urlscan.io logo urlscan.io
SecurityTrails logo

portal.veteranmedicalgroupinc.com Open in urlscan Pro
159.89.196.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.dss-servicesllc.com/
Effective URL: https://portal.veteranmedicalgroupinc.com/login
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 159.89.196.118, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is portal.veteranmedicalgroupinc.com.
TLS certificate: Issued by R3 on October 5th 2022. Valid for: 3 months.
This is the only time portal.veteranmedicalgroupinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 159.89.196.118 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
234 KB
7 veteranmedicalgroupinc.com
portal.veteranmedicalgroupinc.com
2 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
869 B
1 dss-servicesllc.com
www.dss-servicesllc.com
511 B
19 4
Domain Requested by
11 cdnjs.cloudflare.com portal.veteranmedicalgroupinc.com
7 portal.veteranmedicalgroupinc.com portal.veteranmedicalgroupinc.com
1 fonts.googleapis.com portal.veteranmedicalgroupinc.com
1 www.dss-servicesllc.com 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
portal.veteranmedicalgroupinc.com
R3		 2022-10-05 -
2023-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.veteranmedicalgroupinc.com/login
Frame ID: 4B1268DF8AE3E80B23AD8D2751052EF6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VMG | Training Portal

Page URL History Show full URLs

  1. https://www.dss-servicesllc.com/ HTTP 302
    https://portal.veteranmedicalgroupinc.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

1938 kB
Transfer

2947 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dss-servicesllc.com/ HTTP 302
    https://portal.veteranmedicalgroupinc.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
portal.veteranmedicalgroupinc.com/
Redirect Chain
  • https://www.dss-servicesllc.com/
  • https://portal.veteranmedicalgroupinc.com/login
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.32
Resource Hash
be1cd4f5b3ec4d7ec9480449f71b94053d89124e81a818f62c47813eb38a6b3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-store, max-age=0, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 09:54:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.32

Redirect headers

Cache-control
no-store, max-age=0, no-cache
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 09:54:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://portal.veteranmedicalgroupinc.com/login
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.32
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 09:54:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Oct 2022 09:54:33 GMT
materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/ 		139 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1854031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17475
last-modified
Mon, 04 May 2020 16:12:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efe-22a11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1LgaaSlCbqbq8U7KU2ycP3zRigrdkGgtdkk0E64oBsJwaU%2F%2FPZH86mSnoosJpSuf7%2Fbb%2BSML%2BxQ9VsOonqxfJLOIp2%2BvNNMAXcfZmYVLeEJqG0ndbbAy4HpRJwRY2SQXoARl8slnexRmWD3sksq729W"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fff3f9273-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
cropper.min.css
cdnjs.cloudflare.com/ajax/libs/cropperjs/1.5.9/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cropperjs/1.5.9/cropper.min.css
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ed0ebf9b7ea67d5f554f0ad8ac76f6927f4f2c5800dd8a9c7eea0b8fef8961
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.veteranmedicalgroupinc.com/
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1858592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1050
last-modified
Thu, 10 Sep 2020 16:45:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5a5844-e9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHqhtgWlkUk1x6Hjf4k0mjVw3GJaKYjLii%2B8mL%2FboIv8sEN5pUAQShDKtulmKxI5WuVPuD51qKrxswyNmMTnc6foxOGeLj3ccL%2Bh9LLg0B9QBgcBIhmm8lzgRUeP4A8vCgyAztDq9BXtE%2FQ4eZ%2FyiTru"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbd79b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.veteranmedicalgroupinc.com/
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
134674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10472
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFqnCThYIyCv4ZKKW2UycfxH3NmJsoX%2FK%2BNn219KhmQSznapOonE9cyxgWJUPX5xJcSTg5HH9idO91cENSWlqQlBOGXoEhB5RwSr2ZqIcoFM8dP4XHSQRs%2BRScZpT5k6tBMSsEFb6FzalXPmOlDkWLzl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbda9b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
material-components-web.min.css
cdnjs.cloudflare.com/ajax/libs/material-components-web/7.0.0/ 		316 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-components-web/7.0.0/material-components-web.min.css
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ed988dd4cf8d1accb48fdf8591ce502e5af1534984bec9f9a7f352d5f2357c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.veteranmedicalgroupinc.com/
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22394
last-modified
Tue, 23 Jun 2020 19:14:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef2548f-4f040"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUFW3Y5DPjF7fIxUK0AniYWIDqsbRpAgo7P3WHYkm2EbESnq1XB%2B97iHFeDJDzXslU0yR2Gc5v8%2FSR%2Fh3xdjkoVmcsH802t7RmF6N5ps1Me2mBhWWefzNV7lboHQeqBtAVyb1txYNnND%2FzBIKOlNJXwn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbdf9b64-FRA
expires
Wed, 04 Oct 2023 09:54:34 GMT
pdf_viewer.min.css
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/pdf_viewer.min.css
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ecabfdffd3ab01b5e941b6569244bcab31f6fd5b2148ddff4ae3203a4a28814
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2284
last-modified
Sat, 02 Oct 2021 17:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61589103-8ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVRoUsiEC3RFYqqeyAl6FmOdcfKsyxo%2BDup2oiB1dtMDt%2BtC%2FNXEnu0brRjrgd%2B%2B0rTDKkSfHT%2BfBiR9AIXhpW5G6tVTa%2B%2FCr0SKxaAtB%2FU8KIvlLnOuNt3bm%2F8SYwEZLyOEzAGGcvD6BzmmyNxObOtr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbdb9b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
main.css
portal.veteranmedicalgroupinc.com/assets/css/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.veteranmedicalgroupinc.com/assets/css/main.css?time=1665741273
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce57ca5183f7c5afd70d0485214a66bb13e96b5435cffd4697f47a84a79cd933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:33 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-38f5"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14581
logo.png
portal.veteranmedicalgroupinc.com/assets/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.veteranmedicalgroupinc.com/assets/img/logo.png
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
39df987cd3a923c324cdab337c467eb712f0859ccc32d0d4b6bb87642b320f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:33 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-52d6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21206
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4373566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1P1onBYZcN4Qk8V1pQuCtdSxdp3jbtq4mggb9w96eApua5xXzK1l0TRl%2BZWN1oUxZbuj6P2hXFnMllm%2BhWApdnYAmnoS5CTf1JJDAywl6%2BOGhv7KRjjt2iC05OH7h5bGBx1LXq53w5sGabiDDM%2BOTMX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fff409273-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
materialize.min.js
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/ 		177 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
624730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36877
last-modified
Mon, 04 May 2020 16:12:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efe-2c375"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtHuS%2FsGpayt7OA8SVg3sj7xeAzYkLzWBUAl5Vg2ewtJma9BD0AsxkUBD0TIDpwkdB0k6ByBgCQt0sw4Vs1xjQLozO1ATBWMCYdrGdwCGQ8Gffk4rWl8OyrTvRw3AAJc86L%2BLFRuYlFolSMTsFz6Yw%2Bm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fff439273-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
jquery.dataTables.min.js
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.21/js/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.21/js/jquery.dataTables.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.veteranmedicalgroupinc.com/
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
20702958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25812
last-modified
Wed, 08 Jul 2020 10:30:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f05a03b-14aa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FcOmmMiuIjyhErDsBEauDt0p4fFtTJFQrWGtK2TFeqj2G4yGGpotr7BdFBwawqogsDnQ6vX%2BwmTl7R62bROZt0uJX9l4XkxZiMlT2R6lk9%2BiPMbYIAXE4v7poS1dOpZ3sU4tmYW3DLy8GMedD8dOh47"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbe59b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
pdf.min.js
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/ 		225 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/pdf.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a2479a99e7fb9d92dad6f018ae4b929167acfb0301eeb3cba1f8bf6ab1abb3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11569014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52063
last-modified
Sat, 02 Oct 2021 17:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61589103-cb5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrvvetBCRMA4eewPQMA5XS8yZN551jOwepxmsh9sphUalk%2FHsXLOT7bxfjek7EuaVJqz7NzJe8r3%2FcfNmUhqDL1isfJYkZnso0AKPm2zIY12ooDb7AxBhTm8suuB2zGfArya4UP6PaIHVI16CYQm8oxq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbe79b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
pdf_viewer.min.js
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/ 		105 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.11.338/pdf_viewer.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c090737b051aad250e6194c2168724bbd3e4299626111e52fd99239421d6cc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
91177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26934
last-modified
Sat, 02 Oct 2021 17:04:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61589103-6936"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8dvdb0ltoCpo%2B7gYOQydYHklLjlI5RwBnL6POEHxVTsIMEIdsqH5xT0RE6zhtZykq%2FVBenSY4kME1djIYxer8WtjqI%2FYen7prQZul86vdw5NFjlMvuU0Wicb1%2FKr22KmWafDRRLysr2ygoyJuojoneS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbe89b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
cropper.min.js
cdnjs.cloudflare.com/ajax/libs/cropperjs/1.5.9/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cropperjs/1.5.9/cropper.min.js
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92001487af08fb9e0320c1564cb99e8771bd2fc84bf37fb0f43c3120732a50cf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.veteranmedicalgroupinc.com/
Origin
https://portal.veteranmedicalgroupinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 09:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
22643580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10803
last-modified
Thu, 10 Sep 2020 16:45:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5a5844-91e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=091w%2FTxZc3v8kDfCKbTng8TYXGtBqTF3Zy2SLuSyOUtThgj1CG3g43NhEiPkaH3Prb9ks%2FpbeSvMszbXL2uoY%2Fp9vOiJSBrIcj5IV931%2FB1OBqyjy68vlIzR0%2F4NF%2FxAXdRXOu7lM5GByeWu0tl5uycZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759f6f2fbbea9b64-FRA
expires
Wed, 04 Oct 2023 09:54:33 GMT
main.js
portal.veteranmedicalgroupinc.com/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.veteranmedicalgroupinc.com/assets/js/main.js?time=1665741273
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
24b1908f060774a70075c0b2debc8eb2c6a13ed047ab317ae6f9b40c19cf1142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:33 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-c06"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3078
avatar.js
portal.veteranmedicalgroupinc.com/assets/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.veteranmedicalgroupinc.com/assets/js/avatar.js?time=1665741273
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
83ed108876f08e1465e3e8b0ec391cfc93464ca4c9e07e5dd3dda31dd9e51892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:33 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-122f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4655
login.js
portal.veteranmedicalgroupinc.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.veteranmedicalgroupinc.com/assets/js/login.js?time=1665741273
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
42ec261c4f628aa0c7e26c943440c4a1fa0bdb05ccb147d0a63cd1b4c2741bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:33 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-42f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1071
background-provider.png
portal.veteranmedicalgroupinc.com/assets/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.veteranmedicalgroupinc.com/assets/img/background-provider.png
Requested by
Host: portal.veteranmedicalgroupinc.com
URL: https://portal.veteranmedicalgroupinc.com/assets/css/main.css?time=1665741273
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.196.118 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8ce87f4042929fa725042aab3b31b818c664f0e9a9e031a4871d5418338af8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.veteranmedicalgroupinc.com/assets/css/main.css?time=1665741273
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 09:54:34 GMT
Last-Modified
Thu, 06 Oct 2022 00:11:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"633e1d20-19df8e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1695630

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves object| pdfjsLib object| pdfjs-dist/build/pdf object| pdfjsViewer object| pdfjs-dist/web/pdf_viewer function| Cropper function| base_url function| toast function| validate_form function| delay function| initialize_cropper function| destroy_cropper function| get_avatars function| save_avatar

2 Cookies

Domain/Path Name / Value
www.dss-servicesllc.com/ Name: ci_session
Value: k8hc4ntoas7c994pcqogku4g63g460gb
portal.veteranmedicalgroupinc.com/ Name: ci_session
Value: vh2cb2to7jssk4nit0a8b7dtielvuirr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
portal.veteranmedicalgroupinc.com
www.dss-servicesllc.com
159.89.196.118
2606:4700::6811:180e
2a00:1450:4001:806::200a
20c090737b051aad250e6194c2168724bbd3e4299626111e52fd99239421d6cc
24b1908f060774a70075c0b2debc8eb2c6a13ed047ab317ae6f9b40c19cf1142
39df987cd3a923c324cdab337c467eb712f0859ccc32d0d4b6bb87642b320f15
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
42ec261c4f628aa0c7e26c943440c4a1fa0bdb05ccb147d0a63cd1b4c2741bff
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
6ecabfdffd3ab01b5e941b6569244bcab31f6fd5b2148ddff4ae3203a4a28814
79ed988dd4cf8d1accb48fdf8591ce502e5af1534984bec9f9a7f352d5f2357c
83ed108876f08e1465e3e8b0ec391cfc93464ca4c9e07e5dd3dda31dd9e51892
8ce87f4042929fa725042aab3b31b818c664f0e9a9e031a4871d5418338af8a0
92001487af08fb9e0320c1564cb99e8771bd2fc84bf37fb0f43c3120732a50cf
b4ed0ebf9b7ea67d5f554f0ad8ac76f6927f4f2c5800dd8a9c7eea0b8fef8961
be1cd4f5b3ec4d7ec9480449f71b94053d89124e81a818f62c47813eb38a6b3c
c2a2479a99e7fb9d92dad6f018ae4b929167acfb0301eeb3cba1f8bf6ab1abb3
ce57ca5183f7c5afd70d0485214a66bb13e96b5435cffd4697f47a84a79cd933
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60