urlscan.io logo urlscan.io
SecurityTrails logo

covidtomsk.ru Open in urlscan Pro
217.18.135.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://covidtomsk.ru/
Submission: On November 27 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 35 HTTP transactions. The main IP is 217.18.135.170, located in Russian Federation and belongs to DIN-AS Tomsk, Russia, RU. The main domain is covidtomsk.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 13th 2020. Valid for: 3 months.
This is the only time covidtomsk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 217.18.135.170 15759 (DIN-AS Tomsk)
1 2a00:1450:400... 15169 (GOOGLE)
3 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
35 4
Apex Domain
Subdomains		 Transfer
28 covidtomsk.ru
covidtomsk.ru
518 KB
6 yandex.ru
mc.yandex.ru
42 KB
2 yandex.com
mc.yandex.com
583 B
1 gstatic.com
www.gstatic.com
131 KB
1 google.com
www.google.com
742 B
35 5
Domain Requested by
28 covidtomsk.ru covidtomsk.ru
6 mc.yandex.ru 2 redirects covidtomsk.ru
mc.yandex.ru
2 mc.yandex.com 1 redirects
1 www.gstatic.com www.google.com
1 www.google.com covidtomsk.ru
35 5

This site contains links to these domains. Also see Links.

Domain
windows.microsoft.com
mozilla.org
www.google.com
ru.opera.com
www.apple.com
Subject Issuer Validity Valid
er.mis.zdrav.tomsk.gov.ru
Let's Encrypt Authority X3		 2020-11-13 -
2021-02-11		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covidtomsk.ru/
Frame ID: 23DD934CA78AE215C7C3380ACB1FF5D5
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

35
Requests

20 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

691 kB
Transfer

2227 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A292%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A567737093%3Az%3A60%3Ai%3A20201127031353%3Aet%3A1606443234%3Ac%3A1%3Arn%3A96469588%3Arqn%3A1%3Au%3A1606443234838755500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606443232312%3Ads%3A1%2C274%2C167%2C0%2C0%2C0%2C%2C939%2C14%2C%2C%2C%2C1384%3Adsn%3A1%2C273%2C167%2C1%2C0%2C0%2C%2C942%2C13%2C%2C%2C%2C1385%3Ati%3A1%3Ast%3A1606443234 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A292%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A567737093%3Az%3A60%3Ai%3A20201127031353%3Aet%3A1606443234%3Ac%3A1%3Arn%3A96469588%3Arqn%3A1%3Au%3A1606443234838755500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606443232312%3Ads%3A1%2C274%2C167%2C0%2C0%2C0%2C%2C939%2C14%2C%2C%2C%2C1384%3Adsn%3A1%2C273%2C167%2C1%2C0%2C0%2C%2C942%2C13%2C%2C%2C%2C1385%3Ati%3A1%3Ast%3A1606443234
Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9104.F4C8mnMgQHpX4giBXuxoZ42AJLuPQcfy9kKW_-Unu0LXPRw7Sc-1heaO3OZHZGeY.D2Lv8ninTJuwnsdI87kCLo6b1Bo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9104.QrOAr_fdYTpYdK8DCWKNjF_yh3S0b8VtetrxhCZyrw9kUH3xJV-hnqUdyTlLn-6s7DYf_nHLzCSJaaZLq5w1y7j6y52U31ypPEV9rbNMkuE%2C.6EuaDw4g0GlCyZNHzpJvsDmvz70%2C

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
covidtomsk.ru/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
fdf961c3c50d3322644742ff617f1171ef9f49429145c9fc943370b868191092
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Frame-Options SAMEORIGIN

Request headers

Host
covidtomsk.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 27 Nov 2020 02:13:52 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
2990
Connection
keep-alive
Set-Cookie
PHPSESSID=1m95g3g23dp62poctmnemljldh; expires=Fri, 27-Nov-2020 02:37:52 GMT; Max-Age=1440; path=/; HttpOnly PHPSESSID=1m95g3g23dp62poctmnemljldh; expires=Fri, 27-Nov-2020 02:37:52 GMT; Max-Age=1440; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
D3AuthLifetime
1440
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=15552000;
~d3theme
covidtomsk.ru/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~d3theme
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
381d5136f72abaebb1b0ffe48a6bbc90c6559f290fcdb3191ed9cfd1e4c2dc2e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:52 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
26235
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
er_fonts.css
covidtomsk.ru/~Static/ 		1 KB
922 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/er_fonts.css?ctype=text/css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
68e9cb3e4cd8c8cccf80702b8647bf169e4e2442677bfa1debba0ba2c4377db1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
374
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
er_base.css
covidtomsk.ru/~Static/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/er_base.css?ctype=text/css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
9a91263d8b3605257f3e4fe64dfd26409663dfbdbe22ffc46a68f069695245dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
1732
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
er_form_max.css
covidtomsk.ru/~Static/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/er_form_max.css?ctype=text/css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
878849589e78c1f0624d127cb774c21fb5da1790a0daa4fc5debbea92cdf94a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
1171
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
xpath.js
covidtomsk.ru/external/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/xpath.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
384e48152250d23f00101cfb29736edbda6bd6574bad8ac86544dccd4b164c61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"a86f-5ab367787eb64-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
12258
~d3api
covidtomsk.ru/ 		980 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~d3api
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
b021f062b831295f8b23b0059e3ea82153c983e7c7fd69aaefcbc05b220dcb8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000;
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-1.7.2.min.js
covidtomsk.ru/external/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/jquery-1.7.2.min.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
0833f7fb3b82d4fb6fcb8fa537a3fdbcdfa65bc0883b8307a723828ca5b3ce49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"1727d-5ab367787d3f4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
33635
jquery-ui.min.js
covidtomsk.ru/external/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/jquery-ui.min.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
7160f8e5824cc74c8a430043218ea10bbe680c055e10a9bcc18b3b3973cbb1b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"31482-5ab367787dfac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
51730
jquery.notify.min.js
covidtomsk.ru/external/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/jquery.notify.min.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
ffc9d6f23e26b9105dc27a124af707c4faf540c13a9c0048008517769025d99b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"9ea-5ab367787e77c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
1106
jquery.ui.touch-punch.min.js
covidtomsk.ru/external/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/jquery.ui.touch-punch.min.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
a6d57c3617c4fc348fe355578d78028daec8fa3e879db0ebc2196f31403b87be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"4b2-5ab367787e77c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
592
jquery.jswipe.js
covidtomsk.ru/external/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/external/jquery.jswipe.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
0b32d1413c45f4f078d75fc006ddbd5adb9a404bcce0b130ad9e1e54a1b72f49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:05 GMT
Server
nginx
ETag
"523-5ab367787e77c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;
Accept-Ranges
bytes
Content-Length
462
deployJava.js
covidtomsk.ru/~Static/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/deployJava.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
77bcf4b4a590f88e463aee663f0b988585a516033fcfa9fdf65ed1f1a046f8eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
3985
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
er_form.js
covidtomsk.ru/~Static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/er_form.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
b31f7368f58269f14d406945fbe71dce60b63a27092f3710445c94e09b2ab9a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
3184
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
er_form_min.css
covidtomsk.ru/~Static/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/er_form_min.css?ctype=text/css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
36451e37101e6c274c293626101819ba212f846c02d18156a2335195f54dc5ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css;charset=UTF-8
Cache-Control
private, must-revalidate, max-age=3600
Strict-Transport-Security
max-age=15552000;
Content-Length
658
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
background
covidtomsk.ru/~Image/er/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/~Image/er/background
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~Static/er_base.css?ctype=text/css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
eb9122f059eeb40353f16d1c7ce8d2e27c53b62b19d34d8234c245336f943ac2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/~Static/er_base.css?ctype=text/css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:53 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
image/jpg
Cache-Control
private, must-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:53 GMT
api.js
www.google.com/recaptcha/ 		850 B
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c78896aa2332cad7be8eb1777485215b07f69cef8a4394c16ad1ce16c8cdcd43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 02:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Fri, 27 Nov 2020 02:13:53 GMT
getform.php
covidtomsk.ru/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/getform.php?Form=System%2Fmsgs&cache=c4d06ddf69776c1df21d689b69f1233de
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
5ce6c2cadbe68fcf0f847543a92099644ae2ffe200534aeba09abdaaa24e656b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST getform.php HTTP/1.1
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:53 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
FormCacheType
dbe73a3988306b385ee4ad75a67ef41f
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
2299
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
getform.php
covidtomsk.ru/ 		31 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/getform.php?Form=er_terminal%2Fer_main&cache=c4d06ddf69776c1df21d689b69f1233de
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
a3237c6e50632c06bf2ec6d989cb75d58a39c04782a885f3ac83e137b8fa8faf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST getform.php HTTP/1.1
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:53 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
FormCacheType
aef8b28bbaa7651af3d774315e127e1d
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
6331
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
watch.js
mc.yandex.ru/metrika/ 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
739eb262c6ee93d252efe47a447dc43726f4a58f41153517b9d520d2f0f4f938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 02:13:53 GMT
content-encoding
br
last-modified
Thu, 26 Nov 2020 09:14:28 GMT
etag
"5fbf6de7-a079"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
41081
expires
Fri, 27 Nov 2020 03:13:53 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/ 		335 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 01:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1123
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133988
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 01:06:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Nov 2021 01:55:10 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
35 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A292%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A567737093%3Az%3A60%3Ai%3A20201127031353%3Aet%3A1606443234%3Ac%3A1%3Arn%3A96469588%3Arqn%3A1%3Au%3A1606443234838755500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606443232312%3Ads%3A1%2C274%2C167%2C0%2C0%2C0%2C%2C939%2C14%2C%2C%2C%2C1384%3Adsn%3A1%2C273%2C167%2C1%2C0%2C0%2C%2C942%2C13%2C%2C%2C%2C1385%3Ati%3A1%3Ast%3A1606443234
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 02:13:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 27-Nov-2020 02:13:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://covidtomsk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Fri, 27-Nov-2020 02:13:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Nov 2020 02:13:53 GMT
last-modified
Fri, 27-Nov-2020 02:13:53 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A292%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A567737093%3Az%3A60%3Ai%3A20201127031353%3Aet%3A1606443234%3Ac%3A1%3Arn%3A96469588%3Arqn%3A1%3Au%3A1606443234838755500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606443232312%3Ads%3A1%2C274%2C167%2C0%2C0%2C0%2C%2C939%2C14%2C%2C%2C%2C1384%3Adsn%3A1%2C273%2C167%2C1%2C0%2C0%2C%2C942%2C13%2C%2C%2C%2C1385%3Ati%3A1%3Ast%3A1606443234
strict-transport-security
max-age=31536000
access-control-allow-origin
https://covidtomsk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 27-Nov-2020 02:13:53 GMT
request.php
covidtomsk.ru/ 		120 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/request.php?Form=System%2Fmsgs&cache=c4d06ddf69776c1df21d689b69f1233de
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
c6618ffadd9ef6daff39c44357e35699e3ca1c301ad8175831522494c4836d69
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST request.php HTTP/1.1
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:54 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
125
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 02:13:53 GMT
last-modified
Thu, 26 Nov 2020 09:14:28 GMT
etag
"5fbf6de7-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 27 Nov 2020 03:13:53 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9104.F4C8mnMgQHpX4giBXuxoZ42AJLuPQcfy9kKW_-Unu0LXPRw7Sc-1heaO3OZHZGeY.D2Lv8ninTJuwnsdI87kCLo6b1Bo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9104.QrOAr_fdYTpYdK8DCWKNjF_yh3S0b8VtetrxhCZyrw9kUH3xJV-hnqUdyTlLn-6s7DYf_nHLzCSJaaZLq5w1y7j6y52U31ypPEV9rbNMkuE%2C.6EuaDw4g0GlCyZNHzpJvsDmvz70%2C
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9104.QrOAr_fdYTpYdK8DCWKNjF_yh3S0b8VtetrxhCZyrw9kUH3xJV-hnqUdyTlLn-6s7DYf_nHLzCSJaaZLq5w1y7j6y52U31ypPEV9rbNMkuE%2C.6EuaDw4g0GlCyZNHzpJvsDmvz70%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 02:13:54 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9104.QrOAr_fdYTpYdK8DCWKNjF_yh3S0b8VtetrxhCZyrw9kUH3xJV-hnqUdyTlLn-6s7DYf_nHLzCSJaaZLq5w1y7j6y52U31ypPEV9rbNMkuE%2C.6EuaDw4g0GlCyZNHzpJvsDmvz70%2C
date
Fri, 27 Nov 2020 02:13:54 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
logo_gosuslugi
covidtomsk.ru/~FormImage/er_terminal/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/~FormImage/er_terminal/logo_gosuslugi
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
0fca9bf22bbdb120066d57bdbebe62a91a75681e1b09e708913549ca2acc2587
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 25 Jan 2019 04:33:57 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
logo
covidtomsk.ru/~Image/er/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/~Image/er/logo
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
df23097292c38021f02ea137e40435428720b5793ba607a0c835cea6336cc8d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=3600
Connection
keep-alive
Content-Length
6070
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
roboto.woff2
covidtomsk.ru/~Static/Fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/Fonts/roboto.woff2?ctype=font/woff2
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~Static/er_fonts.css?ctype=text/css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
fb0297aa7c51fb762a9690871bf3a202a70d1f170c1392a5af06db9f2e314507
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Origin
https://covidtomsk.ru
Referer
https://covidtomsk.ru/~Static/er_fonts.css?ctype=text/css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
font/woff2
Cache-Control
private, must-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
robotolatin.woff2
covidtomsk.ru/~Static/Fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/~Static/Fonts/robotolatin.woff2?ctype=font/woff2
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~Static/er_fonts.css?ctype=text/css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Origin
https://covidtomsk.ru
Referer
https://covidtomsk.ru/~Static/er_fonts.css?ctype=text/css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
font/woff2
Cache-Control
private, must-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
request.php
covidtomsk.ru/ 		40 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/request.php?Form=er_terminal%2Fer_main&cache=c4d06ddf69776c1df21d689b69f1233de
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
e2b42ce832624424f5c3365b4fc55f071c54086f2fb90970e1331ce6eb008562
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST request.php HTTP/1.1
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:54 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
4207
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
request.php
covidtomsk.ru/ 		129 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/request.php?Form=er_terminal%2Fer_main&cache=c4d06ddf69776c1df21d689b69f1233de
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
64113d664cb61e2ed7f36ca90c3bd5686315a47d126411341955d9d93e963408
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST request.php HTTP/1.1
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:54 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
135
D3AuthLifetime
1440
Expires
Thu, 19 Nov 1981 08:52:00 GMT
28726326
mc.yandex.ru/watch/ 		167 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/28726326?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1525%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A292%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A567737093%3Az%3A60%3Ai%3A20201127031353%3Aet%3A1606443234%3Ac%3A1%3Arn%3A108315505%3Arqn%3A1%3Au%3A1606443234838755500%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606443232312%3Ads%3A1%2C274%2C167%2C0%2C0%2C0%2C%2C939%2C14%2C%2C%2C%2C1384%3Adsn%3A1%2C273%2C167%2C1%2C0%2C0%2C%2C942%2C13%2C%2C%2C%2C1385%3Arqnl%3A1%3Aadb%3A2%3App%3A3629563401%3Ati%3A1%3Ast%3A1606443234%3At%3A%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%82%D1%83%D1%80%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
00aca26d0385f9edb8b01d75648071efc38fd7aa98e4c217ef9f6a4e9e2f7453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 02:13:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 27-Nov-2020 02:13:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://covidtomsk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 27-Nov-2020 02:13:54 GMT
schedule_doctors
covidtomsk.ru/~Image/er/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/~Image/er/schedule_doctors
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
1dcb4a70528e0cad7caca1b7024f32e17e6807a63b54afa6c77de997c086fd66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=3600
Connection
keep-alive
Content-Length
2284
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
private_office
covidtomsk.ru/~Image/er/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/~Image/er/private_office
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
6229bfd248ef04552fbd3c96614c91916c52a8b6188c39859c39d317bd42db42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private
Date
Fri, 27 Nov 2020 02:13:54 GMT
Last-Modified
Fri, 24 Jul 2020 21:15:07 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=3600
Connection
keep-alive
Content-Length
2022
D3AuthLifetime
1440
Expires
Fri, 27 Nov 2020 03:13:54 GMT
request.php
covidtomsk.ru/ 		121 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/request.php?Form=System%2Fmsgs&cache=c4d06ddf69776c1df21d689b69f1233de&SYSREQUEST=1
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/~d3api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 , Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
6d231ccca79e68ac5eccb88eb69579ee9aba778e2e16a32a0e2f49619901ac5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

X-User-Token
7b09f4a117.3362cbebaedac4050c00cabf44ebfa7c
Method
POST request.php HTTP/1.1
formCache
dbe73a3988306b385ee4ad75a67ef41f
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 02:13:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 02:13:56 GMT
Server
nginx
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Strict-Transport-Security
max-age=15552000;
Content-Length
126
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| SYS_current_theme function| D3BROWSERAPI object| D3BROWSER object| D3Api object| MD5 function| TCalendar object| _dynarch_popupCalendar function| $ function| jQuery function| DP_jQuery_1606443233665 object| deployJava object| D3ER object| D3Browser function| checkD3Browser function| loginER object| script object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| Ya object| yaCounter28726326

3 Cookies

Domain/Path Name / Value
.covidtomsk.ru/ Name: _ym_d
Value: 1606443234
.covidtomsk.ru/ Name: _ym_uid
Value: 1606443234838755500
covidtomsk.ru/ Name: PHPSESSID
Value: 1m95g3g23dp62poctmnemljldh

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covidtomsk.ru
mc.yandex.com
mc.yandex.ru
www.google.com
www.gstatic.com
217.18.135.170
2a00:1450:4001:814::2004
2a00:1450:4001:815::2003
2a02:6b8::1:119
00aca26d0385f9edb8b01d75648071efc38fd7aa98e4c217ef9f6a4e9e2f7453
0833f7fb3b82d4fb6fcb8fa537a3fdbcdfa65bc0883b8307a723828ca5b3ce49
0b32d1413c45f4f078d75fc006ddbd5adb9a404bcce0b130ad9e1e54a1b72f49
0fca9bf22bbdb120066d57bdbebe62a91a75681e1b09e708913549ca2acc2587
14a2806a256579773a3680e21459dea7827d002104c6336856e0bef9a39be0c9
1dcb4a70528e0cad7caca1b7024f32e17e6807a63b54afa6c77de997c086fd66
36451e37101e6c274c293626101819ba212f846c02d18156a2335195f54dc5ca
381d5136f72abaebb1b0ffe48a6bbc90c6559f290fcdb3191ed9cfd1e4c2dc2e
384e48152250d23f00101cfb29736edbda6bd6574bad8ac86544dccd4b164c61
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ce6c2cadbe68fcf0f847543a92099644ae2ffe200534aeba09abdaaa24e656b
6229bfd248ef04552fbd3c96614c91916c52a8b6188c39859c39d317bd42db42
64113d664cb61e2ed7f36ca90c3bd5686315a47d126411341955d9d93e963408
68e9cb3e4cd8c8cccf80702b8647bf169e4e2442677bfa1debba0ba2c4377db1
6d231ccca79e68ac5eccb88eb69579ee9aba778e2e16a32a0e2f49619901ac5b
7160f8e5824cc74c8a430043218ea10bbe680c055e10a9bcc18b3b3973cbb1b5
739eb262c6ee93d252efe47a447dc43726f4a58f41153517b9d520d2f0f4f938
77bcf4b4a590f88e463aee663f0b988585a516033fcfa9fdf65ed1f1a046f8eb
878849589e78c1f0624d127cb774c21fb5da1790a0daa4fc5debbea92cdf94a4
9a91263d8b3605257f3e4fe64dfd26409663dfbdbe22ffc46a68f069695245dc
a3237c6e50632c06bf2ec6d989cb75d58a39c04782a885f3ac83e137b8fa8faf
a6d57c3617c4fc348fe355578d78028daec8fa3e879db0ebc2196f31403b87be
b021f062b831295f8b23b0059e3ea82153c983e7c7fd69aaefcbc05b220dcb8a
b31f7368f58269f14d406945fbe71dce60b63a27092f3710445c94e09b2ab9a9
c6618ffadd9ef6daff39c44357e35699e3ca1c301ad8175831522494c4836d69
c78896aa2332cad7be8eb1777485215b07f69cef8a4394c16ad1ce16c8cdcd43
df23097292c38021f02ea137e40435428720b5793ba607a0c835cea6336cc8d4
e2b42ce832624424f5c3365b4fc55f071c54086f2fb90970e1331ce6eb008562
eb9122f059eeb40353f16d1c7ce8d2e27c53b62b19d34d8234c245336f943ac2
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
fb0297aa7c51fb762a9690871bf3a202a70d1f170c1392a5af06db9f2e314507
fdf961c3c50d3322644742ff617f1171ef9f49429145c9fc943370b868191092
ffc9d6f23e26b9105dc27a124af707c4faf540c13a9c0048008517769025d99b