Submitted URL: http://tfoms.med.cap.ru/
Effective URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Submission Tags: state gov ru l4ing sub h8 council Search All
Submission: On August 12 via manual from UA — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 21 HTTP transactions. The main IP is 77.240.146.50, located in Cheboksary, Russian Federation and belongs to ITECH-AS Russia, Cheboksary, RU. The main domain is tfoms.med.cap.ru.
TLS certificate: Issued by R3 on July 17th 2022. Valid for: 3 months.
This is the only time tfoms.med.cap.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 77.240.146.50 42245 (ITECH-AS ...)
3 7 2a02:6b8::1:119 208722 (GLOBAL_DC)
21 3
Apex Domain
Subdomains
Transfer
19 cap.ru
tfoms.med.cap.ru
353 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10493
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3617
56 KB
21 3
Domain Requested by
19 tfoms.med.cap.ru 2 redirects tfoms.med.cap.ru
5 mc.yandex.com 2 redirects tfoms.med.cap.ru
2 mc.yandex.ru 1 redirects tfoms.med.cap.ru
21 3

This site contains no links.

Subject Issuer Validity Valid
tfoms.med.cap.ru
R3
2022-07-17 -
2022-10-15
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh

This page contains 1 frames:

Primary Page: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Frame ID: 7DB3EA92155580D490507D826677F659
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://tfoms.med.cap.ru/ HTTP 301
    https://tfoms.med.cap.ru/ HTTP 302
    https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

21
Requests

90 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

409 kB
Transfer

507 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tfoms.med.cap.ru/ HTTP 301
    https://tfoms.med.cap.ru/ HTTP 302
    https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.h1VmF5t-RKg3gJXCPxqa32KqmFhZb9nxBnufCTIlZA5YQZUYPAPfeCLN_xoM0QiY.Iirf-Vj8Vdhiwq2_FdV_wBARXGM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9728.rTHXsU-mlH0I9BbWiL3nMkpBMEzlPDs80qoqQ1vD_dwg14q_H992kWEnSCkf3618uQkT32uxTS0xa0lRzk0_bA%2C%2C.gqI8tEZ6S6MxwoVV0Psed0_r6uM%2C
Request Chain 20
  • https://mc.yandex.com/watch/34625425?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A1498%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A1483106930118%3Ahid%3A8179528%3Az%3A0%3Ai%3A20220812144528%3Aet%3A1660315529%3Ac%3A1%3Arn%3A164088929%3Arqn%3A1%3Au%3A1660315529553551059%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660315526454%3Ads%3A0%2C0%2C186%2C3%2C828%2C0%2C%2C847%2C0%2C%2C%2C%2C1864%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660315529%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20-%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%A2%D0%A4%D0%9E%D0%9C%D0%A1&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/34625425/1?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A1498%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A1483106930118%3Ahid%3A8179528%3Az%3A0%3Ai%3A20220812144528%3Aet%3A1660315529%3Ac%3A1%3Arn%3A164088929%3Arqn%3A1%3Au%3A1660315529553551059%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660315526454%3Ads%3A0%2C0%2C186%2C3%2C828%2C0%2C%2C847%2C0%2C%2C%2C%2C1864%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660315529%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20-%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%A2%D0%A4%D0%9E%D0%9C%D0%A1&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
tfoms.med.cap.ru/Account/
Redirect Chain
  • http://tfoms.med.cap.ru/
  • https://tfoms.med.cap.ru/
  • https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
7 KB
8 KB
Document
General
Full URL
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7ed33ae2282462fba0d084f2b7229aeeaa87d6f8c5794a91af0d0e5ea6c87fd2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
7365
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 14:48:50 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
145
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 14:48:50 GMT
Location
/Account/Login?ReturnUrl=%2f
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
css
tfoms.med.cap.ru/Content/
138 KB
139 KB
Stylesheet
General
Full URL
https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3b236eba9d909ac40301bca71bb7ebdfa6cc3d0cb4e734be28733033790e83b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:50 GMT
Last-Modified
Fri, 12 Aug 2022 14:48:51 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
141595
Expires
Sat, 12 Aug 2023 14:48:51 GMT
f1.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
570 B
885 B
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/f1.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fa05e990e5e352a9a09e92af17770f31d11046c5e125040e6c0a76940ab1c1dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
570
f2.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
698 B
1013 B
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/f2.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e7c847a3f2cc4fcc1b3a4e2c7638c8c31876e9b6690bd6f729ac8004c715c852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
698
f3.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
804 B
1 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/f3.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
aef751d34bde2281cb563163bd785c6e553cb8ff80e4ff7b6721fcc1b5f80e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
804
a1.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
1 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/a1.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a378b9473c119bd3b627cfda542a1b7bc708a4d9a9eb43e1a0d7720db32bf8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1139
a2.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
1 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/a2.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7d328dba84a279b61aed0236df725a943fb2ca0aa6488f3dab1ec3767861903e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1209
a3.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
2 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/a3.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e7d5d45c93a6ef9f02d574b469cb6b3ca6bcb284007d52f8e3af355d29d323e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1279
c1.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
2 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/c1.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
985a659d3d7e29f0f0620c93c0477e677fdc4e9b3bd10b4d096ff402bd9a087f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1457
c2.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
1 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/c2.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8954526ddc72de57e13811a3c19e51330d9e417f2904c838d4fd8742c22068ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1131
c3.png
tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/
1 KB
1 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Content/cecutient/img/sand-blind-panel/c3.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4620cb303eb0fb241c50bffeb92b8504987c3249f816eebf952d3b8d3024e576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:24 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a2bb181cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1038
esia-logo.png
tfoms.med.cap.ru/Images/
5 KB
5 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Images/esia-logo.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
29e009523e60879d476c226f52a556af9655906f6c4b120c5c81adea0770b9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:28 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0648db381cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4686
jquery
tfoms.med.cap.ru/bundles/
84 KB
85 KB
Script
General
Full URL
https://tfoms.med.cap.ru/bundles/jquery?v=tM7sBY5D-DIWHn61FAscLi2oiu1l1yS8NveURT-p-Ac1
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ec89bb40942469fda687a653edb54dd0561ce83ad812755d481faf11a93d1bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 12 Aug 2022 14:48:51 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
86376
Expires
Sat, 12 Aug 2023 14:48:51 GMT
common
tfoms.med.cap.ru/bundles/
43 KB
44 KB
Script
General
Full URL
https://tfoms.med.cap.ru/bundles/common?v=XseF_dL5F_irrOpeRCg8vFk5qN1ZNefT4MJCsBoYB6g1
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
260b0a0f7da9050e6d3d78634d2904d4fb9dedcaf03017e04cf4033e6a27e798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 12 Aug 2022 14:48:51 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
44541
Expires
Sat, 12 Aug 2023 14:48:51 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25f7c55d2cd9de133edfa7bad8680989f7e35f1766aae7ae28a420a82264f947

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
logo.png
tfoms.med.cap.ru/Images/
8 KB
8 KB
Image
General
Full URL
https://tfoms.med.cap.ru/Images/logo.png
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0d4fc246dcc9a0cde44ffb94bfc41307061702b58a00af728051360e8b389def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:28 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0648db381cd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8074
exo_2_700-webfont.woff2
tfoms.med.cap.ru/fonts/
26 KB
26 KB
Font
General
Full URL
https://tfoms.med.cap.ru/fonts/exo_2_700-webfont.woff2
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1b8a8abcdcc50edb827f9855e40cf04ea6d372035ce28cffb89d33f394fc86c8

Request headers

Referer
https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Origin
https://tfoms.med.cap.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:28 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0648db381cd51:0"
Content-Type
font/x-woff2
Accept-Ranges
bytes
Content-Length
26336
exo_2_regular-webfont.woff2
tfoms.med.cap.ru/fonts/
26 KB
26 KB
Font
General
Full URL
https://tfoms.med.cap.ru/fonts/exo_2_regular-webfont.woff2
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.240.146.50 Cheboksary, Russian Federation, ASN42245 (ITECH-AS Russia, Cheboksary, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33c48623e5f11855e54ab4f61580b0d12c5b392aa66df8f3d61c0f1dcf0d16bb

Request headers

Referer
https://tfoms.med.cap.ru/Content/css?v=Y_-a7kxumwWw3Je6B70eaF7no8qfk62yckQYjhA_RIg1
Origin
https://tfoms.med.cap.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 14:48:51 GMT
Last-Modified
Fri, 17 May 2019 07:25:28 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0648db381cd51:0"
Content-Type
font/x-woff2
Accept-Ranges
bytes
Content-Length
26732
watch.js
mc.yandex.ru/metrika/
158 KB
56 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
84bc40f8a7aa42b20699d2a7fdda3015cccb85ad4b7a96904704b980008b3e2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 14:45:28 GMT
content-encoding
br
last-modified
Thu, 11 Aug 2022 14:27:18 GMT
etag
"62f4e796-de89"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56969
expires
Fri, 12 Aug 2022 15:45:28 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.h1VmF5t-RKg3gJXCPxqa32KqmFhZb9nxBnufCTIlZA5YQZUYPAPfeCLN_xoM0QiY.Iirf-Vj8Vdhiwq2_FdV_wBARXGM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9728.rTHXsU-mlH0I9BbWiL3nMkpBMEzlPDs80qoqQ1vD_dwg14q_H992kWEnSCkf3618uQkT32uxTS0xa0lRzk0_bA%2C%2C.gqI8tEZ6S6MxwoVV0Psed0_r6uM%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9728.rTHXsU-mlH0I9BbWiL3nMkpBMEzlPDs80qoqQ1vD_dwg14q_H992kWEnSCkf3618uQkT32uxTS0xa0lRzk0_bA%2C%2C.gqI8tEZ6S6MxwoVV0Psed0_r6uM%2C
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 14:45:29 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9728.rTHXsU-mlH0I9BbWiL3nMkpBMEzlPDs80qoqQ1vD_dwg14q_H992kWEnSCkf3618uQkT32uxTS0xa0lRzk0_bA%2C%2C.gqI8tEZ6S6MxwoVV0Psed0_r6uM%2C
date
Fri, 12 Aug 2022 14:45:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: tfoms.med.cap.ru
URL: https://tfoms.med.cap.ru/Account/Login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 14:45:28 GMT
last-modified
Thu, 11 Aug 2022 14:27:18 GMT
etag
"62f4e796-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 12 Aug 2022 15:45:28 GMT
1
mc.yandex.com/watch/34625425/
Redirect Chain
  • https://mc.yandex.com/watch/34625425?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo...
  • https://mc.yandex.com/watch/34625425/1?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0idu...
338 B
420 B
XHR
General
Full URL
https://mc.yandex.com/watch/34625425/1?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A1498%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A1483106930118%3Ahid%3A8179528%3Az%3A0%3Ai%3A20220812144528%3Aet%3A1660315529%3Ac%3A1%3Arn%3A164088929%3Arqn%3A1%3Au%3A1660315529553551059%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660315526454%3Ads%3A0%2C0%2C186%2C3%2C828%2C0%2C%2C847%2C0%2C%2C%2C%2C1864%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660315529%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20-%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%A2%D0%A4%D0%9E%D0%9C%D0%A1&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7e083ecdedcb2abf7e8586520fd800ca2a9ea05d6e43eeae35376e469a46e482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tfoms.med.cap.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 14:45:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12-Aug-2022 14:45:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tfoms.med.cap.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Fri, 12-Aug-2022 14:45:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 14:45:29 GMT
last-modified
Fri, 12-Aug-2022 14:45:29 GMT
location
/watch/34625425/1?wmode=7&page-url=https%3A%2F%2Ftfoms.med.cap.ru%2FAccount%2FLogin%3FReturnUrl%3D%252f&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A1498%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A1483106930118%3Ahid%3A8179528%3Az%3A0%3Ai%3A20220812144528%3Aet%3A1660315529%3Ac%3A1%3Arn%3A164088929%3Arqn%3A1%3Au%3A1660315529553551059%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660315526454%3Ads%3A0%2C0%2C186%2C3%2C828%2C0%2C%2C847%2C0%2C%2C%2C%2C1864%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660315529%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20-%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%A2%D0%A4%D0%9E%D0%9C%D0%A1&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://tfoms.med.cap.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 12-Aug-2022 14:45:29 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| footer object| Ya object| yaCounter34625425

12 Cookies

Domain/Path Name / Value
tfoms.med.cap.ru/ Name: __RequestVerificationToken
Value: 0Pi8oFkRiE15XvpFBFoyxCKz0mMEn9j2b5XKeBk1rhAOrbOMgu1WkwMW2iSCqCzGN59WXHaj_LA2ry_SRUc6B2nGOF01
.cap.ru/ Name: _ym_uid
Value: 1660315529553551059
.cap.ru/ Name: _ym_d
Value: 1660315529
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3938140924fake
.cap.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1591417273fake
.yandex.com/ Name: yandexuid
Value: 2750130111660315529
.yandex.com/ Name: yuidss
Value: 2750130111660315529
mc.yandex.com/ Name: yabs-sid
Value: 1716941391660315529
.yandex.com/ Name: i
Value: bbujDTqAFvIrmIAagb3nxvJIefAuto1np8TLdxQjuBHiX+RJmfn0b+TLuIT0La2EKfDqYRjGdD4sQBqUSNCde+si/0Y=
.yandex.com/ Name: ymex
Value: 1691851529.yrts.1660315529#1691851529.yrtsi.1660315529
.cap.ru/ Name: _ym_visorc
Value: w

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9728.rTHXsU-mlH0I9BbWiL3nMkpBMEzlPDs80qoqQ1vD_dwg14q_H992kWEnSCkf3618uQkT32uxTS0xa0lRzk0_bA%2C%2C.gqI8tEZ6S6MxwoVV0Psed0_r6uM%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.com
mc.yandex.ru
tfoms.med.cap.ru
2a02:6b8::1:119
77.240.146.50
0d4fc246dcc9a0cde44ffb94bfc41307061702b58a00af728051360e8b389def
1b8a8abcdcc50edb827f9855e40cf04ea6d372035ce28cffb89d33f394fc86c8
25f7c55d2cd9de133edfa7bad8680989f7e35f1766aae7ae28a420a82264f947
260b0a0f7da9050e6d3d78634d2904d4fb9dedcaf03017e04cf4033e6a27e798
29e009523e60879d476c226f52a556af9655906f6c4b120c5c81adea0770b9a4
33c48623e5f11855e54ab4f61580b0d12c5b392aa66df8f3d61c0f1dcf0d16bb
3b236eba9d909ac40301bca71bb7ebdfa6cc3d0cb4e734be28733033790e83b1
4620cb303eb0fb241c50bffeb92b8504987c3249f816eebf952d3b8d3024e576
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7d328dba84a279b61aed0236df725a943fb2ca0aa6488f3dab1ec3767861903e
7e083ecdedcb2abf7e8586520fd800ca2a9ea05d6e43eeae35376e469a46e482
7ed33ae2282462fba0d084f2b7229aeeaa87d6f8c5794a91af0d0e5ea6c87fd2
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84bc40f8a7aa42b20699d2a7fdda3015cccb85ad4b7a96904704b980008b3e2b
8954526ddc72de57e13811a3c19e51330d9e417f2904c838d4fd8742c22068ab
985a659d3d7e29f0f0620c93c0477e677fdc4e9b3bd10b4d096ff402bd9a087f
a378b9473c119bd3b627cfda542a1b7bc708a4d9a9eb43e1a0d7720db32bf8e8
aef751d34bde2281cb563163bd785c6e553cb8ff80e4ff7b6721fcc1b5f80e69
e7c847a3f2cc4fcc1b3a4e2c7638c8c31876e9b6690bd6f729ac8004c715c852
e7d5d45c93a6ef9f02d574b469cb6b3ca6bcb284007d52f8e3af355d29d323e5
ec89bb40942469fda687a653edb54dd0561ce83ad812755d481faf11a93d1bc4
fa05e990e5e352a9a09e92af17770f31d11046c5e125040e6c0a76940ab1c1dc