urlscan.io logo urlscan.io
SecurityTrails logo

covidtomsk.ru Open in urlscan Pro
217.18.135.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--b1aelgdlkd2ah.xn--p1ai/
Effective URL: https://covidtomsk.ru/
Submission Tags: falconsandbox
Submission: On May 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 217.18.135.170, located in Tomsk, Russian Federation and belongs to DIN-AS Tomsk, Russia, RU. The main domain is covidtomsk.ru.
TLS certificate: Issued by R3 on April 27th 2021. Valid for: 3 months.
This is the only time covidtomsk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 217.18.135.170 15759 (DIN-AS Tomsk)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:1b:... 54113 (FASTLY)
3 7 2a02:6b8::1:119 13238 (YANDEX)
8 2a00:1450:400... 15169 (GOOGLE)
29 6
15    217.18.135.170 (Tomsk, Russian Federation)

ASN15759 (DIN-AS Tomsk, Russia, RU)
PTR: er.mis.zdrav.tomsk.gov.ru
xn--b1aelgdlkd2ah.xn--p1ai
covidtomsk.ru
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
8    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
13 covidtomsk.ru covidtomsk.ru
8 fonts.gstatic.com fonts.googleapis.com
5 mc.yandex.com 2 redirects covidtomsk.ru
2 mc.yandex.ru 1 redirects covidtomsk.ru
2 cdn.jsdelivr.net covidtomsk.ru
2 fonts.googleapis.com covidtomsk.ru
2 xn--b1aelgdlkd2ah.xn--p1ai 2 redirects
29 7

This site contains links to these domains. Also see Links.

Domain
tabletka.online
tomsk.gov.ru
zdrav.tomsk.ru
rubius.com
Subject Issuer Validity Valid
covidtomsk.ru
R3		 2021-04-27 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covidtomsk.ru/
Frame ID: DAD62498CFF1E18CD817CC608879382E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xn--b1aelgdlkd2ah.xn--p1ai/ HTTP 301
    https://xn--b1aelgdlkd2ah.xn--p1ai/ HTTP 301
    https://covidtomsk.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

100 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

3292 kB
Transfer

3456 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--b1aelgdlkd2ah.xn--p1ai/ HTTP 301
    https://xn--b1aelgdlkd2ah.xn--p1ai/ HTTP 301
    https://covidtomsk.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9287.-B7uJlne5c4joTwk_AJWaWNl9mK07Yeedj1tMTuswc8Ik46FIOWTOmEWUzqEx0jh.fA-QZikeWGrBbJ9zzJTeCqv8ihE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9287.CFS2ET_wvyQ23iq2gOntuA1JabUIJDbmOo-p_5VuPJCgIKGZY4YlCVjZEpCxvlZ4Fxvs2EJVk580zNBeYE9bJA%2C%2C.RmDFReD1g_rdz-60EtmV9TwOGKQ%2C
Request Chain 26
  • https://mc.yandex.com/watch/76181887?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1000671797713%3Ahid%3A451833267%3Az%3A120%3Ai%3A20210528124552%3Aet%3A1622198753%3Ac%3A1%3Arn%3A722186797%3Au%3A1622198753910001551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622198750507%3Ads%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622198753%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D1%8E%20%D0%B2%D1%80%D0%B0%D1%87%D0%B0%20%D0%BF%D0%BE%20COVID-19%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/76181887/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1000671797713%3Ahid%3A451833267%3Az%3A120%3Ai%3A20210528124552%3Aet%3A1622198753%3Ac%3A1%3Arn%3A722186797%3Au%3A1622198753910001551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622198750507%3Ads%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622198753%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D1%8E%20%D0%B2%D1%80%D0%B0%D1%87%D0%B0%20%D0%BF%D0%BE%20COVID-19%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covidtomsk.ru/
Redirect Chain
  • http://xn--b1aelgdlkd2ah.xn--p1ai/
  • https://xn--b1aelgdlkd2ah.xn--p1ai/
  • https://covidtomsk.ru/
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
7e8414a6e40ce1b839d94d4db0ae7a8da002e1604e53c1bbafec39f5e40a763f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Host
covidtomsk.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Fri, 28 May 2021 10:45:51 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=15552000;

Redirect headers

Server
nginx
Date
Fri, 28 May 2021 10:45:51 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://covidtomsk.ru/
Strict-Transport-Security
max-age=15552000;
css2
fonts.googleapis.com/ 		8 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e26892b2736c82171e10cf7325fdc8627423517c96f0e12877de14ed63e8b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 May 2021 09:30:53 GMT
server
ESF
date
Fri, 28 May 2021 10:45:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 May 2021 10:45:51 GMT
icon
fonts.googleapis.com/ 		568 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b95b3cf0439813fbdb3b96435627d3cb9bd1ab3cc1a4a4ffbb9d643ce59157b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 May 2021 10:45:51 GMT
server
ESF
date
Fri, 28 May 2021 10:45:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 May 2021 10:45:51 GMT
suggestions.min.css
cdn.jsdelivr.net/npm/suggestions-jquery@20.2.3/dist/css/ 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/suggestions-jquery@20.2.3/dist/css/suggestions.min.css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f99b10cdc8569f997f87f1089082ea1f54f5ae3abf96ab2be30f9523a8eba899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
552474
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
704
etag
W/"82b-G8OT5ais6EA3CCJhuFNDgE8oslI"
x-served-by
cache-fra19154-FRA, cache-hhn4066-HHN
date
Fri, 28 May 2021 10:45:51 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
select2.min.css
cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/select2.min.css
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4264939
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1994
etag
W/"3a76-rlc1Vi+qvRotmAO7179MUCteT1E"
x-served-by
cache-fra19156-FRA, cache-hhn4066-HHN
date
Fri, 28 May 2021 10:45:51 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
vendors.css
covidtomsk.ru/dist/ 		322 KB
322 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/dist/vendors.css?v=qBoNBwbCaG9Avt4ZpQnpiJWCnwb-fzACkpfgM9gxBY0
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
a81a0d0706c2686f40bede19a509e98895829f06fe7f30029297e033d831058d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717acf403c"
Strict-Transport-Security
max-age=15552000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
329404
main.css
covidtomsk.ru/dist/ 		40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
abfe8638b62c4e119230f6f99d3975fd4056f7250eb4467e4ac05f6805de17c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717acad986"
Strict-Transport-Security
max-age=15552000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40710
logo.png
covidtomsk.ru/dist/assets/logos/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/logos/logo.png
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
ac7df4fd8a9be439d68208e7772866048ff57f8b6ee65304a603795c0e9e809d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca649a"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8730
covid.svg
covidtomsk.ru/dist/assets/logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/logos/covid.svg
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
538f906a248736178faa77a0f0274cda138c2a1018cef23021ede04762da1dfe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca6c65"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10981
ato.svg
covidtomsk.ru/dist/assets/logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/logos/ato.svg
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
c27fe7ff7a807371b657bdfc9ed89be025174ddd328cd0bc97c22adfdf9a04f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca055b"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17371
department.png
covidtomsk.ru/dist/assets/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/logos/department.png
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
d913355a369ab8d59f04714922ead42a628bbebcd750c097d9d1353fed6eec1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca51ef"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5999
rubius.png
covidtomsk.ru/dist/assets/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/logos/rubius.png
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
1c0889fd842b6bf814778bd7a06eefa481e0a40a70d1146fdaef67b578406b32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca424d"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1229
bundle.js
covidtomsk.ru/dist/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/dist/bundle.js?v=eGJSt2R7lGJPYNBKaURnJmDrI0bZ_-zn_3vJDDskeWQ
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
786252b7647b94624f60d04a6944672660eb2346d9ffece7ff7bc90c3b247964
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca762d"
Strict-Transport-Security
max-age=15552000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12461
vendors.js
covidtomsk.ru/dist/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/dist/vendors.js?v=VPCQaPSmY0wVSc38tavJmlq2C2S720Rfs7KAeCbESh8
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
54f09068f4a6634c1549cdfcb5abc99a5ab60b64bbdb445fb3b2807826c44a1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://covidtomsk.ru/
Connection
keep-alive
Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717ad52cf4"
Strict-Transport-Security
max-age=15552000;
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2058868
tag.js
mc.yandex.ru/metrika/ 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:45:52 GMT
content-encoding
br
last-modified
Wed, 26 May 2021 12:18:34 GMT
etag
"60ae3a7b-11182"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70018
expires
Fri, 28 May 2021 11:45:52 GMT
hero-bg-cmp.jpg
covidtomsk.ru/dist/assets/ 		628 KB
628 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/hero-bg-cmp.jpg
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
e8fc79cf5e5e2a9c2179a56e34de66cc7128871f2ab09a59c7ace33db869af19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
Connection
keep-alive
Referer
https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717ac39691"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643089
covid-bg.png
covidtomsk.ru/dist/assets/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covidtomsk.ru/dist/assets/covid-bg.png
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
b6bb37194ee35ee6807ea4fea23da254e29545ae94ad689e99271f140717de6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
Connection
keep-alive
Referer
https://covidtomsk.ru/dist/main.css?v=q_6GOLYsThGSMPb5nTl1_UBW9yUOtEZ-SsBfaAXeF8Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:52 GMT
Last-Modified
Wed, 21 Apr 2021 05:45:05 GMT
Server
nginx
ETag
"1d736717aca1106"
Strict-Transport-Security
max-age=15552000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22406
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b59243b888f4f08b84275c7f5843959525f744cfa586af9f94e6e916663772e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 23:40:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
299094
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Tue, 24 May 2022 23:40:58 GMT
JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 01:56:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:08 GMT
server
sffe
age
290933
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12228
x-xss-protection
0
expires
Wed, 25 May 2022 01:56:59 GMT
JTURjIg1_i6t8kCHKm45_ZpC3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3g3D_u50.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8196be678c526d8daccd9db5d7c03532a16b0e6261351b2acf8377f6111a5b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 10:03:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:58 GMT
server
sffe
age
434532
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12376
x-xss-protection
0
expires
Mon, 23 May 2022 10:03:40 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
455662
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 23 May 2022 04:11:30 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v15/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:43:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
68516
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12196
x-xss-protection
0
expires
Fri, 27 May 2022 15:43:56 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
218500
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 25 May 2022 22:04:12 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
age
434534
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
expires
Mon, 23 May 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_bZF3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v15/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3g3D_u50.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88238ba9ddb1bc1d0f5075399928eefe3b6428e99e5cf83b80a5584eec9ad40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://covidtomsk.ru
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:44:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:57 GMT
server
sffe
age
68500
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12352
x-xss-protection
0
expires
Fri, 27 May 2022 15:44:12 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9287.-B7uJlne5c4joTwk_AJWaWNl9mK07Yeedj1tMTuswc8Ik46FIOWTOmEWUzqEx0jh.fA-QZikeWGrBbJ9zzJTeCqv8ihE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9287.CFS2ET_wvyQ23iq2gOntuA1JabUIJDbmOo-p_5VuPJCgIKGZY4YlCVjZEpCxvlZ4Fxvs2EJVk580zNBeYE9bJA%2C%2C.RmDFReD1g_rdz-60EtmV9TwOGKQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9287.CFS2ET_wvyQ23iq2gOntuA1JabUIJDbmOo-p_5VuPJCgIKGZY4YlCVjZEpCxvlZ4Fxvs2EJVk580zNBeYE9bJA%2C%2C.RmDFReD1g_rdz-60EtmV9TwOGKQ%2C
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:45:52 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9287.CFS2ET_wvyQ23iq2gOntuA1JabUIJDbmOo-p_5VuPJCgIKGZY4YlCVjZEpCxvlZ4Fxvs2EJVk580zNBeYE9bJA%2C%2C.RmDFReD1g_rdz-60EtmV9TwOGKQ%2C
date
Fri, 28 May 2021 10:45:52 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/76181887/
Redirect Chain
  • https://mc.yandex.com/watch/76181887?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.com/watch/76181887/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
184 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/76181887/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1000671797713%3Ahid%3A451833267%3Az%3A120%3Ai%3A20210528124552%3Aet%3A1622198753%3Ac%3A1%3Arn%3A722186797%3Au%3A1622198753910001551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622198750507%3Ads%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622198753%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D1%8E%20%D0%B2%D1%80%D0%B0%D1%87%D0%B0%20%D0%BF%D0%BE%20COVID-19%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
30362ad3668609d18bb9f7e4bdfa7225bc18e63349069052b1c8bb64a33bdbcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 10:45:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 28-May-2021 10:45:52 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://covidtomsk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Fri, 28-May-2021 10:45:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 May 2021 10:45:52 GMT
last-modified
Fri, 28-May-2021 10:45:52 GMT
location
/watch/76181887/1?wmode=7&page-url=https%3A%2F%2Fcovidtomsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1999%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1000671797713%3Ahid%3A451833267%3Az%3A120%3Ai%3A20210528124552%3Aet%3A1622198753%3Ac%3A1%3Arn%3A722186797%3Au%3A1622198753910001551%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622198750507%3Ads%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A176%2C246%2C211%2C1%2C801%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622198753%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%86%D0%B8%D1%8E%20%D0%B2%D1%80%D0%B0%D1%87%D0%B0%20%D0%BF%D0%BE%20COVID-19%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://covidtomsk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 28-May-2021 10:45:52 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://covidtomsk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:45:53 GMT
last-modified
Wed, 26 May 2021 12:18:34 GMT
etag
"60ae3a7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 28 May 2021 11:45:53 GMT
GetUserRoles
covidtomsk.ru/Admin/ 		548 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://covidtomsk.ru/Admin/GetUserRoles
Requested by
Host: covidtomsk.ru
URL: https://covidtomsk.ru/dist/vendors.js?v=VPCQaPSmY0wVSc38tavJmlq2C2S720Rfs7KAeCbESh8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.18.135.170 Tomsk, Russian Federation, ASN15759 (DIN-AS Tomsk, Russia, RU),
Reverse DNS
er.mis.zdrav.tomsk.gov.ru
Software
nginx /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
covidtomsk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_ym_uid=1622198753910001551; _ym_d=1622198753
Connection
keep-alive
Referer
https://covidtomsk.ru/
Accept
*/*
Referer
https://covidtomsk.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 10:45:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
548
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ym object| webpackChunkato_stop_covid object| Ya object| yaCounter76181887 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| IMask function| JSZip

3 Cookies

Domain/Path Name / Value
.covidtomsk.ru/ Name: _ym_isad
Value: 2
.covidtomsk.ru/ Name: _ym_d
Value: 1622198753
.covidtomsk.ru/ Name: _ym_uid
Value: 1622198753910001551

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
covidtomsk.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
xn--b1aelgdlkd2ah.xn--p1ai
217.18.135.170
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a04:4e42:1b::621
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
1c0889fd842b6bf814778bd7a06eefa481e0a40a70d1146fdaef67b578406b32
1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4
1e26892b2736c82171e10cf7325fdc8627423517c96f0e12877de14ed63e8b07
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
30362ad3668609d18bb9f7e4bdfa7225bc18e63349069052b1c8bb64a33bdbcf
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
538f906a248736178faa77a0f0274cda138c2a1018cef23021ede04762da1dfe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f09068f4a6634c1549cdfcb5abc99a5ab60b64bbdb445fb3b2807826c44a1f
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
786252b7647b94624f60d04a6944672660eb2346d9ffece7ff7bc90c3b247964
7b95b3cf0439813fbdb3b96435627d3cb9bd1ab3cc1a4a4ffbb9d643ce59157b
7e8414a6e40ce1b839d94d4db0ae7a8da002e1604e53c1bbafec39f5e40a763f
8196be678c526d8daccd9db5d7c03532a16b0e6261351b2acf8377f6111a5b7a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
88238ba9ddb1bc1d0f5075399928eefe3b6428e99e5cf83b80a5584eec9ad40d
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
a81a0d0706c2686f40bede19a509e98895829f06fe7f30029297e033d831058d
abfe8638b62c4e119230f6f99d3975fd4056f7250eb4467e4ac05f6805de17c6
ac7df4fd8a9be439d68208e7772866048ff57f8b6ee65304a603795c0e9e809d
b59243b888f4f08b84275c7f5843959525f744cfa586af9f94e6e916663772e2
b6bb37194ee35ee6807ea4fea23da254e29545ae94ad689e99271f140717de6e
c27fe7ff7a807371b657bdfc9ed89be025174ddd328cd0bc97c22adfdf9a04f7
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d913355a369ab8d59f04714922ead42a628bbebcd750c097d9d1353fed6eec1a
e8fc79cf5e5e2a9c2179a56e34de66cc7128871f2ab09a59c7ace33db869af19
f99b10cdc8569f997f87f1089082ea1f54f5ae3abf96ab2be30f9523a8eba899