urlscan.io logo urlscan.io
SecurityTrails logo

healthcare.by Open in urlscan Pro
80.94.167.110  Public Scan

Go To Rescan Add Verdict Report
URL: http://healthcare.by/
Submission Tags: gov by l4ing h8 🥔 Search All
Submission: On July 06 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 43 HTTP transactions. The main IP is 80.94.167.110, located in Belarus and belongs to BAS-NET-AS, BY. The main domain is healthcare.by.
This is the only time healthcare.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 80.94.167.110 21274 (BAS-NET-AS)
2 5 87.240.190.78 47541 (VKONTAKTE...)
1 6 2a00:1450:400... 15169 (GOOGLE)
4 9 2a02:6b8::1:119 208722 (GLOBAL_DC)
4 2606:2800:234... 15133 (EDGECAST)
1 81.19.89.1 24638 (RAMBLER-T...)
1 2 81.19.89.16 24638 (RAMBLER-T...)
1 1 2a02:6b8::90 208722 (GLOBAL_DC)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:401... 15169 (GOOGLE)
2 2 87.240.139.194 47541 (VKONTAKTE...)
1 2 176.9.60.211 24940 (HETZNER-AS)
2 3 95.163.52.67 47764 (MAILRU-AS...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
43 17
10    80.94.167.110 (Belarus)

ASN21274 (BAS-NET-AS, BY)
healthcare.by
5    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vkontakte.ru
vk.com
6    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    81.19.89.1 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: top100.rambler.ru
top100-images.rambler.ru
2    81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
counter.rambler.ru
1    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4014:80f::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com
vk.com
2    176.9.60.211 (Weimar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de
adlik.akavita.com
3    95.163.52.67 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top.list.ru
top-fwz1.mail.ru
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
developers.google.com
2    2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 google.com
apis.google.com — Cisco Umbrella Rank: 162
developers.google.com — Cisco Umbrella Rank: 9417
accounts.google.com — Cisco Umbrella Rank: 116
131 KB
10 healthcare.by
healthcare.by
238 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
150 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10550
2 KB
5 vk.com
vk.com — Cisco Umbrella Rank: 5168
2 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3472
bs.yandex.ru — Cisco Umbrella Rank: 43378
58 KB
3 rambler.ru
top100-images.rambler.ru — Cisco Umbrella Rank: 498680
counter.rambler.ru — Cisco Umbrella Rank: 86387
3 KB
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10338
2 KB
2 akavita.com
adlik.akavita.com
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
86 KB
2 vkontakte.ru
vkontakte.ru — Cisco Umbrella Rank: 102591
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
3 KB
1 gstatic.com
ssl.gstatic.com
5 KB
1 list.ru
top.list.ru — Cisco Umbrella Rank: 379182
975 B
43 15
Domain Requested by
10 healthcare.by healthcare.by
6 apis.google.com 1 redirects healthcare.by
apis.google.com
accounts.google.com
5 mc.yandex.com 2 redirects healthcare.by
5 vk.com 3 redirects healthcare.by
4 platform.twitter.com healthcare.by
platform.twitter.com
4 mc.yandex.ru 2 redirects healthcare.by
2 syndication.twitter.com platform.twitter.com
healthcare.by
2 accounts.google.com apis.google.com
healthcare.by
2 developers.google.com 1 redirects apis.google.com
2 top-fwz1.mail.ru 1 redirects healthcare.by
2 adlik.akavita.com 1 redirects healthcare.by
2 www.google-analytics.com healthcare.by
www.google-analytics.com
2 connect.facebook.net healthcare.by
connect.facebook.net
2 counter.rambler.ru 1 redirects healthcare.by
2 vkontakte.ru 1 redirects healthcare.by
1 www.facebook.com connect.facebook.net
1 ssl.gstatic.com accounts.google.com
1 top.list.ru 1 redirects
1 bs.yandex.ru 1 redirects
1 top100-images.rambler.ru healthcare.by
43 20
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://healthcare.by/
Frame ID: 3084103A6DE73F67DA0B6C00754C50B7
Requests: 32 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=http%3A%2F%2Fhealthcare.by
Frame ID: 7C89B5F7F3D41ECF3971B0CCA90CCCD7
Requests: 2 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 59E5884574A50503CA4B10B4455BE985
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fhealthcare.by&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: 6800A6845A1659093AA6EA341CCAEE34
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.ru.html
Frame ID: 0557DE91CB11DDDA03974E206A46D9F1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3249fc4d6f8c0c%26domain%3Dhealthcare.by%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhealthcare.by%252Ffb9769145eba44%26relation%3Dparent.parent&container_width=5&href=http%3A%2F%2Fhealthcare.by%2Findex.php&layout=button_count&locale=en_GB&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 52CF1A9ABAF8CE23E692A30BB14C3365
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Здравоохранение Беларуси

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

43
Requests

44 %
HTTPS

56 %
IPv6

15
Domains

20
Subdomains

17
IPs

5
Countries

699 kB
Transfer

1609 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vkontakte.ru/js/api/share.js?112 HTTP 301
  • https://vkontakte.ru/js/api/share.js?112
Request Chain 5
  • http://mc.yandex.ru/metrika/watch.js HTTP 302
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 13
  • http://counter.rambler.ru/top100.cnt?360720 HTTP 307
  • https://counter.rambler.ru/top100.cnt?360720
Request Chain 14
  • http://bs.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews HTTP 302
  • https://mc.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews
Request Chain 15
  • http://connect.facebook.net/ru_RU/all.js HTTP 307
  • https://connect.facebook.net/ru_RU/all.js
Request Chain 19
  • http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fhealthcare.by%2Findex.php HTTP 301
  • https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fhealthcare.by%2Findex.php HTTP 302
  • https://vk.com/429.html?hash429=7qf5B-4i_otw2pYQ3Id0dyqakOis4kEd1XOs17KqJ6aihrQXhos7SqrrOLplyPWjBjhzH-W83xqOafSj3_Wvcaz_oOVryXXYUWZO0MjJpTwuXC75BPM&redirect429=/share.php%3Fact=count%26index=0%26url=http%253A%252F%252Fhealthcare.by%252Findex.php
Request Chain 20
  • http://vk.com/images/icons/like_widget.png HTTP 301
  • https://vk.com/images/icons/like_widget.png
Request Chain 21
  • http://adlik.akavita.com/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755 HTTP 301
  • http://adlik.akavita.com/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755&testcookie
Request Chain 22
  • http://top.list.ru/counter?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20
Request Chain 25
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9691.qayXS2imQY1Iw3KBG3cHKGNLURTxQQoXO0KO_AHoBEDo2Y1vB8rb-QMZORQkX3Km.rcftp4incpGFdXglLr3mP4SbFys%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9691.aH2SDlqQPEENK4Z1upFtIM7J5S-AWynhcxMfKeN-JkeDrAXAQuVVruyuKsH2pEBhkEUNztq9C_k238E-4XkC-g%2C%2C.yYnDsHs-JM9q6EcXIK1i81HgMpA%2C
Request Chain 28
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fhealthcare.by&url=http%3A%2F%2Fhealthcare.by%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__ HTTP 301
  • http://developers.google.com/ HTTP 301
  • https://developers.google.com/
Request Chain 35
  • https://mc.yandex.com/watch/10063810?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1284159896259%3Ahid%3A125357033%3Az%3A0%3Ai%3A20220706235001%3Aet%3A1657151402%3Ac%3A1%3Arn%3A873306502%3Arqn%3A1%3Au%3A1657151402159113588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1657151400693%3Ads%3A42%2C69%2C91%2C5%2C%2C0%2C%2C402%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657151402%3At%3A%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%BE%D0%BE%D1%85%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/10063810/1?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1284159896259%3Ahid%3A125357033%3Az%3A0%3Ai%3A20220706235001%3Aet%3A1657151402%3Ac%3A1%3Arn%3A873306502%3Arqn%3A1%3Au%3A1657151402159113588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1657151400693%3Ads%3A42%2C69%2C91%2C5%2C%2C0%2C%2C402%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657151402%3At%3A%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%BE%D0%BE%D1%85%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
healthcare.by/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ef00b83e79c88c8ef4101f46fb568fa1f9fffa599fa04d5e15558c3a5d520d61

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
6985
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Jul 2022 23:49:56 GMT
Server
nginx/1.4.6 (Ubuntu)
Vary
Accept-Encoding
share.js
vkontakte.ru/js/api/
Redirect Chain
  • http://vkontakte.ru/js/api/share.js?112
  • https://vkontakte.ru/js/api/share.js?112
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vkontakte.ru/js/api/share.js?112
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
1077ed95e39d1bf7ecae2d562e08e3af93f21b375a5488d10ef671c1f2ed23c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:01 GMT
content-encoding
br
x-frontend
front225207
last-modified
Thu, 07 Apr 2022 12:12:57 GMT
server
kittenx
etag
"624ed549-b9e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
2974
expires
Sun, 10 Jul 2022 23:50:01 GMT

Redirect headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
X-Frontend
front225204
Server
kittenx
Content-Type
text/html
Location
https://vkontakte.ru/js/api/share.js?112
Access-Control-Expose-Headers
X-Frontend
Connection
keep-alive
Content-Length
164
plusone.js
apis.google.com/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20332
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 06 Jul 2022 23:50:01 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"a34ff92a9ec0825b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 23:50:01 GMT
main.css
healthcare.by/styles/ 		1016 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://healthcare.by/styles/main.css
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
72e12dbdf822b7431d4b532228ef0d5e3d1a50cc387c3dda5f56b1fc428b1c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-3f8"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1016
Expires
Fri, 05 Aug 2022 23:49:56 GMT
AC_RunActiveContent.js
healthcare.by/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://healthcare.by/AC_RunActiveContent.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
dd4af212d2dce74565cb3360308141d23548e15a5a23d9a49c9cab69b55d95de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-2081"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8321
Expires
Fri, 05 Aug 2022 23:49:56 GMT
main.js
healthcare.by/scripts/ 		230 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
http://healthcare.by/scripts/main.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
45ccc36aa4c7f6a946f0305b0ec660e40a42d69ee7b8b7f90672498c774f8c35

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-e6"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230
Expires
Fri, 05 Aug 2022 23:49:56 GMT
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:01 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-dd8a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56714
expires
Thu, 07 Jul 2022 00:50:01 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Content-Length
0
head3.gif
healthcare.by/images/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/head3.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
8ac5c0368e0bcc03ee5c494aa8e0d267ce74d0bcb17e9e2a3d7025439cd6374a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-3249b"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205979
Expires
Fri, 05 Aug 2022 23:49:56 GMT
help.gif
healthcare.by/images/ 		436 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/help.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
f25ad4beff538c23280d7ac6b8fd22406657a07a772304eeaa47caa64d2edac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-1b4"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
436
Expires
Fri, 05 Aug 2022 23:49:56 GMT
advsearch.gif
healthcare.by/images/ 		269 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/advsearch.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
3937c136a4f230a923b5202d2018e960e72e7797c817e54db32634365ca3bbc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-10d"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
269
Expires
Fri, 05 Aug 2022 23:49:56 GMT
rubr.gif
healthcare.by/images/ 		98 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/rubr.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
1ac1917fcedacb2df5ec0a0e1bc14b29619d228ec5a6bf8c58672d2a829340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:56 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-62"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98
Expires
Fri, 05 Aug 2022 23:49:56 GMT
map.gif
healthcare.by/images/ 		581 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/map.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
500f15639a51754039ad5502821697a68523fd6cbaf395f92cc75f8530b5839b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:57 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-245"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
581
Expires
Fri, 05 Aug 2022 23:49:57 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
Content-Encoding
gzip
Age
495
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (frb/67C2)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
banner-88x31-rambler-blue.gif
top100-images.rambler.ru/top100/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://top100-images.rambler.ru/top100/banner-88x31-rambler-blue.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
81.19.89.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
top100.rambler.ru
Software
nginx /
Resource Hash
4892b8007e3843058a78f4cdd9e3dc26bc6659b0bfbba86934d9cada99fc3371

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
Last-Modified
Wed, 02 Feb 2022 05:30:04 GMT
Server
nginx
x-amz-request-id
tx000000000000108ef48cc-0062c61f7a-f8aa9c-default
ETag
"4cd9379d66ab3b6eeaa524583068cb67"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=40
Content-Length
1118
top100.cnt
counter.rambler.ru/
Redirect Chain
  • http://counter.rambler.ru/top100.cnt?360720
  • https://counter.rambler.ru/top100.cnt?360720
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.rambler.ru/top100.cnt?360720
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
2kraken-test0001.ad.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
Server
nginx/1.19.4
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location
https://counter.rambler.ru/top100.cnt?360720
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html
Access-Control-Allow-Headers
content-type
Content-Length
171
3_1_66A2D4FF_4682B4FF_1_pageviews
mc.yandex.ru/informer/10063810/
Redirect Chain
  • http://bs.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews
  • https://mc.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4490f013f99057db68cee20af570564a53a40c408faee2a918840405c1774e61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Wed, 06-Jul-2022 23:50:01 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1532
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 23:50:01 GMT

Redirect headers

Location
https://mc.yandex.ru/informer/10063810/3_1_66A2D4FF_4682B4FF_1_pageviews
Strict-Transport-Security
max-age=31536000
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
1; mode=block
all.js
connect.facebook.net/ru_RU/
Redirect Chain
  • http://connect.facebook.net/ru_RU/all.js
  • https://connect.facebook.net/ru_RU/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c5c60b3896f365d341e416a2184dc90e552010c52c7ed92e776bcf1d29e29d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3gEZFQU1I+N4CLp7/xMyJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1684
x-fb-rlafr
0
x-fb-debug
PLypiS39tL/ww6OoUp2geTRpR4J1jjiG9JY9u2h6Cqcj0tlU2RxRFd/au/aiA5CNeJoQSLUIJuDyQAIYGq2vhw==
x-fb-trip-id
686109401
x-fb-content-md5
ee2347392bdd4b4e6a21cb493fec8f05
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 06 Jul 2022 23:50:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b0e14bbb5c015edb5ab591bc0fd5b37a"
timing-allow-origin
*
expires
Thu, 07 Jul 2022 00:08:30 GMT

Redirect headers

Location
https://connect.facebook.net/ru_RU/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52026
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:34:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5980
date
Wed, 06 Jul 2022 22:10:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 07 Jul 2022 00:10:21 GMT
doctors.jpg
healthcare.by/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://healthcare.by/images/doctors.jpg
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
80.94.167.110 , Belarus, ASN21274 (BAS-NET-AS, BY),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
82f188e2354dba0ac8c3067f4f3991093cf65f631b975c935e6cd877c364d3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:49:57 GMT
Last-Modified
Wed, 16 Sep 2015 12:48:25 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"55f96519-4040"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16448
Expires
Fri, 05 Aug 2022 23:49:57 GMT
429.html
vk.com/
Redirect Chain
  • http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fhealthcare.by%2Findex.php
  • https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Fhealthcare.by%2Findex.php
  • https://vk.com/429.html?hash429=7qf5B-4i_otw2pYQ3Id0dyqakOis4kEd1XOs17KqJ6aihrQXhos7SqrrOLplyPWjBjhzH-W83xqOafSj3_Wvcaz_oOVryXXYUWZO0MjJpTwuXC75BPM&redirect429=/share.php%3Fact=count%26index=0%26ur...
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/429.html?hash429=7qf5B-4i_otw2pYQ3Id0dyqakOis4kEd1XOs17KqJ6aihrQXhos7SqrrOLplyPWjBjhzH-W83xqOafSj3_Wvcaz_oOVryXXYUWZO0MjJpTwuXC75BPM&redirect429=/share.php%3Fact=count%26index=0%26url=http%253A%252F%252Fhealthcare.by%252Findex.php
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
server
kittenx
content-type
text/html
location
/429.html?hash429=7qf5B-4i_otw2pYQ3Id0dyqakOis4kEd1XOs17KqJ6aihrQXhos7SqrrOLplyPWjBjhzH-W83xqOafSj3_Wvcaz_oOVryXXYUWZO0MjJpTwuXC75BPM&redirect429=/share.php%3Fact=count%26index=0%26url=http%253A%252F%252Fhealthcare.by%252Findex.php
access-control-expose-headers
X-WAF-Redirect
cache-control
no-store,no-cache,must-revalidate
x-waf-redirect
1
content-length
147
like_widget.png
vk.com/images/icons/
Redirect Chain
  • http://vk.com/images/icons/like_widget.png
  • https://vk.com/images/icons/like_widget.png
538 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/icons/like_widget.png
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:01 GMT
last-modified
Tue, 22 Sep 2020 20:29:56 GMT
server
kittenx
etag
"5f6a5ec4-21a"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
538
expires
Wed, 13 Jul 2022 23:50:01 GMT

Redirect headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
X-Frontend
front623306
Server
kittenx
Content-Type
text/html
Location
https://vk.com/images/icons/like_widget.png
Access-Control-Expose-Headers
X-Frontend
Connection
keep-alive
Content-Length
164
lik
adlik.akavita.com/bin/
Redirect Chain
  • http://adlik.akavita.com/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755
  • http://adlik.akavita.com/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755&testcookie
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adlik.akavita.com/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755&testcookie
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
HTTP/1.1
Server
176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.60.9.176.clients.your-server.de
Software
nginx/1.12.2 /
Resource Hash
b6ab64f9a74a54dacea7fefaaed0fb78f286b81976ad848d38a5e6bf76bce2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:50:01 GMT
Server
nginx/1.12.2
Connection
close
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Location
/bin/lik?id=2724&d=http%3A//healthcare.by/&r=&h=2&f=0&c=1&tz=0&cpu=undefined&js=13&wh=1200&ww=1600&ss=1600&cd=24&j=0&x=0.6369164299687755&testcookie
Date
Wed, 06 Jul 2022 23:50:01 GMT
Referrer-Policy
no-referrer
Server
nginx/1.12.2
Connection
close
Transfer-Encoding
chunked
Content-Type
image/gif
counter2
top-fwz1.mail.ru/
Redirect Chain
  • http://top.list.ru/counter?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769
  • https://top-fwz1.mail.ru/counter?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20
  • https://top-fwz1.mail.ru/counter2?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20
846 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
a04bb6b5cd38dbcd9656e6cc9ca634ada211a6ccb5400d7410479600b42a5b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:02 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
846
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Wed, 06 Jul 2022 23:50:01 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=374253;t=210;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7875585348453769;ver=20
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
all.js
connect.facebook.net/ru_RU/ 		297 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js?hash=06c9f7c42e16fe7825ec5aeeff2dfa28
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f888c6baa09c86ab30b783a430310b00797bd7a6871cac7ae0a350649975974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://healthcare.by/
Origin
http://healthcare.by
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/7UGsPKBAY7vrq1qWtbKuA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86036
x-fb-rlafr
0
x-fb-debug
BeISwhCsfwLLGdw4n9qwMghcNat6NxzuD43pk5qUSV8cILrgp7bB+kYJWH9DeYUAxkrCBMxHsJ8bOpVHHWmKqw==
x-fb-content-md5
815e01688e4968c1c4183e66ad9bde6d
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 06 Jul 2022 23:50:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b92e2b44657257f422acaa6620cf452b"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Jul 2023 23:48:30 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=860693483&t=pageview&_s=1&dl=http%3A%2F%2Fhealthcare.by%2F&ul=en-us&de=UTF-8&dt=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%BE%D0%BE%D1%85%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=402662223&gjid=1898568116&cid=1246757524.1657151401&tid=UA-84817079-1&_gid=209971677.1657151401&_r=1&_slc=1&z=1264246042
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://healthcare.by/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://healthcare.by
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9691.qayXS2imQY1Iw3KBG3cHKGNLURTxQQoXO0KO_AHoBEDo2Y1vB8rb-QMZORQkX3Km.rcftp4incpGFdXglLr3mP4SbFys%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9691.aH2SDlqQPEENK4Z1upFtIM7J5S-AWynhcxMfKeN-JkeDrAXAQuVVruyuKsH2pEBhkEUNztq9C_k238E-4XkC-g%2C%2C.yYnDsHs-JM9q6EcXIK1i81HgMpA%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9691.aH2SDlqQPEENK4Z1upFtIM7J5S-AWynhcxMfKeN-JkeDrAXAQuVVruyuKsH2pEBhkEUNztq9C_k238E-4XkC-g%2C%2C.yYnDsHs-JM9q6EcXIK1i81HgMpA%2C
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:01 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9691.aH2SDlqQPEENK4Z1upFtIM7J5S-AWynhcxMfKeN-JkeDrAXAQuVVruyuKsH2pEBhkEUNztq9C_k238E-4XkC-g%2C%2C.yYnDsHs-JM9q6EcXIK1i81HgMpA%2C
date
Wed, 06 Jul 2022 23:50:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame 7C89 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=http%3A%2F%2Fhealthcare.by
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
http://healthcare.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
96935
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 23:50:01 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BA)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b63bfa44b197ac4bb1ee54611f19af852416c8d8eee83417c51950fdf92cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34622
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:34:40 GMT
/
developers.google.com/ Frame 59E5
Redirect Chain
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fhealthcare.by&url=http%3A%2F%2Fhealthcare.by%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi...
  • http://developers.google.com/
  • https://developers.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://developers.google.com/
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-4eIsw9GBuSUXN/0+bpyttQjGk/LyqK' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://healthcare.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
19732
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-4eIsw9GBuSUXN/0+bpyttQjGk/LyqK' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Wed, 06 Jul 2022 23:50:02 GMT
expires
0
last-modified
Mon, 27 Jun 2022 18:59:45 GMT
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
2305ecd1fc287b3b2447721b094093a6
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Wed, 06 Jul 2022 23:50:01 GMT
Location
https://developers.google.com/
Server
Google Frontend
X-Cloud-Trace-Context
b6836674c8d6841284dac6989fccc9d6
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:01 GMT
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 07 Jul 2022 00:50:01 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 6800 		566 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fhealthcare.by&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50778d5b4c48ba1d074b14f1f3cdbe29e8d00b4a17a6fd1340fb7c4e7b4c24da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FPQWYI3WB6kPbb9RAOuAYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://healthcare.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FPQWYI3WB6kPbb9RAOuAYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Wed, 06 Jul 2022 23:50:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
settings
syndication.twitter.com/ Frame 7C89 		580 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7e0d8baf2f98635b6168a8d0f5f0a001001d9ee9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=http%3A%2F%2Fhealthcare.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
118
date
Wed, 06 Jul 2022 23:50:01 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 23:50:01 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
ce19f85e0ae74994101e1e446af02e172ddb63e53d49a9886a56f09123785668
content-length
260
cspreport
accounts.google.com/o/ Frame 6800 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-F7KVQi_7iJa57sU_KhuEPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fhealthcare.by&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-F7KVQi_7iJa57sU_KhuEPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 6800 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fhealthcare.by&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 07:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Mon, 20 Jun 2022 18:08:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 07:24:32 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 6800 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fhealthcare.by&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce85c8a7437abf6f187133ca1d2c06047f5cfa01e96e6596fee4a78e3e5efd60
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5527
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 06 Jul 2022 23:50:01 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"48c89a3e2a4f0a74"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 23:50:01 GMT
1
mc.yandex.com/watch/10063810/
Redirect Chain
  • https://mc.yandex.com/watch/10063810?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.com/watch/10063810/1?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Al...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/10063810/1?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1284159896259%3Ahid%3A125357033%3Az%3A0%3Ai%3A20220706235001%3Aet%3A1657151402%3Ac%3A1%3Arn%3A873306502%3Arqn%3A1%3Au%3A1657151402159113588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1657151400693%3Ads%3A42%2C69%2C91%2C5%2C%2C0%2C%2C402%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657151402%3At%3A%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%BE%D0%BE%D1%85%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
035dc2372e69b923c651af9840d4bff2dbc1100ff6cdc99c85c7ba10f92ba680
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 06-Jul-2022 23:50:01 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://healthcare.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 23:50:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 23:50:01 GMT
last-modified
Wed, 06-Jul-2022 23:50:01 GMT
location
/watch/10063810/1?wmode=7&page-url=http%3A%2F%2Fhealthcare.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1284159896259%3Ahid%3A125357033%3Az%3A0%3Ai%3A20220706235001%3Aet%3A1657151402%3Ac%3A1%3Arn%3A873306502%3Arqn%3A1%3Au%3A1657151402159113588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1657151400693%3Ads%3A42%2C69%2C91%2C5%2C%2C0%2C%2C402%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657151402%3At%3A%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%BE%D0%BE%D1%85%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://healthcare.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 23:50:01 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 6800 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ae5b2c86c7e1c4eb9ad5bae6ddb9f82e4f602a00e8d2e71ed59d4d0154f337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19093
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 07:34:40 GMT
button.06b07097969b3b070809511391362bf4.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.06b07097969b3b070809511391362bf4.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 23:50:02 GMT
Content-Encoding
gzip
Age
96936
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2358
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:01:33 GMT
Server
ECS (frb/67C0)
Etag
"e16eea3c764138a15e7eea1bf8c0f316+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.ru.html
platform.twitter.com/widgets/ Frame 0557 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d7fc2fc075c61f6fa34d79a0cbbf1e34.ru.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
e18ab7cd757da1248cd72a61e92d748e3ac8b9f631638b6bb18d982591999f3a

Request headers

Referer
http://healthcare.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
96935
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12608
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 23:50:02 GMT
Etag
"d77ec0a4caf879511411f4a0302408c0+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:38 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fhealthcare.by%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1657151402101%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7e0d8baf2f98635b6168a8d0f5f0a001001d9ee9
Requested by
Host: healthcare.by
URL: http://healthcare.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://healthcare.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 23:50:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Wed, 06 Jul 2022 23:50:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
ce19f85e0ae74994101e1e446af02e172ddb63e53d49a9886a56f09123785668
x-transaction
9149b90cd19d0f83
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/ Frame 0557 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
like.php
www.facebook.com/plugins/ Frame 52CF 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3249fc4d6f8c0c%26domain%3Dhealthcare.by%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fhealthcare.by%252Ffb9769145eba44%26relation%3Dparent.parent&container_width=5&href=http%3A%2F%2Fhealthcare.by%2Findex.php&layout=button_count&locale=en_GB&sdk=joey&send=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=06c9f7c42e16fe7825ec5aeeff2dfa28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://healthcare.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 23:50:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
VIctMaeNLp+yA8863qN2RQrw5RIn2K27SLamxrtwtTwmGWmNwPDtWwncfrVyYvff6rueC0cwj8YIzcObkYHAAg==
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| VK object| gapi object| ___jsl function| AC_FL_RunContent boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_SW_RunContent function| AC_GetArgs function| showHelp string| GoogleAnalyticsObject function| ga object| __twttrll object| twttr object| __twttr object| d object| w object| n string| r number| js number| c number| j number| x string| u number| lt number| h object| t number| f number| cd number| tz undefined| cpu number| ss number| wh number| ww object| s string| q string| a object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter10063810

17 Cookies

Domain/Path Name / Value
.rambler.ru/ Name: ruid
Value: 1CIAAKkfxmKtC30qAYPyeQB=
healthcare.by/ Name: cc
Value: 1
.healthcare.by/ Name: _ga
Value: GA1.2.1246757524.1657151401
.healthcare.by/ Name: _gid
Value: GA1.2.209971677.1657151401
.healthcare.by/ Name: _gat
Value: 1
.vk.com/ Name: hash429
Value: 7qf5B-4i_otw2pYQ3Id0dyqakOis4kEd1XOs17KqJ6aihrQXhos7SqrrOLplyPWjBjhzH-W83xqOafSj3_Wvcaz_oOVryXXYUWZO0MjJpTwuXC75BPM
.healthcare.by/ Name: _ym_uid
Value: 1657151402159113588
.healthcare.by/ Name: _ym_d
Value: 1657151402
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1518316305fake
.healthcare.by/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1605688907fake
.yandex.com/ Name: yandexuid
Value: 3531901201657151401
.yandex.com/ Name: yuidss
Value: 3531901201657151401
mc.yandex.com/ Name: yabs-sid
Value: 1032321821657151401
.yandex.com/ Name: i
Value: AMgD+W8pln6+Mfh/yqfwSC0PKpbuErLyYXghoKOKboQnNHT4gY8d5Jqs2CRCRNKkSKOgZI9XMHPmLQnjvlaqxmTLSio=
.yandex.com/ Name: ymex
Value: 1688687401.yrts.1657151401#1688687401.yrtsi.1657151401
.mail.ru/ Name: VID
Value: 3areUd17NSoB00000e1GL42B:::0-0-0-7e0786a:CAASEFwpxq1fO6TW9I1l5gSWuKEaYPaHwzDUzHPOrF1t_a7I6JfI_nG8I-A-bDhwU9aSwvlFQ-s9SdX9G4dGd5BFCYF9QqR8GLeV357w6jhFQuO-7qN7rFBqoOuvtga83gHqf-G9BHlZ21OhaVzfDBeF6qLsgg

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9691.aH2SDlqQPEENK4Z1upFtIM7J5S-AWynhcxMfKeN-JkeDrAXAQuVVruyuKsH2pEBhkEUNztq9C_k238E-4XkC-g%2C%2C.yYnDsHs-JM9q6EcXIK1i81HgMpA%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adlik.akavita.com
apis.google.com
bs.yandex.ru
connect.facebook.net
counter.rambler.ru
developers.google.com
healthcare.by
mc.yandex.com
mc.yandex.ru
platform.twitter.com
ssl.gstatic.com
syndication.twitter.com
top-fwz1.mail.ru
top.list.ru
top100-images.rambler.ru
vk.com
vkontakte.ru
www.facebook.com
www.google-analytics.com
104.244.42.136
176.9.60.211
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200d
2a00:1450:4014:80f::200e
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
80.94.167.110
81.19.89.1
81.19.89.16
87.240.139.194
87.240.190.78
95.163.52.67
035dc2372e69b923c651af9840d4bff2dbc1100ff6cdc99c85c7ba10f92ba680
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
1077ed95e39d1bf7ecae2d562e08e3af93f21b375a5488d10ef671c1f2ed23c6
1ac1917fcedacb2df5ec0a0e1bc14b29619d228ec5a6bf8c58672d2a829340eb
2c5c60b3896f365d341e416a2184dc90e552010c52c7ed92e776bcf1d29e29d7
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
3937c136a4f230a923b5202d2018e960e72e7797c817e54db32634365ca3bbc7
4490f013f99057db68cee20af570564a53a40c408faee2a918840405c1774e61
45ccc36aa4c7f6a946f0305b0ec660e40a42d69ee7b8b7f90672498c774f8c35
4892b8007e3843058a78f4cdd9e3dc26bc6659b0bfbba86934d9cada99fc3371
500f15639a51754039ad5502821697a68523fd6cbaf395f92cc75f8530b5839b
50778d5b4c48ba1d074b14f1f3cdbe29e8d00b4a17a6fd1340fb7c4e7b4c24da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f888c6baa09c86ab30b783a430310b00797bd7a6871cac7ae0a350649975974
6e0a8c8d899c3a0a28219d8d7668ef0256652eee1bb63b5d96ba52cd3e18f03c
72e12dbdf822b7431d4b532228ef0d5e3d1a50cc387c3dda5f56b1fc428b1c74
81ae5b2c86c7e1c4eb9ad5bae6ddb9f82e4f602a00e8d2e71ed59d4d0154f337
82f188e2354dba0ac8c3067f4f3991093cf65f631b975c935e6cd877c364d3c8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
89b63bfa44b197ac4bb1ee54611f19af852416c8d8eee83417c51950fdf92cdd
8ac5c0368e0bcc03ee5c494aa8e0d267ce74d0bcb17e9e2a3d7025439cd6374a
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04bb6b5cd38dbcd9656e6cc9ca634ada211a6ccb5400d7410479600b42a5b26
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6ab64f9a74a54dacea7fefaaed0fb78f286b81976ad848d38a5e6bf76bce2e6
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c41da44013f0e258f2518910b3eec8479929f4b99c791fcc1fe6b644a088f9b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ce85c8a7437abf6f187133ca1d2c06047f5cfa01e96e6596fee4a78e3e5efd60
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
dd4af212d2dce74565cb3360308141d23548e15a5a23d9a49c9cab69b55d95de
e18ab7cd757da1248cd72a61e92d748e3ac8b9f631638b6bb18d982591999f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee9168df7a4a7233767630663c79810369a4153a859ad69619dc485688857fa
ef00b83e79c88c8ef4101f46fb568fa1f9fffa599fa04d5e15558c3a5d520d61
f25ad4beff538c23280d7ac6b8fd22406657a07a772304eeaa47caa64d2edac1