content-Encoding
gzip
/
sonar.semantiqo.com/i/ Frame B39C
Redirect Chain
  • http://sonar.semantiqo.com/i/
  • https://sonar.semantiqo.com/i/
0
0
Document
General
Full URL
https://sonar.semantiqo.com/i/
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
sonar.semantiqo.com
:scheme
https
:path
/i/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip

Response headers

status
200
server
nginx/1.16.1
date
Wed, 24 Jun 2020 09:52:28 GMT
content-type
text/html
last-modified
Tue, 10 Mar 2020 08:47:01 GMT
etag
W/"5e675405-a6"
content-encoding
gzip
strict-transport-security
max-age=15768000
mode
no-cors
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control
no-cache

Redirect headers

Location
https://sonar.semantiqo.com/i/#http://minsk-krovlya.by
Non-Authoritative-Reason
HSTS
sls_new.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/
0
245 B
Script
General
Full URL
http://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js
Protocol
HTTP/1.1
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:28 GMT
mode
no-cors
Server
nginx/1.16.1
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
ces.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/
0
275 B
Script
General
Full URL
http://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=8513dd0ef4b444ae81fbd6f7f9693588
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c82up/checking.js
Protocol
HTTP/1.1
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Jun 2020 09:52:28 GMT
mode
no-cors
Referrer-Policy
no-referrer
Server
nginx/1.16.1
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
analize.js
sonar.semantiqo.com/c82up/
Redirect Chain
  • http://sonar.semantiqo.com/c82up/analize.js
  • https://sonar.semantiqo.com/c82up/analize.js
0
0
Fetch
General
Full URL
https://sonar.semantiqo.com/c82up/analize.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://minsk-krovlya.by/no-referrer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 09:52:28 GMT
content-encoding
gzip
status
200
server
nginx/1.16.1
mode
no-cors
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/c82up/analize.js
Non-Authoritative-Reason
HSTS
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://minsk-krovlya.by
data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain
  • http://counter.yadro.ru/id127/reff-id.gif?sid=8513dd0ef4b444ae81fbd6f7f9693588
  • http://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588
0
387 B
Image
General
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.154.9.5.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Jun 2020 09:52:28 GMT
content-encoding
gzip
status
200
server
nginx/1.16.1
mode
no-cors
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=8513dd0ef4b444ae81fbd6f7f9693588
Non-Authoritative-Reason
HSTS
1
mc.yandex.ru/watch/39480315/
Redirect Chain
  • https://mc.yandex.ru/watch/39480315?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x120...
  • https://mc.yandex.ru/watch/39480315/1?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1...
43 B
444 B
Other
General
Full URL
https://mc.yandex.ru/watch/39480315/1?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115242%3Aet%3A1592992362%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A181%3Als%3A954565229292%3Arqn%3A2%3Arn%3A819240326%3Ahid%3A252652402%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1024%2C1024%2C6%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992362%3Au%3A1592992347546835871
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:42 GMT
Last-Modified
Wed, 24-Jun-2020 09:52:42 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:42 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:42 GMT
Last-Modified
Wed, 24-Jun-2020 09:52:42 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://minsk-krovlya.by
Strict-Transport-Security
max-age=31536000
Location
/watch/39480315/1?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115242%3Aet%3A1592992362%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A181%3Als%3A954565229292%3Arqn%3A2%3Arn%3A819240326%3Ahid%3A252652402%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1024%2C1024%2C6%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992362%3Au%3A1592992347546835871
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:42 GMT
23414332
mc.yandex.ru/watch/
43 B
538 B
Other
General
Full URL
https://mc.yandex.ru/watch/23414332?page-url=http%3A%2F%2Fminsk-krovlya.by%2Fgamgo%2Fc2bPidys7v.zip&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1592992346410%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200624115242%3Aet%3A1592992363%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A313%3Als%3A442620265452%3Arqn%3A2%3Arn%3A573881570%3Ahid%3A252652402%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1882%3Arqnl%3A1%3Ast%3A1592992363%3Au%3A1592992347546835871
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://minsk-krovlya.by/gamgo/c2bPidys7v.zip
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jun 2020 09:52:42 GMT
Last-Modified
Wed, 24-Jun-2020 09:52:42 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://minsk-krovlya.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 24-Jun-2020 09:52:42 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| __utlWdgt string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| validate function| empty function| is_int function| sortPagetitleDESC function| sortPagetitleASC function| sortPriceDESC function| sortPriceASC object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __utl object| punycode object| ___utl_cnf_version_cb_w.uptolike.com boolean| ___utl_cnf_version_req_w.uptolike.com string| ___utl_cnf_version_w.uptolike.com object| cb__utl_cb_share_1592992347061242 boolean| __utl_initialized_w.uptolike.com object| Ya object| yaCounter39480315 number| __utl_sequence_generator object| __uptolike_widgets_settings___utl-buttons-1 string| __utl_vp_id boolean| __utl_retransmitted boolean| __utl_global_click_registered boolean| __utl_global_key_registered object| __utl_shared object| __utl_imp_instance object| M boolean| __utl_selection_tracker_installed boolean| __utl_imp_flag_1589944 boolean| utl_ext_req_w.uptolike.com boolean| __utl_zp_clk_inst boolean| __utl__ext__counters boolean| utl_wmdetect object| yaCounter23414332 object| a0_0x7462 function| a0_0x31d0

10 Cookies

Domain/Path Name / Value
.w.uptolike.com/ Name: utl_dat
Value: "CO/m+K2uLhAAIO+3w7auLijvt8O2ri4wAIE0GBQFTALnKUgPt1+3bPQ="
.w.uptolike.com/ Name: utl_id2
Value: 16018296524
.minsk-krovlya.by/ Name: _ym_visorc_39480315
Value: w
.minsk-krovlya.by/ Name: _ym_d
Value: 1592992347
minsk-krovlya.by/ Name: SN5767a9bfda4a1
Value: us9bbqnime8gn2kvhmv1vt2dd0
.minsk-krovlya.by/ Name: _gid
Value: GA1.2.1194789211.1592992347
.minsk-krovlya.by/ Name: _ym_uid
Value: 1592992347546835871
.minsk-krovlya.by/ Name: _ym_isad
Value: 2
.minsk-krovlya.by/ Name: _gat
Value: 1
.minsk-krovlya.by/ Name: _ga
Value: GA1.2.701567449.1592992347

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.callbacky.by
cdn3.caltat.com
code.jquery.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
minsk-krovlya.by
sonar.semantiqo.com
utl-utils.ru
w.uptolike.com
www.google-analytics.com
2001:4de0:ac19::1:b:1a
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:821::2003
2a02:6b8::1:119
31.130.206.23
46.101.140.170
5.9.154.76
78.24.221.88
88.212.201.210
95.163.114.203
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03fd71b5486c03a9739d7f60d903b94611cf7abe4a70dd044d5be7f7a9f7cba8
13837b7c224121d64bf711615f7e9dac9cdd5796240258c43e5e6f300cfba528
2a359235c43a8c2f7fcd5943594c68ce7a5c5b147d4a8be833d738e53d667d27
33a2cf795f66ad205a7848a0f497bc22ca9934003c58ef4f23f31c4fc67df14a
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
3fd6986a84a7e7b22b06375e6817590d85d7aec3a86231d821c3afa0a20c37b6
4003f7bec623ad52d480a81c139898c101488240f91495504ae384c5c4b02d37
4b75071cc201f1bae4f6cbc5c0b6c3a0b01ba04bc19e7a5c10d86aac24fbeaa6
4e04aad0fc940941e4a7b576649397c90e9df9256564a2df1d9d0a61d11e4614
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
67eb785a2a8ba50388be15f88d34507786441641ac3ff36dbbef6c1f08981626
702a385d9ecfee455128d962ef63f499af0caf968ab4f064674466baad42fc0d
7299e3da2392b896cdeee0d85638a9b71559f52e30de2ccb511e5354ad2ccc48
72c9865a5feef043750de5284828ea47faca94d614e4c8b927de86fbd20bc60d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf
8e5dc5c8bfc5ecb0695f59edadc0ec80039556c1871ccc120cd2518aa61bfe6e
8f3f1141f070aa2741663802fc2cc30d2bbc9e010de37dd48429885e41689b01
928b419c0d8e8091d955521ec2eda854d35ac9523b2235a73fedd048f35307e9
9733b98cfc0cce401cfeb601dfae304482cadf8ef5fe912ee2d3d90900d7ef99
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7ef87d56aa2e80ebf1efebec35011eebab31c5e1542351b74c5edc0f5a93966
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c1bb94b35c138ade6892220375fdcbd7aa5f14cfe0e4bfd7c807ecbfd0ba6b72
c6b0700d8349fe1e9563f1c52542af0f8ce28ebd83d69e7c9b1400ae52392e29
c815588c9fc3f701ac558faa5e95a17f292ac70d54170c3b5f3b6599c3e3f6f7
cc7f992f8f355e85cbb95f852184db23bae0e3e2855b46ab163fb9c32a10b834
d8e2fa41dda321056ce59ea5c5aacce8d7bb0cbe3ec85288b44c07a5f18b85d6
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
f35ed4a80d12c9fb20f2bd61885150f1d84554324ece2a00d2fc7828c65b37a9
f683df772ef1e993bf15108ed1e11611a8edaca2bc9c632953dee2f2d9954071
fb7b1f0cb8558f3bbdeae4c37d17566745b92c3ab1601a34989cd3ac4e52393d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955