urlscan.io logo urlscan.io
SecurityTrails logo

healhk.com Open in urlscan Pro
2606:4700:3032::6812:2bd5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://healhk.com/
Effective URL: https://healhk.com/covid19
Submission: On August 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::6812:2bd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is healhk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.
This is the only time healhk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3032::6812:2bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
healhk.com
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:3036::681c:dfb (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
2    2600:9000:214f:5200:1c:f0bc:c7c0:21 (United States)

ASN16509 (AMAZON-02, US)
dn2jzyylhh3xb.cloudfront.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.95.160.41 (China)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-east-1.amazonaws.com
healhk.s3.ap-east-1.amazonaws.com
Domain Requested by
3 healhk.com 1 redirects healhk.com
2 healhk.s3.ap-east-1.amazonaws.com healhk.com
2 connect.facebook.net healhk.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
healhk.com
2 dn2jzyylhh3xb.cloudfront.net healhk.com
2 rsms.me healhk.com
1 www.facebook.com healhk.com
1 www.googletagmanager.com healhk.com
14 8

This site contains links to these domains. Also see Links.

Domain
www.chp.gov.hk
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-23 -
2021-07-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.s3.ap-east-1.amazonaws.com
Amazon		 2019-11-15 -
2020-11-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://healhk.com/covid19
Frame ID: 550AAF5B59EBA3DC6D147BE402EF7160
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://healhk.com/ HTTP 302
    https://healhk.com/covid19 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

676 kB
Transfer

1115 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://healhk.com/ HTTP 302
    https://healhk.com/covid19 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request covid19
healhk.com/
Redirect Chain
  • https://healhk.com/
  • https://healhk.com/covid19
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0d00aa3ccb2b04d2990ee57b7523a71817f6ae74283f793e426884def1f867

Request headers

:method
GET
:authority
healhk.com
:scheme
https
:path
/covid19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d13de0ee7fa4d835d949cbdc09165f8e21596373476; XSRF-TOKEN=eyJpdiI6IlVYcy9sUU1hdW9FT2lIS0dYekMvOHc9PSIsInZhbHVlIjoidE9DaStuWjhhYXpHajN4cjN4ZDZ1eS9jRDhFek9EZkJZcjhOZ21haUNvaklwVkpWU2RMVGpFU0wyTzFyWHhZY2NVVnUyeG1tT2NzMU52cmVGWDNxRU9EOG9EajVCaFB5eE1Xb0ZOWmxzcVU3KzdFTTZBa1graVcxaUVaaTJhY0oiLCJtYWMiOiIzZGMyMzMzZWJiZGU3YTFhY2Y2ZTdhZTM2NDZiYjAwMjE0MTc2Mzc5NDJkZDJlZjEwOWExZjNmMzQ5MmQwOGI1In0%3D; healhk_session=eyJpdiI6IlA3d1J6dm9ySXNnZTZ4a2NXTXRmU0E9PSIsInZhbHVlIjoiVFNEOVNwK1p2Y0FFUStWeDNxb2RLQVMrUW82Rmx6V0RCU05lUjVQS0lVVitxL0o1d0VZOTRLUnRyMTRmWllhSE5zRTllNWJxN3BTNmg4cHYrdmlLdFVMaFpDZjU3SXpCYTRVbmhwdkJRZlM2em5GVGdYZnRBYnFFSEtaSWJ2eUEiLCJtYWMiOiI2ZTE4OTI4Y2IyNDMxNDQzOTQxOTQ1MWQxODZjOWFlNjNhMmI5YTdhZjVkY2U1M2U1NzVlYjYzMDgxY2Y1MzhjIn0%3D; yiQ0M5jfBQHI83agcFzggajr2fsVl1OLLYd4gpHr=eyJpdiI6IkE5eTZZeW1KZXd1TVFURnpHUVZoRGc9PSIsInZhbHVlIjoieFhuWUpXK05wTGV5V0ozUmZUZ2VzK1Fjb0tEUjVFTG4yZE8zb3dGZkN5YjBxMTZDT0xBaG0xL2NibXgyUi9TZFRsRnVYMzBDSUJwanVJSVpnWFNJSEpYcXhkOU9lK0xrNVZMUHlNS2NEcjVOUWhZaEJEZGxZNmdpUk1CSExVYWZpL0ZnR0g1MHYvWngxZmJSandMOExtSDN3TmgxK3pNUWlUWHNOMkRZTnE3eUhDQmhLeHdpWVdlUmQxbTJPclRrenB4aEUvMGkvc2VRazA0V2dHa2RuL0ZORVhCQ1pZcFJlYWJHbXBVWHRLeDZQVTNuM0tQRE11N2lEN2NXM3FSZGRSV0Z1MG0zTXpUT0VlbFBoV1RIVWdhVWtPSlpWaXREUzh5dUJCZGtoL0oyVndhV3haVDVEWFRFWUJiOFhMaWhKdFdzRUpITG85TndpUW5XQnFWazZ2eXdPY25hRkYzNG1XK3g1R0tPVHVJPSIsIm1hYyI6ImYxZThjMzFkNWRhNGE5MTZhZWNlYjJiNTk0NWE5MWZkZGNjY2FmOTI5NTIwZWE4MTUyMTkyYzVhNjVlODlmOWQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 02 Aug 2020 13:04:38 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
apigw-requestid
QpH78ijmSQ0EMlw=
set-cookie
XSRF-TOKEN=eyJpdiI6Ii83VC9rNTdEcWU3RHhERjgwRWFjZWc9PSIsInZhbHVlIjoiSHliZEM3QXlVVWhYYXdyak1Dc2cxUTJQanZTNFp6bjAvZU9WUXI2TVlhZXJHT2dPcjdLSDZCZkY3VnFUUXhXcnBHOEswdXVWMjhneWtkZjJjMytISE9KNnJEWG1lLy81L21DYU1zU0dKVmQwYy9KdjRmRHE5NEtCUHIyWmM4RTciLCJtYWMiOiJmNDhkNDNlZGJiZjY1MjQ3YzYyMDJlNmJkMmJhMDdkYWI3MzU0NDFhODQzMjA5NGRlNmZmODBiODJkNzFjNjhiIn0%3D; expires=Sun, 02-Aug-2020 15:04:38 GMT; Max-Age=7200; path=/; samesite=lax healhk_session=eyJpdiI6ImdWdVU2WXV3ZysrS0QvUUh4VmE4d0E9PSIsInZhbHVlIjoibTA3VkVjR2FSTUlYMFBMM3JmM2hLa1JpTGs3dklSc3ZhREt5Z1QydHFDc0svVzh3K3I0TDNjU3MrVCtzUFRueGxsMm9uSTBHVjY4cVgxTDJoazI5VzZhc0IzS0pFb1VINEpCVUI4ZEl2cENiYUJVV0tUWnpCWnMxejA2N280dGkiLCJtYWMiOiJjZTFmMGM4N2E3MDMxZmU1MDlkMmI2NjcwOGNiMTczYzAyNWM0ZDQxNmRhY2QwYjExMjlhYzUyMGMwMWI4NmQ5In0%3D; expires=Sun, 02-Aug-2020 15:04:38 GMT; Max-Age=7200; path=/; httponly; samesite=lax yiQ0M5jfBQHI83agcFzggajr2fsVl1OLLYd4gpHr=eyJpdiI6IkJmQnA5aFdhWWlobEo4MGRMdzBGOWc9PSIsInZhbHVlIjoiM1EvU2FVd2lBVVRCQlZVWmlRb28xVmFlWjRrNVZpdTdCZVV0aGczaG0xc3dxYnF2U205MG93S2RtZ0JaTjJRTnZ4c2ZxRDhFRDZoMUJBSURmZDJYcFBpQ2VoZFJsTXNCRDdmeFhkb2IvOG52aHN4NFJpc2owUi84bXJJSlE3eHRQMVRmRlcwMW9TTGdUS0YrUnZnaHRsTWFnZlo0NEhDbWVLRmZKcXBTdUNrYW1BSlpoanh2MVlMSUt2MFZMK0xsK0o3cUJaOWdtSHVOMTlHZ2dEMHpqeVJaVlF5UGRpTTlCdHdmVm45V0lsa2d5SHl6ZjFsVDFKSGxPZW1vVXFFeWpoOThBVUVOeWR3NlZoYzZqZzFkTnBDa25Ud1M0ZTl3ZVhEY3pzd3BZKzJ1R04xc2w1dnNLQnRNOXZsa3QwWTZJRTdic3BqR3ZDVTBUOTROWXhzVkxGU2s4Wnd3cGEyaTlWK21RaE90L0lkYjJwazlmT0FOWGRSR041cW80SkpzIiwibWFjIjoiYmQxMTRjNDRiOTNlOGM2MjJjNjY2YTdiZTVjYzY0ZjY0MWY3NGY2NzgwMzNmMzUzNmU1ZjVlOTk1MDQxZjgzZiJ9; expires=Sun, 02-Aug-2020 15:04:38 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status
DYNAMIC
cf-request-id
0450df3f980000647f28850200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5bc80178fee6647f-FRA
content-encoding
br

Redirect headers

status
302
date
Sun, 02 Aug 2020 13:04:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d13de0ee7fa4d835d949cbdc09165f8e21596373476; expires=Tue, 01-Sep-20 13:04:36 GMT; path=/; domain=.healhk.com; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IlVYcy9sUU1hdW9FT2lIS0dYekMvOHc9PSIsInZhbHVlIjoidE9DaStuWjhhYXpHajN4cjN4ZDZ1eS9jRDhFek9EZkJZcjhOZ21haUNvaklwVkpWU2RMVGpFU0wyTzFyWHhZY2NVVnUyeG1tT2NzMU52cmVGWDNxRU9EOG9EajVCaFB5eE1Xb0ZOWmxzcVU3KzdFTTZBa1graVcxaUVaaTJhY0oiLCJtYWMiOiIzZGMyMzMzZWJiZGU3YTFhY2Y2ZTdhZTM2NDZiYjAwMjE0MTc2Mzc5NDJkZDJlZjEwOWExZjNmMzQ5MmQwOGI1In0%3D; expires=Sun, 02-Aug-2020 15:04:37 GMT; Max-Age=7200; path=/; samesite=lax healhk_session=eyJpdiI6IlA3d1J6dm9ySXNnZTZ4a2NXTXRmU0E9PSIsInZhbHVlIjoiVFNEOVNwK1p2Y0FFUStWeDNxb2RLQVMrUW82Rmx6V0RCU05lUjVQS0lVVitxL0o1d0VZOTRLUnRyMTRmWllhSE5zRTllNWJxN3BTNmg4cHYrdmlLdFVMaFpDZjU3SXpCYTRVbmhwdkJRZlM2em5GVGdYZnRBYnFFSEtaSWJ2eUEiLCJtYWMiOiI2ZTE4OTI4Y2IyNDMxNDQzOTQxOTQ1MWQxODZjOWFlNjNhMmI5YTdhZjVkY2U1M2U1NzVlYjYzMDgxY2Y1MzhjIn0%3D; expires=Sun, 02-Aug-2020 15:04:37 GMT; Max-Age=7200; path=/; httponly; samesite=lax yiQ0M5jfBQHI83agcFzggajr2fsVl1OLLYd4gpHr=eyJpdiI6IkE5eTZZeW1KZXd1TVFURnpHUVZoRGc9PSIsInZhbHVlIjoieFhuWUpXK05wTGV5V0ozUmZUZ2VzK1Fjb0tEUjVFTG4yZE8zb3dGZkN5YjBxMTZDT0xBaG0xL2NibXgyUi9TZFRsRnVYMzBDSUJwanVJSVpnWFNJSEpYcXhkOU9lK0xrNVZMUHlNS2NEcjVOUWhZaEJEZGxZNmdpUk1CSExVYWZpL0ZnR0g1MHYvWngxZmJSandMOExtSDN3TmgxK3pNUWlUWHNOMkRZTnE3eUhDQmhLeHdpWVdlUmQxbTJPclRrenB4aEUvMGkvc2VRazA0V2dHa2RuL0ZORVhCQ1pZcFJlYWJHbXBVWHRLeDZQVTNuM0tQRE11N2lEN2NXM3FSZGRSV0Z1MG0zTXpUT0VlbFBoV1RIVWdhVWtPSlpWaXREUzh5dUJCZGtoL0oyVndhV3haVDVEWFRFWUJiOFhMaWhKdFdzRUpITG85TndpUW5XQnFWazZ2eXdPY25hRkYzNG1XK3g1R0tPVHVJPSIsIm1hYyI6ImYxZThjMzFkNWRhNGE5MTZhZWNlYjJiNTk0NWE5MWZkZGNjY2FmOTI5NTIwZWE4MTUyMTkyYzVhNjVlODlmOWQifQ%3D%3D; expires=Sun, 02-Aug-2020 15:04:37 GMT; Max-Age=7200; path=/; httponly; samesite=lax
location
/covid19
cache-control
no-cache, private
apigw-requestid
QpH70jzoSQ0EMXQ=
cf-cache-status
DYNAMIC
cf-request-id
0450df3cb80000647f2881a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5bc801745c97647f-FRA
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173448957-1
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2b5034c23d38cb6f2885090c58ae5082920cb7c25febe1dbfdf2aafc7d75c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 02 Aug 2020 13:04:38 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34147
x-xss-protection
0
last-modified
Sun, 02 Aug 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Aug 2020 13:04:38 GMT
inter.css
rsms.me/inter/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9f46869a3152318e72ebc6ce476eec6ee0b7789ca8d29c5645eb21ad28f845

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
4891a5fdce8cd2b5f526c7870f8f43345ffaba21
date
Sun, 02 Aug 2020 13:04:38 GMT
via
1.1 varnish
cf-cache-status
HIT
age
270
x-cache
HIT
status
200
x-cache-hits
1
content-encoding
br
x-origin-cache
HIT
cf-request-id
0450df4316000063dd1708d200000001
x-served-by
cache-fra19163-FRA
last-modified
Sun, 28 Jun 2020 21:25:12 GMT
server
cloudflare
x-github-request-id
E60A:2A69:636660:7BD574:5EF90B43
x-timer
S1593379959.211037,VS0,VE1
etag
W/"5ef90ab8-17ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5bc8017e8b2a63dd-FRA
x-proxy-cache
HIT
expires
Sat, 01 Aug 2020 08:08:24 GMT
app.css
dn2jzyylhh3xb.cloudfront.net/d1df94a8-1e3e-46ea-99b0-f81cbe0ace34/css/ 		91 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dn2jzyylhh3xb.cloudfront.net/d1df94a8-1e3e-46ea-99b0-f81cbe0ace34/css/app.css?id=4a3a5489d0cc509211ee
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5200:1c:f0bc:c7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e45ef544e80d6a5104c937cd0db3feaf0119b669da1733504fdf5e755fa1580

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 02 Aug 2020 13:04:39 GMT
content-encoding
gzip
last-modified
Sun, 02 Aug 2020 12:44:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
public, max-age=2628000
x-amz-cf-id
eOj--IgiTlLgCMDDkDfFt7i0_4GH97uUMfSP9gHtitw89BOKGbAv-g==
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
expires
Wed, 02 Sep 2020 12:24:09 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173448957-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1857
date
Sun, 02 Aug 2020 12:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sun, 02 Aug 2020 14:33:41 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1175249193&t=pageview&_s=1&dl=https%3A%2F%2Fhealhk.com%2Fcovid19&ul=en-us&de=UTF-8&dt=%E8%A7%80%E7%9C%8B%E5%85%A8%E9%A6%99%E6%B8%AF%E7%9A%84%E7%A2%BA%E8%A8%BA%E5%A4%A7%E5%BB%88%E8%B3%87%E6%96%99%20%7C%20HealHK&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=421914287&gjid=693433837&cid=1525094074.1596373478&tid=UA-173448957-1&_gid=136605242.1596373478&_r=1&gtm=2ou7m1&z=1714375710
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Aug 2020 13:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9071fe5724bb5d73634b4b767d2322301f547661058b0660a20fd583d0009ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://healhk.com/covid19
Origin
https://healhk.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XuYVmNMW6jkW7GqJis7KNw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
etag
"dc0ab000522141ae5cc85add8c95e643"
x-fb-debug
yffE92fEfSv9R+tL/qSof2YpnNgsLaBkasZa/DjT8o3BHcm8Ud1N8Q4DpMqBNUCNjEkYO4nNwBnXL6pWSUGBoA==
x-fb-trip-id
1781455057
x-fb-content-md5
2cf1a1847624e9c9dc4a318c423afaac
x-frame-options
DENY
date
Sun, 02 Aug 2020 13:04:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 02 Aug 2020 13:14:06 GMT
app.js
dn2jzyylhh3xb.cloudfront.net/d1df94a8-1e3e-46ea-99b0-f81cbe0ace34/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dn2jzyylhh3xb.cloudfront.net/d1df94a8-1e3e-46ea-99b0-f81cbe0ace34/js/app.js?id=7433259a9354c37c9022
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:5200:1c:f0bc:c7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
765899274c098a8ebda57f8a7a96df6583182be909683af92915cb8c8d5edac9

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 02 Aug 2020 13:04:39 GMT
content-encoding
gzip
last-modified
Sun, 02 Aug 2020 12:44:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=2628000
x-amz-cf-id
LmqbLZMETHnUH6TGHWmGjWTDAHappiA7KnrkCiXc7pCImXPdju_XXQ==
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
expires
Sun, 30 Aug 2020 02:49:55 GMT
livewire.js
healhk.com/livewire/ 		132 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://healhk.com/livewire/livewire.js?id=470956373e3454996f6b
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abaf2d1e31ff3c09a8e3a134843167d3413484665cbfac985bc6dc1274be8ef4

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 02 Aug 2020 13:04:38 GMT
content-encoding
br
cf-cache-status
HIT
age
785997
cf-polished
origSize=135641
status
200
cf-request-id
0450df439f0000647f28893200000001
last-modified
Fri, 24 Jul 2020 10:38:41 GMT
server
cloudflare
apigw-requestid
QLI_8jowyQ0EP4A=
x-vapor-base64-encode
True
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Sat, 24 Jul 2021 10:44:41 GMT
cache-control
public, max-age=31536000
cf-ray
5bc8017f6a34647f-FRA
cf-bgj
minify
sdk.js
connect.facebook.net/zh_HK/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=daecd13995c3e0c21a20e0f6d3051408&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb649755d7542404bc4ac006da39a76184bdddbd6e029ad5d4bff5d1410b3194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://healhk.com/covid19
Origin
https://healhk.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5OVDVM8clczkv9es0QApGQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61410
etag
"f2d77371347fb15a709d8f5aab9fc220"
x-fb-debug
IVEcqf1huubfIRRtIHRFl2zIap8qNu7DoR/y9u48PZZr/yZHlu01VMnYMwu5WcU532JxjDjzlUpvM/4FfJt8Cw==
x-fb-trip-id
1781455057
x-fb-content-md5
385b3a3281de8cc5e5a0966d68ea9007
x-frame-options
DENY
date
Sun, 02 Aug 2020 13:04:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 02 Aug 2021 12:40:50 GMT
/
www.facebook.com/tr/ 		44 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=612872982693911&ev=fb_page_view&dl=https%3A%2F%2Fhealhk.com%2Fcovid19&rl=&if=false&ts=1596373478353&sw=1600&sh=1200&at=
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 02 Aug 2020 13:04:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 02 Aug 2020 13:04:38 GMT
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b0e400da698f2424fbf4635aa7b8bae4397a09be26b37cfe1985476021e2a0f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
4WhlwCVPBugb05W7wFDQJO80UukFE5FqTXxSFlNP.png
healhk.s3.ap-east-1.amazonaws.com/public/wink/images/ 		260 KB
261 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healhk.s3.ap-east-1.amazonaws.com/public/wink/images/4WhlwCVPBugb05W7wFDQJO80UukFE5FqTXxSFlNP.png
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.160.41 , China, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6968a4bdf2993fe2d2fc0bad147c2f6e9dcbfda1bbc156ff4c44edb84ce00f80

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 02 Aug 2020 13:04:41 GMT
Last-Modified
Sun, 02 Aug 2020 03:44:20 GMT
Server
AmazonS3
x-amz-request-id
24909FCF9B647358
ETag
"259e3601a1c4880be0039f7976678ce6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
266643
x-amz-id-2
p4tUvyrdWRWnRHck9kaER3lbrP/7tGoAffSyIg5ScqIkYgAivZSkGNUlJo9re33gc7Bh1vUZHps=
5lhGmzBRED2dG2AwCYvVGm1P0ut8EJHQjc89Ydmh.jpeg
healhk.s3.ap-east-1.amazonaws.com/public/wink/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://healhk.s3.ap-east-1.amazonaws.com/public/wink/images/5lhGmzBRED2dG2AwCYvVGm1P0ut8EJHQjc89Ydmh.jpeg
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.160.41 , China, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d039eadaa752332e48a593c6837ea2cfbe5e604716ef5a800c5fa0aa61818b6

Request headers

Referer
https://healhk.com/covid19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 02 Aug 2020 13:04:41 GMT
Last-Modified
Sun, 02 Aug 2020 03:39:40 GMT
Server
AmazonS3
x-amz-request-id
18E9AC22D0880C5E
ETag
"5d6ea359bb9e5ae35b9fdea4a618504e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
12438
x-amz-id-2
ikbwLHCa0DlHWsyGtpVS/NLmfaQSb31ctrRW2or3yb1iERdFzyBuGgbCCZN/fkglxOifoES3tv8=
Inter-roman.var.woff2
rsms.me/inter/font-files/ 		221 KB
222 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?3.13
Requested by
Host: healhk.com
URL: https://healhk.com/covid19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613080794c521eaf685a98b59678c04ca64af12127578e612d030df3c62e9e3a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rsms.me/inter/inter.css
Origin
https://healhk.com

Response headers

x-fastly-request-id
474b128711fcafdec5c0f2bf6652dbb3246f26fa
date
Sun, 02 Aug 2020 13:04:39 GMT
via
1.1 varnish
cf-cache-status
HIT
age
785515
x-cache
HIT
status
200
x-cache-hits
1
content-length
225996
cf-request-id
0450df47800000c2a963853200000001
x-served-by
cache-fra19152-FRA
last-modified
Sun, 28 Jun 2020 21:25:06 GMT
server
cloudflare
x-github-request-id
65E0:2C78:12369C8:168660A:5F1A881F
x-timer
S1595587965.672425,VS0,VE1
etag
"5ef90ab2-372cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
5bc801859db1c2a9-FRA
x-proxy-cache
MISS
expires
Fri, 24 Jul 2020 07:15:05 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| FB object| Alpine function| Cookies function| axios function| Livewire boolean| firstTime object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine

7 Cookies

Domain/Path Name / Value
.healhk.com/ Name: _gid
Value: GA1.2.136605242.1596373478
.healhk.com/ Name: _gat_gtag_UA_173448957_1
Value: 1
.healhk.com/ Name: _ga
Value: GA1.2.1525094074.1596373478
.healhk.com/ Name: __cfduid
Value: d13de0ee7fa4d835d949cbdc09165f8e21596373476
healhk.com/ Name: yiQ0M5jfBQHI83agcFzggajr2fsVl1OLLYd4gpHr
Value: eyJpdiI6IkJmQnA5aFdhWWlobEo4MGRMdzBGOWc9PSIsInZhbHVlIjoiM1EvU2FVd2lBVVRCQlZVWmlRb28xVmFlWjRrNVZpdTdCZVV0aGczaG0xc3dxYnF2U205MG93S2RtZ0JaTjJRTnZ4c2ZxRDhFRDZoMUJBSURmZDJYcFBpQ2VoZFJsTXNCRDdmeFhkb2IvOG52aHN4NFJpc2owUi84bXJJSlE3eHRQMVRmRlcwMW9TTGdUS0YrUnZnaHRsTWFnZlo0NEhDbWVLRmZKcXBTdUNrYW1BSlpoanh2MVlMSUt2MFZMK0xsK0o3cUJaOWdtSHVOMTlHZ2dEMHpqeVJaVlF5UGRpTTlCdHdmVm45V0lsa2d5SHl6ZjFsVDFKSGxPZW1vVXFFeWpoOThBVUVOeWR3NlZoYzZqZzFkTnBDa25Ud1M0ZTl3ZVhEY3pzd3BZKzJ1R04xc2w1dnNLQnRNOXZsa3QwWTZJRTdic3BqR3ZDVTBUOTROWXhzVkxGU2s4Wnd3cGEyaTlWK21RaE90L0lkYjJwazlmT0FOWGRSR041cW80SkpzIiwibWFjIjoiYmQxMTRjNDRiOTNlOGM2MjJjNjY2YTdiZTVjYzY0ZjY0MWY3NGY2NzgwMzNmMzUzNmU1ZjVlOTk1MDQxZjgzZiJ9
healhk.com/ Name: healhk_session
Value: eyJpdiI6ImdWdVU2WXV3ZysrS0QvUUh4VmE4d0E9PSIsInZhbHVlIjoibTA3VkVjR2FSTUlYMFBMM3JmM2hLa1JpTGs3dklSc3ZhREt5Z1QydHFDc0svVzh3K3I0TDNjU3MrVCtzUFRueGxsMm9uSTBHVjY4cVgxTDJoazI5VzZhc0IzS0pFb1VINEpCVUI4ZEl2cENiYUJVV0tUWnpCWnMxejA2N280dGkiLCJtYWMiOiJjZTFmMGM4N2E3MDMxZmU1MDlkMmI2NjcwOGNiMTczYzAyNWM0ZDQxNmRhY2QwYjExMjlhYzUyMGMwMWI4NmQ5In0%3D
healhk.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ii83VC9rNTdEcWU3RHhERjgwRWFjZWc9PSIsInZhbHVlIjoiSHliZEM3QXlVVWhYYXdyak1Dc2cxUTJQanZTNFp6bjAvZU9WUXI2TVlhZXJHT2dPcjdLSDZCZkY3VnFUUXhXcnBHOEswdXVWMjhneWtkZjJjMytISE9KNnJEWG1lLy81L21DYU1zU0dKVmQwYy9KdjRmRHE5NEtCUHIyWmM4RTciLCJtYWMiOiJmNDhkNDNlZGJiZjY1MjQ3YzYyMDJlNmJkMmJhMDdkYWI3MzU0NDFhODQzMjA5NGRlNmZmODBiODJkNzFjNjhiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dn2jzyylhh3xb.cloudfront.net
healhk.com
healhk.s3.ap-east-1.amazonaws.com
rsms.me
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
2600:9000:214f:5200:1c:f0bc:c7c0:21
2606:4700:3032::6812:2bd5
2606:4700:3036::681c:dfb
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.95.160.41
0d039eadaa752332e48a593c6837ea2cfbe5e604716ef5a800c5fa0aa61818b6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f9f46869a3152318e72ebc6ce476eec6ee0b7789ca8d29c5645eb21ad28f845
5e45ef544e80d6a5104c937cd0db3feaf0119b669da1733504fdf5e755fa1580
613080794c521eaf685a98b59678c04ca64af12127578e612d030df3c62e9e3a
6968a4bdf2993fe2d2fc0bad147c2f6e9dcbfda1bbc156ff4c44edb84ce00f80
6b0e400da698f2424fbf4635aa7b8bae4397a09be26b37cfe1985476021e2a0f
765899274c098a8ebda57f8a7a96df6583182be909683af92915cb8c8d5edac9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
abaf2d1e31ff3c09a8e3a134843167d3413484665cbfac985bc6dc1274be8ef4
c2b5034c23d38cb6f2885090c58ae5082920cb7c25febe1dbfdf2aafc7d75c3f
d9071fe5724bb5d73634b4b767d2322301f547661058b0660a20fd583d0009ad
dc0d00aa3ccb2b04d2990ee57b7523a71817f6ae74283f793e426884def1f867
eb649755d7542404bc4ac006da39a76184bdddbd6e029ad5d4bff5d1410b3194
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955