crm.vtour.by Open in urlscan Pro
95.213.247.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://crm.vtour.by/
Effective URL:
https://crm.vtour.by/login.php?redirect=%2F
Submission: On July 25 via api (July 25th 2024, 6:22:02 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 95.213.247.61, located in Moscow, Russian Federation and belongs to SELECTEL, RU. The main domain is crm.vtour.by.
TLS certificate: Issued by R10 on July 23rd 2024. Valid for: 3 months.

This is the only time crm.vtour.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 19	95.213.247.61 95.213.247.61		49505 (SELECTEL) (SELECTEL)
1	2606:4700::68... 2606:4700::6812:ba1f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:ab00:610... 2a00:ab00:610:1::1		49505 (SELECTEL) (SELECTEL)
21	4

19 95.213.247.61 (Moscow, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)
PTR: mail.u-on.ru

crm.vtour.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ab00:610:1::1 (Russian Federation)

ASN49505 (SELECTEL, RU)

136627.selcdn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	vtour.by 1 redirects crm.vtour.by	4 MB
1	selcdn.ru 136627.selcdn.ru	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	36 KB
21	4

	Domain	Requested by
19	crm.vtour.by	1 redirects crm.vtour.by
1	136627.selcdn.ru	crm.vtour.by
1	cdnjs.cloudflare.com	crm.vtour.by
1	cdn.jsdelivr.net	crm.vtour.by
21	4

This site contains links to these domains. Also see Links.

Domain
www.vtour.by

Subject Issuer	Validity	Valid
crm.vtour.by R10	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.selcdn.ru AlphaSSL CA - SHA256 - G4	`2023-11-24` - `2024-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://crm.vtour.by/login.php?redirect=%2F
Frame ID: DC0B458B4A1B35B0F67871B1DCE316B0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Автоматизированная система

Page URL History Show full URLs

https://crm.vtour.by/ HTTP 302
https://crm.vtour.by/login.php?redirect=%2F Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

4140 kB
Transfer

4209 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.vtour.by/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://crm.vtour.by/ HTTP 302
https://crm.vtour.by/login.php?redirect=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
crm.vtour.by/
Redirect Chain

https://crm.vtour.by/
https://crm.vtour.by/login.php?redirect=%2F

15 KB
5 KB

96ms
96ms

Document
text/html

95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: ec2644b4595c5012cd4c6bc42389154e6138ec5e40419117b49ed1d8a1b2b0da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://crm.vtour.by https://crm.vtour.by
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Jul 2024 06:21:51 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: http://crm.vtour.by https://crm.vtour.by
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Jul 2024 06:21:51 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: /login.php?redirect=%2F
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK styles.combined.css
crm.vtour.by/css/ 366 KB
367 KB 161ms
154ms Stylesheet
text/css 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/css/styles.combined.css?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: c402df42f37fccdf2f671abfcfbb1ffce800cd609588435f6fb49239db196a0a

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:51 GMT
Last-Modified: Fri, 12 Jul 2024 11:11:00 GMT
Server: nginx
ETag: "66910f44-5b931"
Content-Type: text/css
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 375089

GET
H/1.1 200
OK scripts.combined.js Show response
crm.vtour.by/js/ 1 MB
1 MB 308ms
147ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/scripts.combined.js?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 91d1c18f11e95131541e67eac6ae0361f17b1bf841373fcd6259c6a6804f3a3f

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Fri, 12 Jul 2024 11:23:20 GMT
Server: nginx
ETag: "66911228-10ab4d"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1092429

GET
H/1.1 200
OK bootstrap-datepicker.ru.js Show response
crm.vtour.by/js/bootstrap-datepicker/ 731 B
1 KB 242ms
84ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/bootstrap-datepicker/bootstrap-datepicker.ru.js?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 8860d4c27d883d2ce59cb9557827b7338648c50c635280d87443baa01670fc6a

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Thu, 13 Aug 2020 20:20:12 GMT
Server: nginx
ETag: "5f35a07c-2db"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 731

GET
H/1.1 200
OK ru.js Show response
crm.vtour.by/js/moment/ 9 KB
10 KB 241ms
83ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/moment/ru.js?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: ede09ad74fd2b975fa2fdeded7097fe7b39cfd18f4a789df8b4c681456788c6c

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Thu, 29 Oct 2020 19:55:51 GMT
Server: nginx
ETag: "5f9b1e47-24e2"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9442

GET
H2 200 vue@2.6.14 Show response
cdn.jsdelivr.net/npm/ 92 KB
36 KB 217ms
52ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.14

Requested by

Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://crm.vtour.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 06:21:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7063464
x-jsd-version: 2.6.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35858
x-served-by: cache-fra-etou8220121-FRA, cache-lga21982-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpuKuA7kDLJ5ATfXBA8e9Ho6O6xp9V8Hk1jWbYuWMWjlvka4olmkGt1mhybRo2hP95nR1HGXEj0DUTCAxn2S1ETK5KBHPtuYtDNpSg3XPz%2BLg0tK9H6Tej9ZzNSQn21WRcV2VJ2uw5eGgszi8oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a8a0d604ee63610-FRA

GET
H/1.1 200
OK index.umd.js Show response
crm.vtour.by/js/gantt/ 382 KB
382 KB 329ms
172ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/gantt/index.umd.js?12345
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 0aa55964b368a42fb7e404d5d255f03ad0e94aa7ec15c6e175ca9663894353f9

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Thu, 28 May 2020 22:59:56 GMT
Server: nginx
ETag: "5ed0426c-5f7d7"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 391127

GET
H/1.1 200
OK CalendarScroll.plugin.js Show response
crm.vtour.by/js/gantt/ 20 KB
21 KB 329ms
172ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/gantt/CalendarScroll.plugin.js
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 08b8a34f2b8db3b6ffcd78e1e7469efe3ee78a4db8720e5cb3761a643726ddd2

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Fri, 20 Mar 2020 13:27:00 GMT
Server: nginx
ETag: "5e74c4a4-5113"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20755

GET
H/1.1 200
OK WeekendHighlight.plugin.js Show response
crm.vtour.by/js/gantt/ 7 KB
7 KB 327ms
86ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/gantt/WeekendHighlight.plugin.js
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 84894ad0d57839a27a7388a7092d98556b7e9f55db67b0059dc65abe528946b0

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Fri, 20 Mar 2020 13:27:00 GMT
Server: nginx
ETag: "5e74c4a4-1b61"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7009

GET
H3 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/ 10 KB
3 KB 181ms
54ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/clipboard.min.js

Requested by

Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://crm.vtour.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 06:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 53121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2953
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-28d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDyYK7vOJ5v9esq2H3Mx7uNgV5N4VZ05fNR9rRORBBry8eRY5SvWO3dbr2VtF185dEvW%2B7vOt2g17Dp1gslqvV8rIuP%2FqhELhxUngIQzvSuYxgB5vmjyyirJDiLoagc8lPZqL4iF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a8a0d601a4303d8-FRA
expires: Tue, 15 Jul 2025 06:21:52 GMT

GET
H/1.1 200
OK jquery.easing.min.js Show response
crm.vtour.by/js/ 7 KB
7 KB 327ms
86ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/jquery.easing.min.js
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: a2a67e3e3456fd942271f6537b4577cbfdea679deb8a48c60bda57fcb4319072

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Sat, 11 Mar 2017 21:26:18 GMT
Server: nginx
ETag: "58c46b7a-1b8a"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7050

GET
H/1.1 200
OK jquery.imagemax.min.js Show response
crm.vtour.by/js/ 6 KB
7 KB 422ms
76ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/jquery.imagemax.min.js
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 918f3f7dda8d43c80aaf022ae4c640a55a7d626ac28d13405255a7c8285186f3

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Sat, 11 Mar 2017 21:26:18 GMT
Server: nginx
ETag: "58c46b7a-18d6"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6358

GET
H/1.1 200
OK jquery.center.js Show response
crm.vtour.by/js/ 1 KB
2 KB 416ms
73ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/jquery.center.js
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 7d66f2de8a198b9704f74bf055bed540c98ca3a25bf5195c75e0358370ca1ca3

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Sat, 11 Mar 2017 21:26:18 GMT
Server: nginx
ETag: "58c46b7a-5e2"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1506

GET
H/1.1 200
OK parsley.min.js Show response
crm.vtour.by/js/ 42 KB
42 KB 422ms
76ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/parsley.min.js?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: fdacad6dba64a09bbc98378cf92bd24787e2661788391ba808348cc5f4b23d71

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Mon, 16 Jul 2018 19:22:16 GMT
Server: nginx
ETag: "5b4cf068-a84e"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43086

GET
H/1.1 200
OK parsley.messages.ru.js Show response
crm.vtour.by/js/ 3 KB
3 KB 494ms
75ms Script
application/javascript 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/js/parsley.messages.ru.js?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: f2e6de7b057d65bff459000c810ebde7b278984f810b72b5a86fa77b1da1f18e

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Sat, 11 Mar 2017 21:26:17 GMT
Server: nginx
ETag: "58c46b79-adf"
Content-Type: application/javascript
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2783

GET
H2 200 290823_169325866764ed13ab44309.png
136627.selcdn.ru/images/company/27333/ 4 KB
4 KB 494ms
91ms Image
image/png 2a00:ab00:610:1::1
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://136627.selcdn.ru/images/company/27333/290823_169325866764ed13ab44309.png
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:610:1::1 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 5b4fbfff2654f8743bd5104676731152a220330de44bdff88770ab8d6af6715d

Request headers

Referer: https://crm.vtour.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-container-storage-policy-name: Policy-0
date: Thu, 25 Jul 2024 06:11:52 GMT
last-modified: Mon, 28 Aug 2023 21:37:48 GMT
age: 600
etag: "31b70db9f11856bc7d40a85ec65cccf4"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
x-timestamp: 1693258667.39125
x-container-storage-policy-index: 0
accept-ranges: bytes
content-length: 3734
x-trans-id: 177fa9c966388ba5

GET
H/1.1 200
OK print.css
crm.vtour.by/css/ 374 B
705 B 89ms
89ms Stylesheet
text/css 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/css/print.css?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 26667ea8fceea7d0dd26b62036c4339a7d5765cc14953acd39063fd3cc9f4a23

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:52 GMT
Last-Modified: Fri, 19 Feb 2021 01:08:03 GMT
Server: nginx
ETag: "602f0f73-176"
Content-Type: text/css
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 374

GET
H/1.1 200
OK bg-2022-2.jpg
crm.vtour.by/images/bg/ 1 MB
1 MB 105ms
88ms Image
image/jpeg 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crm.vtour.by/images/bg/bg-2022-2.jpg?1768
Requested by: Host: crm.vtour.by
URL: https://crm.vtour.by/login.php?redirect=%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: d85773feff49172c4bf070d5efca2942f5196c6c14515357c0b71e617a95bccf

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:53 GMT
Last-Modified: Mon, 07 Feb 2022 07:30:28 GMT
Server: nginx
ETag: "6200ca94-11467c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1132156

GET
H/1.1 200
OK uon-logo-50x50.png
crm.vtour.by/images/ 1 KB
2 KB 100ms
94ms Other
image/png 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/images/uon-logo-50x50.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 3b18ea9029d95c0d1d4fd9a49fa1df1acfbb5fcebb4c406b17cb73a35f3cbf3b

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:53 GMT
Last-Modified: Sun, 09 Jun 2019 20:57:17 GMT
Server: nginx
ETag: "5cfd72ad-5c9"
Content-Type: image/png
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1481

GET
H/1.1 200
OK uon-logo-50x50.png
crm.vtour.by/images/ 1 KB
0 23ms
23ms Other
image/png 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://crm.vtour.by/images/uon-logo-50x50.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 3b18ea9029d95c0d1d4fd9a49fa1df1acfbb5fcebb4c406b17cb73a35f3cbf3b

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:53 GMT
Last-Modified: Sun, 09 Jun 2019 20:57:17 GMT
Server: nginx
ETag: "5cfd72ad-5c9"
Content-Type: image/png
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Accept-Ranges: bytes
Content-Length: 1481

GET
H/1.1 200
OK bg-2022-1.jpg
crm.vtour.by/images/bg/ 1 MB
1 MB 150ms
149ms Image
image/jpeg 95.213.247.61
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crm.vtour.by/images/bg/bg-2022-1.jpg?1768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.247.61 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: mail.u-on.ru
Software: nginx /
Resource Hash: 194f8392da710f624dc7e4c9d62a9a24f9b75f89ff41638ec4c4c6d0a795e59e

Request headers

Referer: https://crm.vtour.by/login.php?redirect=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 06:21:59 GMT
Last-Modified: Mon, 07 Feb 2022 07:31:03 GMT
Server: nginx
ETag: "6200cab7-10aec1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: http://crm.vtour.by, https://crm.vtour.by
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1093313

Verdicts & Comments Add Verdict or Comment

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $jscomp function| $jscomp$lookupPolyfilledValue function| noty function| _ function| gettext function| n_ object| Constants string| loading string| loadingHorizontal object| template function| SearchBlock function| ActiveBlock function| OnlineLoadingClass object| OnlineLoading string| globalErrorMessage string| globalCloseTitle function| getGlobalOKTitle function| getGlobalCancelTitle object| time_global number| time_offset function| Utilits object| $dialog function| DialogError object| Dialog function| getLocaleStorage function| setLocaleStorage function| deleteLocaleStorage function| printArea function| exportTable function| nl2br function| redirectPost function| $match function| ServiceSupplierAutocomplete function| PaydocAutocomplete object| Ajax function| initTabs function| fixedBlockInit function| multiselectInit function| multiselectDestroy function| serviceRequestCurrencyFixInit function| extendedFieldWithLinkInit function| ctrlEnterKeyBind function| enterKeyBind function| enterKeyBindObject function| hotelSearchBlock function| quickReservationButton function| datepicker_init function| set_datetime_value function| user_kind_update function| checkboxInit function| clientSettingsInit function| mailBodyInit function| userFileInit function| hotelFileInit function| ssFileInit function| checkExtendedMode function| extendedModeButtonSettingsSwitch function| extendedFieldsInit function| bindExtendedMode function| bindSmsEmailNotificationButtons function| bindAjaxifyForm function| CKupdate function| bindBootstrapEditable function| numberFormat function| numberPositiveFormat function| currencyFormat function| datepickerClearButton function| columnsWithSort function| bindExtendedModeExtended function| bindExtendedModeSimple function| create_new_element_block_init function| create_new_element_block_error function| passwordEyeToggle function| tooltipHide function| tooltipInit function| switchInit function| momentInit function| popoverInit function| timepickerInit function| customSelect2TriggerChange function| customSelect2Init function| radioButtonSetValue function| radioButtonInit function| parseCurrency function| parseNumber function| parsePositiveNumber function| set_koef_currency_main function| set_price_result_by_currency function| user_file_delete function| hotel_file_delete function| ss_file_delete function| request_file_delete function| payment_file_delete function| payment_partner_paid function| payment_client_paid function| payment_bill_paid function| get_bill_list function| bill_delete function| bill_service_delete function| bill_service_update function| bill_service_fill_data function| bill_service_fill_data_services function| bill_update function| online_bill_update function| kpi_plan_update function| bcard_update function| bcard_bonus_add function| bindRequestVisaChange function| bindRequestInsuranceChange function| bindRequestStatusChange function| bindRequestStatusPayChange function| bindRequestStatusCBChange function| bindUserStatusChange function| bindRequestManagerChange function| bindManagerStatusChange function| bindRequestFavorite function| check_tourist_fields function| check_lead_client_fields function| check_client_fields function| check_user_fields function| check_payment_partner_bill function| check_payment_client_bill function| file_upload function| trim function| getCheckboxValues function| getDocsValues function| delete_div_params function| save_input_array_func function| popupClose function| fillAndShow function| showMessages function| highlight function| normallight function| users_clients_delete function| bookmark_show function| submenu_show function| toggleCommunicationBlock function| delRecordById function| updateNightsCount function| create_new_element function| create_new_ss_element function| create_input_element function| create_input_element_single function| form_send_email function| form_send_sms function| form_subscribe_email function| suppliers_only_one function| sync_dates function| sync_times function| service_request_check function| service_request_update function| service_request_list_reload function| client_update function| leads_client_select function| refresh_documents function| copySelection function| removeSelection function| refresh_services_selection function| tourist_update function| feedback_update function| reminder_update function| hotel_contract_update function| contact_person_update function| hotel_type_cross_update function| autocomplete_global function| autocomplete_client function| autocompleteRequests function| autocompleteEngineRequests function| autocomplete_supplier function| autocomplete_request function| checkPaymentServicesSumError function| checkReceiptError function| payment_client_update function| services_currency_fix function| services_currency_netto_fix function| payment_update function| get_payment_partner function| payment_plan_another_update function| payment_partner_update function| payment_partner_list_update function| payment_client_list_update function| payment_partner_price_update function| payment_paydoc_select_update function| paydoc_new function| roundNumber function| docs_update function| user_type_change function| get_avia_transfer function| add_avia_transfer function| avia_transfer_template_choose function| avia_transfer_template_select function| avia_transfer_delete function| add_payment_separation function| payment_separation_delete function| requests_view function| requests_cb function| setSearchDataTitle function| showSavedSearches function| setSearchData function| getSearchData function| requests_view_csv function| request_active function| mailing_list_view function| profit_list_view function| list_view function| client_view function| supplier_view function| cash_payment_list function| cash_payment_list_csv function| payment_bill_list function| payment_list function| payment_separation_list function| request_commission_paid function| request_commission_source_paid function| marketing_simple_mode function| marketing_month function| updateCurrencyFields function| setOperatorRates function| client_delete function| payment_client_deposit_update function| payment_client_deposit_value_update function| payment_partner_deposit_value_update function| payment_partner_deposit_update function| get_feedback_list function| feedback_delete function| get_history_list function| get_request_logs_list function| get_tourist_logs_list function| get_supplier_logs_list function| get_request_user_contact_list function| get_request_user_contact_tree function| get_request_user_communication function| get_tourist_contact_tree function| get_request_action_list_lead function| request_action_check function| request_action_update function| request_action_to_manager_update function| show_hide_block function| hide_block function| show_hide_block_with_value function| catalog_package_tourists_settings function| requests_settings function| leads_requests_settings function| request_fields_change function| sr_active_change function| get_mailing_emails_list function| mailing_user_add function| mailing_user_delete function| mailing_user_count function| select_mailing_emails_all function| deselect_mailing_emails_all function| hotel_select_list function| get_stat_hotel function| countryListChange function| cityListChange function| hotelListChange function| clientListChange function| supplierListChange function| countryMerge function| cityMerge function| clientMerge function| supplierMerge function| getClientExtData function| client_visa_list function| client_insurance_list function| supplierSendRequest function| touroperator_finance_get function| touroperator_contract_get function| getSmsBalance function| getEmailBalance function| getSmsMassBalance function| transliterate function| uploadAvatar function| deleteAvatar function| showAvatarSelector function| loadAvatarSelector function| selectAvatar function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| respond object| jQuery19108658969224426827 object| Offline function| Bloodhound object| titlenotifier function| moment function| swal function| sweetAlert object| store object| Push function| DialogClass function| AutocompleteBlock function| AutocompleteField function| ServiceRequestBlock function| ServiceSubitemBlock function| ServiceDiscountList function| ServicePriceList function| DatePeriodBlock function| ReminderList function| ReminderItem function| HotelContractList function| HotelContractItem function| ContactPersonList function| ContactPersonItem function| ItemsList function| ItemsListItem function| HotelTypeList function| HotelTypeItem function| ServiceList function| ServiceItem function| Vue object| litHtmlVersions function| GSTC function| CalendarScroll function| WeekendHighlight function| ClipboardJS string| UON_DOMAIN number| USER_IS_MANAGER string| LANG string| STATIC_URL number| USER_STATUS_PAID number| USER_STATUS_CANCEL number| STATUS_BACK_TO_LEAD number| STATUS_CLOSED string| CURRENCY_MAIN_NAME string| $emptyText object| BrowserDetect function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			crm.vtour.by/	1970-01-21 07:03:44	Name: PHPSESSID Value: db247ff874cdcade6307be2164e46d7c

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://crm.vtour.by/login.php?redirect=%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

136627.selcdn.ru
cdn.jsdelivr.net
cdnjs.cloudflare.com
crm.vtour.by
104.17.24.14
2606:4700::6812:ba1f
2a00:ab00:610:1::1
95.213.247.61
08b8a34f2b8db3b6ffcd78e1e7469efe3ee78a4db8720e5cb3761a643726ddd2
0aa55964b368a42fb7e404d5d255f03ad0e94aa7ec15c6e175ca9663894353f9
194f8392da710f624dc7e4c9d62a9a24f9b75f89ff41638ec4c4c6d0a795e59e
26667ea8fceea7d0dd26b62036c4339a7d5765cc14953acd39063fd3cc9f4a23
3b18ea9029d95c0d1d4fd9a49fa1df1acfbb5fcebb4c406b17cb73a35f3cbf3b
5b4fbfff2654f8743bd5104676731152a220330de44bdff88770ab8d6af6715d
7d66f2de8a198b9704f74bf055bed540c98ca3a25bf5195c75e0358370ca1ca3
84894ad0d57839a27a7388a7092d98556b7e9f55db67b0059dc65abe528946b0
8860d4c27d883d2ce59cb9557827b7338648c50c635280d87443baa01670fc6a
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
918f3f7dda8d43c80aaf022ae4c640a55a7d626ac28d13405255a7c8285186f3
91d1c18f11e95131541e67eac6ae0361f17b1bf841373fcd6259c6a6804f3a3f
a2a67e3e3456fd942271f6537b4577cbfdea679deb8a48c60bda57fcb4319072
c402df42f37fccdf2f671abfcfbb1ffce800cd609588435f6fb49239db196a0a
d85773feff49172c4bf070d5efca2942f5196c6c14515357c0b71e617a95bccf
ec2644b4595c5012cd4c6bc42389154e6138ec5e40419117b49ed1d8a1b2b0da
ede09ad74fd2b975fa2fdeded7097fe7b39cfd18f4a789df8b4c681456788c6c
f2e6de7b057d65bff459000c810ebde7b278984f810b72b5a86fa77b1da1f18e
fdacad6dba64a09bbc98378cf92bd24787e2661788391ba808348cc5f4b23d71