fleet.clients.backofficevi.com Open in urlscan Pro
34.138.254.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fleet.clients.backofficevi.com/
Submission: On August 14 via automatic, source certstream-suspicious (August 14th 2024, 11:50:00 am UTC) — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 39 HTTP transactions. The main IP is 34.138.254.114, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is fleet.clients.backofficevi.com.
TLS certificate: Issued by R10 on August 14th 2024. Valid for: 3 months.

This is the only time fleet.clients.backofficevi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
32	34.138.254.114 34.138.254.114		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6812:ba1f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003		15169 (GOOGLE) (GOOGLE)
39	4

32 34.138.254.114 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.254.138.34.bc.googleusercontent.com

fleet.clients.backofficevi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	backofficevi.com fleet.clients.backofficevi.com	488 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	22 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
39	4

	Domain	Requested by
32	fleet.clients.backofficevi.com	fleet.clients.backofficevi.com
3	cdn.jsdelivr.net	fleet.clients.backofficevi.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	fleet.clients.backofficevi.com
39	4

This site contains no links.

Subject Issuer	Validity	Valid
fleet.clients.backofficevi.com R10	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fleet.clients.backofficevi.com/
Frame ID: 239B310B0E68273DFA1D1E64F39382B3
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facilities Fleet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

39
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

555 kB
Transfer

1256 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fleet.clients.backofficevi.com/ 33 KB
6 KB 1118ms
312ms Document
text/html 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PHP/8.2.22 PleskLin
Resource Hash: 97575911edcc97e481d3a43f3e46cae574ce63b1f899b9b2b52a9bf65ef72c2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Aug 2024 11:49:55 GMT
expires: -1
pragma: no-cache
server: nginx
x-powered-by: PHP/8.2.22 PleskLin

GET
H2 200 frontend-bootstrap.min.css
fleet.clients.backofficevi.com/assets/css/ 133 KB
18 KB 392ms
390ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-bootstrap.min.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 659ec2d6ed6eb0c788c6ec6bd714b3e082cbc854c7a9cf348580876848b08325

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-214bb"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend-animate.css
fleet.clients.backofficevi.com/assets/css/ 84 KB
4 KB 272ms
270ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-animate.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: fbeeeb555942f89b92ed95b94145c05eef74d97ab54d33a2ab1fbf39d95d1f63

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-14f0c"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend-fontawesome-all.min.css
fleet.clients.backofficevi.com/assets/css/ 59 KB
10 KB 152ms
150ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-fontawesome-all.min.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 8807c785c8df7b874e15431dab5fcde10c6465f850058ad561a255dd63d5d122

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Thu, 06 Jul 2023 09:25:40 GMT
server: nginx
etag: W/"64a68894-ed88"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend-slick.css
fleet.clients.backofficevi.com/assets/css/ 2 KB
619 B 393ms
391ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-slick.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: a7b29b46ea00374e47e4062eef0ef0f524193410460bcc21bcb4d3e9d0e29e1e

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-6f1"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend-dropdown-nice-select.css
fleet.clients.backofficevi.com/assets/css/ 4 KB
1 KB 394ms
393ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-dropdown-nice-select.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-fa7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ 16 KB
4 KB 100ms
45ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css

Requested by

Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20191
x-jsd-version: 4.6.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3308
x-served-by: cache-fra-etou8220051-FRA, cache-lga21961-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1fCC6Xj%2F6N681qjDpk2R2IPg1XkZJb2s6oPOB0B9W8VSrd31wm7X99Y5IcRZ9QFFjx8k5FfLnTVNb7aBw%2BElmtNE%2BdAPkGVdb%2B1uiOQEZwhk6HCUqzmjXThggyB%2BP63N8FFI8IAMTlcNkXCxW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b30b9700e9a4d95-FRA

GET
H2 200 pretty-checkbox.min.css
cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/ 19 KB
4 KB 96ms
41ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/pretty-checkbox.min.css

Requested by

Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8744
x-jsd-version: 3.0.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2900
x-served-by: cache-fra-etou8220105-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4b56-fF0noLObvYApNnMFBFgmODIkGTo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQFg1L6i%2BDYXE61Yhe2THtmbq1%2F%2ForvIfL23KsGJ5D3ukeOEwyIOTmIwgWRPd9EiSD%2FJFgaiAgrE7ukXhFIIaJLomKXN5to5pdeMIh6Vu9hjL%2F6236j3Vl6wLmRY1%2BYcZRz2h7%2FtJqJ7mQc%2BdbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b30b9700e974d95-FRA

GET
H2 200 frontend-style.css
fleet.clients.backofficevi.com/assets/css/ 35 KB
6 KB 271ms
270ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-style.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: e415c7c18cf4e6faebddaf074d14d6922bf284499be3c5f5687c66c8f05b011f

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Thu, 06 Jul 2023 09:32:24 GMT
server: nginx
etag: W/"64a68a28-8b11"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend-plugin-select2.min.css
fleet.clients.backofficevi.com/assets/css/ 15 KB
2 KB 271ms
271ms Stylesheet
text/css 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/css/frontend-plugin-select2.min.css
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 2364c5bd27210e0d07a8efae86ca8f29f62604df72d5de5d5d9e41af8df6a281

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:22 GMT
server: nginx
etag: W/"64a53342-3af8"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 6a4580a9-7682-4d81-aced-ba89d3b0747f.png
fleet.clients.backofficevi.com/assets/images/ 33 KB
33 KB 392ms
392ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/6a4580a9-7682-4d81-aced-ba89d3b0747f.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: f3ca455a40ceb568fa6a95c16131cba50f9927b2bef82bfc7f723c2fd63207b3

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
last-modified: Tue, 16 Apr 2024 10:25:38 GMT
server: nginx
etag: "661e5222-8518"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 34072

GET
H2 200 4066665a-ba30-4c91-8e48-f68d4b5c1510.png
fleet.clients.backofficevi.com/assets/images/ 5 KB
5 KB 269ms
268ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/4066665a-ba30-4c91-8e48-f68d4b5c1510.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 6d66f7085fe3dd1e0caa8a2f7f15f14e91e1c6a64899a7013732abc8ad9cf79a

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
last-modified: Tue, 16 Apr 2024 10:31:03 GMT
server: nginx
etag: "661e5367-12ec"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 4844

GET
H2 200 frontend-icons-fleet-login2.png
fleet.clients.backofficevi.com/assets/images/ 573 B
742 B 132ms
130ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-icons-fleet-login2.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 8bcf40a8ae739c6cf024d8f859f7fcbb73f2289f8ea15095a50b07bac5298e24

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
x-accel-version: 0.01
etag: "23d-5ffb9c124cb80"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 573

GET
H2 200 frontend-icons-fleet-pickup.png
fleet.clients.backofficevi.com/assets/images/ 591 B
760 B 500ms
498ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-icons-fleet-pickup.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: a17da0a657902d0c588cb9e39c35071e46d3c1217d64e9f247d07f38bd4ea930

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
x-accel-version: 0.01
etag: "24f-5ffb9c124cb80"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 591

GET
H2 200 frontend-icons-fleet-drop.png
fleet.clients.backofficevi.com/assets/images/ 583 B
752 B 500ms
499ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-icons-fleet-drop.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: f844a0472bb4ca528c70f21415e80ab542890561bc14cae3338b16190ab724ef

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
x-accel-version: 0.01
etag: "247-5ffb9c124cb80"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 583

GET
H2 200 frontend-icons-fleet-person.png
fleet.clients.backofficevi.com/assets/images/ 619 B
788 B 382ms
381ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-icons-fleet-person.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 82a1e76fa93ab8dc23de298f30325e19a8293307e451ff3494f2368bbcebe7dc

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
x-accel-version: 0.01
etag: "26b-5ffb9c124cb80"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 619

GET
H2 200 frontend-icons-fleet-date.png
fleet.clients.backofficevi.com/assets/images/ 536 B
705 B 381ms
381ms Image
image/png 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-icons-fleet-date.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 14101f2e9511d6cea0fe486e49a50490a83a4074b49cecfab75d723a4a59a1f6

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
x-accel-version: 0.01
etag: "218-5ffb9c124cb80"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 536

GET
H2 404 fleet-login.png
fleet.clients.backofficevi.com/assets/frontend/images/ 2 KB
2 KB 618ms
617ms Image
text/html 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/frontend/images/fleet-login.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PHP/8.2.22
Resource Hash: cb4c9d300c89433c6eec3b342b79213e9dda52302375e0f43cdcdade7ad13382

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/8.2.22
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
expires: -1

GET
H2 404 fleet-close-white.png
fleet.clients.backofficevi.com/assets/frontend/icons/ 2 KB
2 KB 500ms
500ms Image
text/html 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/frontend/icons/fleet-close-white.png
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PHP/8.2.22
Resource Hash: cb4c9d300c89433c6eec3b342b79213e9dda52302375e0f43cdcdade7ad13382

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/8.2.22
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
expires: -1

GET
H2 200 frontend-jquery.js Show response
fleet.clients.backofficevi.com/assets/js/ 85 KB
29 KB 502ms
499ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-jquery.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-1538f"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-popper.js Show response
fleet.clients.backofficevi.com/assets/js/ 20 KB
7 KB 383ms
381ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-popper.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 7361beca1c276216e72aedc42522e868182053f1e43862722e84d34fa5836423

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Fri, 07 Jul 2023 06:21:06 GMT
server: nginx
etag: W/"64a7aed2-5010"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-bootstrap.min.js Show response
fleet.clients.backofficevi.com/assets/js/ 48 KB
12 KB 384ms
382ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-bootstrap.min.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-bf06"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-slick.min.js Show response
fleet.clients.backofficevi.com/assets/js/ 42 KB
10 KB 384ms
383ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-slick.min.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 26baef5c04e886682efe774b03486d599f18f3961d68d5cd865ee587f1c47306

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-a763"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-dropdown-jquery.nice-select.min.js Show response
fleet.clients.backofficevi.com/assets/js/ 3 KB
1 KB 382ms
380ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-dropdown-jquery.nice-select.min.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-b7e"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-moment.js Show response
fleet.clients.backofficevi.com/assets/js/ 145 KB
30 KB 382ms
380ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-moment.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: f2bb254e4ac90b2abdd93a162b9c077296372287445cd4d2886393ace3c46418

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-24465"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 flatpickr Show response
cdn.jsdelivr.net/npm/ 49 KB
15 KB 86ms
44ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr

Requested by

Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19783
x-jsd-version: 4.6.13
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14537
x-served-by: cache-fra-eddf8230039-FRA, cache-lga21967-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"c5f7-fVv7+SYe2JucqEJIf3pkZJZHRLk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLVJyxlwNsbzkVkGzbNS%2BQHuSMtABKyLDz2omcdgmZjD7yGEL3EpEc%2Bmo0jhN6Q4CDqOk%2Bp51rh%2FaPmm94EgfQUI3xENmxNg3msGxz%2Fic5p4Hd2Ng6%2FhBEF4ihk3JixtBZTG15tR2SsPD%2FJvkl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b30b9700e9c4d95-FRA

GET
H2 200 frontend-main.js Show response
fleet.clients.backofficevi.com/assets/js/ 7 KB
2 KB 382ms
381ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-main.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: ebca463715b341be88987ddf0dd7be8e70d706b87b775a5c755ba82f4334e0bc

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: W/"64a5333e-1d17"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend-plugin-select2.full.min.js Show response
fleet.clients.backofficevi.com/assets/js/ 80 KB
19 KB 381ms
379ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/frontend-plugin-select2.full.min.js
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 1a41b6c3b866eb1e825285b674f594823aa7cd599e7237bb8252812247a821be

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Wed, 05 Jul 2023 09:09:22 GMT
server: nginx
etag: W/"64a53342-14070"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 sw.js Show response
fleet.clients.backofficevi.com/ 1 KB
624 B 383ms
381ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/sw.js?v5
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: aaa4ad04b8e3bbf119ad98c5ef4997651cafa5a530ffaabd5797847b9216fa05

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Mon, 31 Jul 2023 07:22:44 GMT
server: nginx
etag: W/"64c76144-573"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 web-sw.js Show response
fleet.clients.backofficevi.com/ 970 B
512 B 381ms
380ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/web-sw.js?v1
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 0e6a272c713961081729d0d0fa65ec1a02f95e632cd7a4fb7cb7261b53371f78

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: br
last-modified: Mon, 31 Jul 2023 07:22:44 GMT
x-accel-version: 0.01
server: nginx
etag: W/"3ca-601c34be7d900"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 fleet-frontend.js Show response
fleet.clients.backofficevi.com/assets/js/ 2 KB
711 B 381ms
380ms Script
application/javascript 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/js/fleet-frontend.js?v=1.0.0
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 1aeb5c6962c9542f1dbed36983fd5681e4f6a3b79df1c3afa993a1ac4096c380

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:55 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 10:13:10 GMT
server: nginx
etag: W/"64d4b836-6c0"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 2 KB
499 B 118ms
68ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,700

Requested by

Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/assets/css/frontend-style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3de7e6acf6003bb7b30f306e2aafb54d5f982f3de13aba4fe7842cbca36a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 10:45:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 11:49:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 84ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:500

Requested by

Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/assets/css/frontend-style.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f622d6917ee06bd033b68f05c6f0546f971bb2724f2a6c105a218dcd471bb981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 11:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 10:14:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 11:49:56 GMT

GET
H2 200 frontend-fleet-hero2.jpg
fleet.clients.backofficevi.com/assets/images/ 158 KB
158 KB 230ms
229ms Image
image/jpeg 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fleet.clients.backofficevi.com/assets/images/frontend-fleet-hero2.jpg
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/assets/css/frontend-style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 135932b354628b25c40dceac1bc77bf14a2f44385cc697ed336bbfdad3c35634

Request headers

Referer: https://fleet.clients.backofficevi.com/assets/css/frontend-style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: "64a5333e-27608"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 161288

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fleet.clients.backofficevi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 15:11:03 GMT
x-content-type-options: nosniff
age: 160733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:41:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Aug 2025 15:11:03 GMT

GET
H2 200 frontend-fontawesome-fa-solid-900.woff2
fleet.clients.backofficevi.com/assets/fonts/ 61 KB
61 KB 335ms
334ms Font
font/woff2 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/fonts/frontend-fontawesome-fa-solid-900.woff2
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/assets/css/frontend-fontawesome-all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://fleet.clients.backofficevi.com/assets/css/frontend-fontawesome-all.min.css
Origin: https://fleet.clients.backofficevi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: "64a5333e-f408"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 62472

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ 19 KB
19 KB 89ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:500

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fleet.clients.backofficevi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 15:08:04 GMT
x-content-type-options: nosniff
age: 74512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19140
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 15:08:04 GMT

GET
H2 200 frontend-fontawesome-fa-brands-400.woff2
fleet.clients.backofficevi.com/assets/fonts/ 63 KB
63 KB 224ms
223ms Font
font/woff2 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/assets/fonts/frontend-fontawesome-fa-brands-400.woff2
Requested by: Host: fleet.clients.backofficevi.com
URL: https://fleet.clients.backofficevi.com/assets/css/frontend-fontawesome-all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Referer: https://fleet.clients.backofficevi.com/assets/css/frontend-fontawesome-all.min.css
Origin: https://fleet.clients.backofficevi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Wed, 05 Jul 2023 09:09:18 GMT
server: nginx
etag: "64a5333e-fa90"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 64144

GET
H2 200 favicon.ico
fleet.clients.backofficevi.com/ 655 B
834 B 131ms
130ms Other
image/vnd.microsoft.icon 34.138.254.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fleet.clients.backofficevi.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.138.254.114 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.254.138.34.bc.googleusercontent.com
Software: nginx / PleskLin
Resource Hash: 86a345c9b221a18fe6c9d6902631f1b117324e922fcef46410e3a9462e090bd3

Request headers

Referer: https://fleet.clients.backofficevi.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 11:49:56 GMT
last-modified: Mon, 31 Jul 2023 07:22:44 GMT
server: nginx
x-accel-version: 0.01
etag: "28f-601c34be7d900"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 655

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| moment function| flatpickr object| slides string| CACHE_NAME object| urlsToCache string| google_api

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fleet.clients.backofficevi.com/	1970-01-20 22:47:23	Name: XSRF-TOKEN Value: eyJpdiI6InRtZS9hR3VBTkNxNE9MUkxIV3ZRMHc9PSIsInZhbHVlIjoid2l1QURuYXgwcGxsN3FOTWRXeW45b0IwT2pnZm1kRGdHVlNWaHg2ZnlMeWtvMEpRQVRWbWtNYnRDaWx0UkNNQ2M1WUthRFdEMllQbVh1Ly9mZkVUNE1lUTVHVFovaWpxbDVsRGVqU2FwTWs0TUhvSjZBcUNHK2p6aUVFL2Rpd1UiLCJtYWMiOiIwZmQ4YzE5NTM1MDQyMDc5YzBkYTEzNTNhNzhjMDJlODZkMzQ5ZjcwMTE2YTAyMjUxZWJkNTg5ODBmYjU4OTZlIiwidGFnIjoiIn0%3D
			fleet.clients.backofficevi.com/	1970-01-20 22:47:23	Name: facilities_fleet_session Value: eyJpdiI6ImxqOFhiZVgzT0pRSW5iSWpTWlh6dlE9PSIsInZhbHVlIjoiaUxmcVFISTE4alNGamNsZGQrdUQ3QmxsNG1VdGt4blEvNzYxZXBLUDgzRXFyRXFWenBtcEVLckRYVyt4dFUzMXpXQjZub2pBUWRvYVMrdXhmYUQ1cnZrVVQvWm43YVh1RndENE1pdkw0TUNIWFFGTEpKZnhIZEhndWN1c05BcnkiLCJtYWMiOiJhMTc5NmU3YTljZDdkYzAwOTY3OGExOWYyNGQ4Zjg5N2Q2NTA5Y2U5N2UzZWE3ZWUzMDdiNzhlZWVmYThhNTUyIiwidGFnIjoiIn0%3D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fleet.clients.backofficevi.com/assets/frontend/icons/fleet-close-white.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fleet.clients.backofficevi.com/assets/frontend/images/fleet-login.png Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	warning	URL: https://fleet.clients.backofficevi.com/ Message: [DOM] Found 2 elements with non-unique id #datepicker: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://fleet.clients.backofficevi.com/ Message: [DOM] Found 3 elements with non-unique id #timepicker: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation	verbose	URL: https://fleet.clients.backofficevi.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://fleet.clients.backofficevi.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://fleet.clients.backofficevi.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fleet.clients.backofficevi.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700::6812:ba1f
2a00:1450:4001:803::200a
2a00:1450:4001:82f::2003
34.138.254.114
0e6a272c713961081729d0d0fa65ec1a02f95e632cd7a4fb7cb7261b53371f78
135932b354628b25c40dceac1bc77bf14a2f44385cc697ed336bbfdad3c35634
14101f2e9511d6cea0fe486e49a50490a83a4074b49cecfab75d723a4a59a1f6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a41b6c3b866eb1e825285b674f594823aa7cd599e7237bb8252812247a821be
1aeb5c6962c9542f1dbed36983fd5681e4f6a3b79df1c3afa993a1ac4096c380
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2364c5bd27210e0d07a8efae86ca8f29f62604df72d5de5d5d9e41af8df6a281
26baef5c04e886682efe774b03486d599f18f3961d68d5cd865ee587f1c47306
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
659ec2d6ed6eb0c788c6ec6bd714b3e082cbc854c7a9cf348580876848b08325
65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
6d66f7085fe3dd1e0caa8a2f7f15f14e91e1c6a64899a7013732abc8ad9cf79a
7361beca1c276216e72aedc42522e868182053f1e43862722e84d34fa5836423
7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad
82a1e76fa93ab8dc23de298f30325e19a8293307e451ff3494f2368bbcebe7dc
86a345c9b221a18fe6c9d6902631f1b117324e922fcef46410e3a9462e090bd3
8807c785c8df7b874e15431dab5fcde10c6465f850058ad561a255dd63d5d122
8bcf40a8ae739c6cf024d8f859f7fcbb73f2289f8ea15095a50b07bac5298e24
97575911edcc97e481d3a43f3e46cae574ce63b1f899b9b2b52a9bf65ef72c2c
a17da0a657902d0c588cb9e39c35071e46d3c1217d64e9f247d07f38bd4ea930
a7b29b46ea00374e47e4062eef0ef0f524193410460bcc21bcb4d3e9d0e29e1e
aaa4ad04b8e3bbf119ad98c5ef4997651cafa5a530ffaabd5797847b9216fa05
b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625
b3de7e6acf6003bb7b30f306e2aafb54d5f982f3de13aba4fe7842cbca36a957
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
cb4c9d300c89433c6eec3b342b79213e9dda52302375e0f43cdcdade7ad13382
e415c7c18cf4e6faebddaf074d14d6922bf284499be3c5f5687c66c8f05b011f
ebca463715b341be88987ddf0dd7be8e70d706b87b775a5c755ba82f4334e0bc
ef71f07257bf7ab1ff3b76ac3c0fa25b8686bbb26c5617c570c7528e337e48d0
f2bb254e4ac90b2abdd93a162b9c077296372287445cd4d2886393ace3c46418
f3ca455a40ceb568fa6a95c16131cba50f9927b2bef82bfc7f723c2fd63207b3
f622d6917ee06bd033b68f05c6f0546f971bb2724f2a6c105a218dcd471bb981
f844a0472bb4ca528c70f21415e80ab542890561bc14cae3338b16190ab724ef
fbeeeb555942f89b92ed95b94145c05eef74d97ab54d33a2ab1fbf39d95d1f63