urlscan.io logo urlscan.io
SecurityTrails logo

jollyleprechaun.ru Open in urlscan Pro
2a03:c980:d990:63c9:217:144:99:201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jollyleprechaun.ru/
Effective URL: https://jollyleprechaun.ru/
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 52 HTTP transactions. The main IP is 2a03:c980:d990:63c9:217:144:99:201, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is jollyleprechaun.ru.
TLS certificate: Issued by R3 on March 3rd 2023. Valid for: 3 months.
This is the only time jollyleprechaun.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 2a03:c980:d99... 210079 (EUROBYTE ...)
6 2a00:1450:400... 15169 (GOOGLE)
21 95.213.150.212 49505 (SELECTEL)
4 2a00:1450:400... 15169 (GOOGLE)
1 31.184.251.194 49505 (SELECTEL)
52 6
21    2a03:c980:d990:63c9:217:144:99:201 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
jollyleprechaun.ru
6    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    95.213.150.212 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
lpt-crm.online
4    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    31.184.251.194 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
my.lptracker.ru
Apex Domain
Subdomains		 Transfer
21 lpt-crm.online
lpt-crm.online
947 KB
21 jollyleprechaun.ru
jollyleprechaun.ru
1 MB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
151 KB
4 gstatic.com
fonts.gstatic.com
50 KB
1 lptracker.ru
my.lptracker.ru
65 KB
52 5
Domain Requested by
21 lpt-crm.online jollyleprechaun.ru
lpt-crm.online
21 jollyleprechaun.ru 1 redirects jollyleprechaun.ru
6 fonts.googleapis.com jollyleprechaun.ru
lpt-crm.online
4 fonts.gstatic.com fonts.googleapis.com
1 my.lptracker.ru lpt-crm.online
52 5

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
jollyleprechaun.ru
R3		 2023-03-03 -
2023-06-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
lpt-crm.online
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.lptracker.ru
AlphaSSL CA - SHA256 - G2		 2022-10-03 -
2023-11-04		 a year crt.sh

This page contains 6 frames:

Primary Page: https://jollyleprechaun.ru/
Frame ID: 0221C6B51B97796CBDCC36A9158F229A
Requests: 32 HTTP requests in this frame

Frame: https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Frame ID: EF1852A5EA1F8A03DA7E4A990DCBBC07
Requests: 2 HTTP requests in this frame

Frame: https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Frame ID: D355D1428F4E3A73F9265E0EDC092837
Requests: 2 HTTP requests in this frame

Frame: https://lpt-crm.online/lpt_widget/plugins/jquery.js
Frame ID: 60C3DBCC94BBB5F29358FE889D96FD37
Requests: 5 HTTP requests in this frame

Frame: https://lpt-crm.online/lpt_widget/plugins/jquery.js
Frame ID: F7D9EDD8C7281B509DBA1DB7A8D0311C
Requests: 6 HTTP requests in this frame

Frame: https://lpt-crm.online/lpt_widget/plugins/jquery.js
Frame ID: 196831C426F95EE517D97A89F61AFE1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Паб Jolie Leprechaun

Page URL History Show full URLs

  1. http://jollyleprechaun.ru/ HTTP 302
    https://jollyleprechaun.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2320 kB
Transfer

5234 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jollyleprechaun.ru/ HTTP 302
    https://jollyleprechaun.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jollyleprechaun.ru/
Redirect Chain
  • http://jollyleprechaun.ru/
  • https://jollyleprechaun.ru/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed / PHP/8.2.3
Resource Hash
d794b7c78229e237ae8335032150704df6f7afd912c950cbe3ca53a64498a064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
max-age=86400, public
content-encoding
br
content-language
ru
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:19 GMT
etag
"1678118277"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Mon, 06 Mar 2023 15:57:57 GMT
server
LiteSpeed
vary
Cookie,Accept-Encoding
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-powered-by
PHP/8.2.3
x-ua-compatible
IE=edge

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
683
content-type
text/html
date
Mon, 06 Mar 2023 18:41:19 GMT
location
https://jollyleprechaun.ru/
server
LiteSpeed
css2
fonts.googleapis.com/ 		544 KB
147 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=M+PLUS+1p:wght@100;300;400;500;700&display=swap
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2052acceff514e960ef6c2df05f4c84d0b9e01eb942363baeaabc8be3a2f076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:35 GMT
css_rMQoebDqTuYPKAGyzEVjX0IpMyDWdZYYVBot0RPwDcI.css
jollyleprechaun.ru/sites/default/files/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/sites/default/files/css/css_rMQoebDqTuYPKAGyzEVjX0IpMyDWdZYYVBot0RPwDcI.css
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
acc42879b0ea4ee60f2801b2cc45635f42293320d6759618541a2dd113f00dc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 13:19:16 GMT
server
LiteSpeed
etag
"ca6-63fcadd4-b0257801e8f0229d;;;"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3238
expires
Mon, 13 Mar 2023 18:41:19 GMT
css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
jollyleprechaun.ru/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/sites/default/files/css/css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e2e9ad34fe969b733d80f3710d478c154bbeb3137b6eacbeff7b71511bde4dc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 21:47:34 GMT
server
LiteSpeed
etag
"905-63e17576-9e5aa0d45685e730;;;"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2309
expires
Mon, 13 Mar 2023 18:41:19 GMT
modernizr.min.js
jollyleprechaun.ru/core/assets/vendor/modernizr/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/core/assets/vendor/modernizr/modernizr.min.js?v=3.11.7
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 27 Jan 2023 13:59:20 GMT
server
LiteSpeed
etag
"1c42-63d3d8b8-f23495c824961707;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
2891
expires
Mon, 20 Mar 2023 18:41:19 GMT
modernizr-additional-tests.js
jollyleprechaun.ru/core/misc/ 		2 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/core/misc/modernizr-additional-tests.js?v=3.11.7
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 27 Jan 2023 13:57:19 GMT
server
LiteSpeed
etag
"948-63d3d83f-7a1bfd99a7c1ef88;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
856
expires
Mon, 20 Mar 2023 18:41:19 GMT
telegram_icon.svgz
jollyleprechaun.ru/themes/pub/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/telegram_icon.svgz
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b33a5483986d33270bbddc90c10c41361b8dfc07254b91e3080972195d12c976
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 07 Jan 2023 09:19:55 GMT
server
LiteSpeed
etag
"33e-63b9393b-d9c03bb941ee4ae7;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
830
expires
Mon, 13 Mar 2023 18:41:20 GMT
jollyLeprechaun.svgz
jollyleprechaun.ru/themes/pub/img/ 		24 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/jollyLeprechaun.svgz
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5abf9e05cd9b047b1ac9a82fc04868396a911241bf5b48a99f23b80eb709ab5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 22:48:15 GMT
server
LiteSpeed
etag
"20b1-60c1452f-27aa8d505b2c5282;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8369
expires
Mon, 13 Mar 2023 18:41:20 GMT
js_hOg30950sFLVn8TDTbHTXjjLGd-DEtENKFsqGpcWJh8.js
jollyleprechaun.ru/sites/default/files/js/ 		437 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jollyleprechaun.ru/sites/default/files/js/js_hOg30950sFLVn8TDTbHTXjjLGd-DEtENKFsqGpcWJh8.js
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
84e837d3de74b052d59fc4c34db1d35e38cb19df8312d10d285b2a1a9716261f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 13:19:16 GMT
server
LiteSpeed
etag
"3371f-63fcadd4-a6827ab5da141acc;;;"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
210719
expires
Mon, 20 Mar 2023 18:41:19 GMT
YCK-Laneways-Block-Party-3-1200x800.jpg
jollyleprechaun.ru/sites/default/files/styles/original/public/2021-06/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/original/public/2021-06/YCK-Laneways-Block-Party-3-1200x800.jpg?h=342322f6
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
260907e5a76e23d6db268a41973394535a5f22f1c2642dd24d9c169d13debb1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 19:36:56 GMT
server
LiteSpeed
etag
"21070-60b92f58-736cb964b8faa12b;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
135280
expires
Mon, 13 Mar 2023 18:41:20 GMT
clever_icon.svg
jollyleprechaun.ru/themes/pub/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/clever_icon.svg
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/sites/default/files/css/css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
66a1141faf1e88dca588cf9fc03689f79ee1cad0d0906cd8a7caf5ca665b67a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/sites/default/files/css/css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Oct 2022 17:06:03 GMT
server
LiteSpeed
etag
"135d-63517ffb-8277b2d7e2b6040d;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1711
expires
Mon, 13 Mar 2023 18:41:20 GMT
preview.jpg
jollyleprechaun.ru/themes/pub/img/vtour/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/vtour/preview.jpg
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/sites/default/files/css/css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
86727c472fbbd749bac1ab67f78e6fefd1e0cf178960e200c883f59b96b9d217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/sites/default/files/css/css_4umtNP6Wm3M9gPNxDUeMFUu-sxN7bqy-_3txURveTcg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Jul 2021 15:55:37 GMT
server
LiteSpeed
etag
"37388-60f5a079-85cc537d00d8aa8d;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
226184
expires
Mon, 13 Mar 2023 18:41:20 GMT
jolly_corp_web.jpg
jollyleprechaun.ru/sites/default/files/inline-images/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/inline-images/jolly_corp_web.jpg
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cf7b2633e9aad9a5c2b3321eaccd9c571e74cc662dc51d7aab1ecdeb8ed7c7fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 18:04:36 GMT
server
LiteSpeed
etag
"28e17-6373d4b4-cde96587ed123fc2;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
167447
expires
Mon, 13 Mar 2023 18:41:20 GMT
tour_0.png
jollyleprechaun.ru/sites/default/files/inline-images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/inline-images/tour_0.png
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
55f2ad632d59d45546b84b620e8591d9a386b7f1f3b6c728b5b415d1b6dfd19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Jul 2021 22:40:36 GMT
server
LiteSpeed
etag
"4e36-60f5ff64-3b04dba64aafba91;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20022
expires
Mon, 13 Mar 2023 18:41:20 GMT
parser.min.js
lpt-crm.online/lpt_widget/out/ 		416 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/out/parser.min.js
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
000164e7c71db83fc44417939d4d2352fb206eb0a1e22f1aa2100b10b85988fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:35 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:02:27 GMT
server
nginx/1.12.2
etag
W/"633db8a3-67e7e"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:35 GMT
kick-widget.js
lpt-crm.online/lpt_widget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/kick-widget.js
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
04f396330cfe8b7b5cee40130690405f4213ce6e7ec4ecaf1d9e227a5321336c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:35 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:01:32 GMT
server
nginx/1.12.2
etag
W/"633db86c-119d"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:35 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		369 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
StoneShades_web_07.jpg
jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/StoneShades_web_07.jpg?h=299a0fbd
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9d1b36f09109326c3c1d12de4cff207eec737872b00c53a699a02ea1f61a3bb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 16:38:22 GMT
server
LiteSpeed
etag
"11f18-63fcdc7e-79d3a85c6f26c9a1;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
73496
expires
Mon, 13 Mar 2023 18:41:20 GMT
main.min.js
lpt-crm.online/lpt_widget/out/ 		747 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/kick-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
68eb54bc5b9a46791ecc01ac3d9541d48adc1bcba7305eed93b61acdb1a22975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:35 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:00:57 GMT
server
nginx/1.12.2
etag
W/"633db849-bac13"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:35 GMT
RockBarBand_web_10.jpg
jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/RockBarBand_web_10.jpg?h=299a0fbd
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f57c819f0cdf7781b02a27af82e845255638c37a2a4b55eabd8bd30171d35d7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 16:36:21 GMT
server
LiteSpeed
etag
"f292-63fcdc05-95faf73bf93aa89f;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
62098
expires
Mon, 13 Mar 2023 18:41:20 GMT
Lirika_web_11.jpg
jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/Lirika_web_11.jpg?h=299a0fbd
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
af8912b2aaea3342a7a00f8871bc191e847b049c1f73422a3b33a3199cdac1c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 16:32:11 GMT
server
LiteSpeed
etag
"11e86-63fcdb0b-b9b3d649b3446e69;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
73350
expires
Mon, 13 Mar 2023 18:41:20 GMT
track
lpt-crm.online/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/parser.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0a61da71444215dd81a12b1d128249ff28946ca1c414cf86866eafe9bb06460c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jollyleprechaun.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-origin
normal
x-lpt-memory-peak
6.00
x-lpt-log-failures
0
x-lpt-env
prod
x-lpt-time
0.06
x-lpt-memory-total
4.00
x-backend-server
stats-new-1
pragma
no-cache
x-lpt-request-id
stats-1-640633e0434a99.18236147
server
nginx/1.12.2
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jollyleprechaun.ru
x-upstream
stats-fpm
cache-control
no-store, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
x-lpt-log-events
0
x-lpt-db-queries
24
track
lpt-crm.online/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jollyleprechaun.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
https://jollyleprechaun.ru
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:36 GMT
server
nginx/1.12.2
x-backend-server
stats-new-6
x-origin
normal
x-upstream
stats-fpm
SimpleRiff_web_17.jpg
jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/SimpleRiff_web_17.jpg?h=299a0fbd
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
86a8093a2176baf022b1ed9e87d10d0e902ba960bebd8c2a62e4fbe760d43de6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 16:43:07 GMT
server
LiteSpeed
etag
"10e1a-63fcdd9b-22412cb28306ce14;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
69146
expires
Mon, 13 Mar 2023 18:41:20 GMT
GreatPretenders_web_18.jpg
jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/sites/default/files/styles/concerts/public/2023-02/GreatPretenders_web_18.jpg?h=299a0fbd
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dd91e78c539d5aad36f8e056202c63cb2534bedc2ff1a2f68bfdc5f3fc0b85ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Feb 2023 16:43:07 GMT
server
LiteSpeed
etag
"100a0-63fcdd9b-99b29b9359e41944;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
65696
expires
Mon, 13 Mar 2023 18:41:20 GMT
settings
lpt-crm.online/ 		47 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/settings
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/parser.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
829d5d41251c58256e25f5c224d56eba64bfa90c9567f47dc752533dc57a9265

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jollyleprechaun.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-origin
normal
x-lpt-memory-peak
6.00
x-lpt-log-failures
0
x-lpt-env
prod
x-lpt-time
0.07
x-lpt-memory-total
4.00
x-backend-server
stats-new-1
pragma
no-cache
x-lpt-request-id
stats-1-640633e06e7da3.82951937
server
nginx/1.12.2
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jollyleprechaun.ru
x-upstream
stats-fpm
cache-control
no-store, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
x-lpt-log-events
0
x-lpt-db-queries
26
settings
lpt-crm.online/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/settings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jollyleprechaun.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
https://jollyleprechaun.ru
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:36 GMT
server
nginx/1.12.2
x-backend-server
stats-new-6
x-origin
normal
x-upstream
stats-fpm
settings
lpt-crm.online/ 		47 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/settings
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
829d5d41251c58256e25f5c224d56eba64bfa90c9567f47dc752533dc57a9265

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jollyleprechaun.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-origin
normal
x-lpt-memory-peak
6.00
x-lpt-log-failures
0
x-lpt-env
prod
x-lpt-time
0.07
x-lpt-memory-total
4.00
x-backend-server
stats-new-6
pragma
no-cache
x-lpt-request-id
stats-6-640633e06f7289.95350020
server
nginx/1.12.2
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jollyleprechaun.ru
x-upstream
stats-fpm
cache-control
no-store, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
x-lpt-log-events
0
x-lpt-db-queries
26
settings
lpt-crm.online/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/settings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jollyleprechaun.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
https://jollyleprechaun.ru
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:36 GMT
server
nginx/1.12.2
x-backend-server
stats-new-1
x-origin
normal
x-upstream
stats-fpm
get_calltracking_phone
lpt-crm.online/track/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track/get_calltracking_phone
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3ed5864d9b5d7391c326bf19725387340fbdd2cda7ede4dd3d1efc2e98c182fb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jollyleprechaun.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-origin
normal
x-lpt-memory-peak
4.00
x-lpt-log-failures
0
x-lpt-env
prod
x-lpt-time
0.04
x-lpt-memory-total
2.00
x-backend-server
stats-new-3
pragma
no-cache
x-lpt-request-id
stats-3-640633e093dee8.77772496
server
nginx/1.12.2
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jollyleprechaun.ru
x-upstream
stats-fpm
cache-control
no-store, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
x-lpt-log-events
0
x-lpt-db-queries
22
get_calltracking_phone
lpt-crm.online/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track/get_calltracking_phone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jollyleprechaun.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
https://jollyleprechaun.ru
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:36 GMT
server
nginx/1.12.2
x-backend-server
stats-new-6
x-origin
normal
x-upstream
stats-fpm
lpt_widget_btn.min.css
lpt-crm.online/LPT_widget//out/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/LPT_widget//out/lpt_widget_btn.min.css?2.24.20201228-424-gbfd51645fd-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0ceb48329a11fd4544a8e60e32f285dd26920746bece73f5c9c70366cc2b76a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:01:31 GMT
server
nginx/1.12.2
etag
W/"633db86b-e96f"
content-type
text/css
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
telegram_icon.svgz
jollyleprechaun.ru/themes/pub/img/ 		2 KB
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/telegram_icon.svgz
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/sites/default/files/js/js_hOg30950sFLVn8TDTbHTXjjLGd-DEtENKFsqGpcWJh8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b33a5483986d33270bbddc90c10c41361b8dfc07254b91e3080972195d12c976
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 07 Jan 2023 09:19:55 GMT
server
LiteSpeed
etag
"33e-63b9393b-d9c03bb941ee4ae7;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
830
expires
Mon, 13 Mar 2023 18:41:21 GMT
lpt_widget.min.css
lpt-crm.online/LPT_widget//out/ Frame EF18 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
737f91769194cdd9ec517b649a1f27399229fcc3e8baeadd0fa06b80b5c0bc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:02:28 GMT
server
nginx/1.12.2
etag
W/"633db8a4-1879a"
content-type
text/css
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
css
fonts.googleapis.com/ Frame EF18 		4 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b47fa05a90f32ee5115857f27d94c559b7fa7e62809ca07e2d86a08d1dca1fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:36 GMT
lpt_widget.min.css
lpt-crm.online/LPT_widget//out/ Frame D355 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
737f91769194cdd9ec517b649a1f27399229fcc3e8baeadd0fa06b80b5c0bc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:00:59 GMT
server
nginx/1.12.2
etag
W/"633db84b-1879a"
content-type
text/css
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
css
fonts.googleapis.com/ Frame D355 		4 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b47fa05a90f32ee5115857f27d94c559b7fa7e62809ca07e2d86a08d1dca1fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:36 GMT
jquery.js
lpt-crm.online/lpt_widget/plugins/ Frame 60C3 		481 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/plugins/jquery.js
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3fd735239276b9a4c6226ec6c8c904ce090096f2e3847a534f07830461014ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2019 04:37:14 GMT
server
nginx/1.12.2
etag
W/"5d5632fa-783a7"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
lpt_widget.min.css
lpt-crm.online/LPT_widget//out/ Frame 60C3 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
737f91769194cdd9ec517b649a1f27399229fcc3e8baeadd0fa06b80b5c0bc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:02:28 GMT
server
nginx/1.12.2
etag
W/"633db8a4-1879a"
content-type
text/css
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
css
fonts.googleapis.com/ Frame 60C3 		4 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b47fa05a90f32ee5115857f27d94c559b7fa7e62809ca07e2d86a08d1dca1fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:36 GMT
jquery.js
lpt-crm.online/lpt_widget/plugins/ Frame F7D9 		481 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/plugins/jquery.js
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3fd735239276b9a4c6226ec6c8c904ce090096f2e3847a534f07830461014ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2019 04:37:14 GMT
server
nginx/1.12.2
etag
W/"5d5632fa-783a7"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
lpt_widget.min.css
lpt-crm.online/LPT_widget//out/ Frame F7D9 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
737f91769194cdd9ec517b649a1f27399229fcc3e8baeadd0fa06b80b5c0bc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 17:02:28 GMT
server
nginx/1.12.2
etag
W/"633db8a4-1879a"
content-type
text/css
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
css
fonts.googleapis.com/ Frame F7D9 		4 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b47fa05a90f32ee5115857f27d94c559b7fa7e62809ca07e2d86a08d1dca1fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:36 GMT
jquery.js
lpt-crm.online/lpt_widget/plugins/ Frame 1968 		481 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/lpt_widget/plugins/jquery.js
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3fd735239276b9a4c6226ec6c8c904ce090096f2e3847a534f07830461014ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2019 04:37:14 GMT
server
nginx/1.12.2
etag
W/"5d5632fa-783a7"
content-type
application/javascript
x-upstream
stats-fpm
cache-control
max-age=604800
expires
Mon, 13 Mar 2023 18:41:36 GMT
css
fonts.googleapis.com/ Frame 1968 		12 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,cyrillic-ext
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 18:41:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 18:41:36 GMT
telegram_icon.svgz
jollyleprechaun.ru/themes/pub/img/ 		2 KB
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jollyleprechaun.ru/themes/pub/img/telegram_icon.svgz
Requested by
Host: jollyleprechaun.ru
URL: https://jollyleprechaun.ru/sites/default/files/js/js_hOg30950sFLVn8TDTbHTXjjLGd-DEtENKFsqGpcWJh8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:c980:d990:63c9:217:144:99:201 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b33a5483986d33270bbddc90c10c41361b8dfc07254b91e3080972195d12c976
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jollyleprechaun.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 07 Jan 2023 09:19:55 GMT
server
LiteSpeed
etag
"33e-63b9393b-d9c03bb941ee4ae7;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
830
expires
Mon, 13 Mar 2023 18:41:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 60C3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jollyleprechaun.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options
nosniff
age
363665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:40:31 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 60C3 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jollyleprechaun.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:02:06 GMT
x-content-type-options
nosniff
age
365970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:02:06 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jollyleprechaun.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:40:31 GMT
x-content-type-options
nosniff
age
363665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:40:31 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7D9 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jollyleprechaun.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:02:06 GMT
x-content-type-options
nosniff
age
365970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:02:06 GMT
flags.png
my.lptracker.ru/img/ Frame F7D9 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.lptracker.ru/img/flags.png
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/LPT_widget//out/lpt_widget.min.css?2.24.20201228-424-gbfd51645fd-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.184.251.194 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
ea345ff7863ddb3bf9e2d80c066db29f9e5ffbb5ed4321430b799bef1e2b18ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpt-crm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Mar 2023 18:41:37 GMT
last-modified
Thu, 08 Nov 2018 09:33:09 GMT
server
nginx/1.20.2
etag
"5be402d5-1027b"
content-type
image/png
x-upstream
v2-front
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
66171
x-request-id
nginx-daaebb712480750d485aa86ab4dea744
expires
Thu, 31 Dec 2037 23:55:55 GMT
loaded
lpt-crm.online/track/ 		4 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track/loaded
Requested by
Host: lpt-crm.online
URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-427-g2eb4bfef64-dirty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jollyleprechaun.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 18:41:36 GMT
content-encoding
gzip
x-origin
normal
x-lpt-memory-peak
2.00
x-lpt-log-failures
0
x-lpt-env
prod
x-lpt-time
0.00
x-lpt-memory-total
0.00
x-backend-server
stats-new-6
pragma
no-cache
x-lpt-request-id
stats-6-640633e0ecb070.24851886
server
nginx/1.12.2
access-control-max-age
3600
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jollyleprechaun.ru
x-upstream
stats-fpm
cache-control
no-store, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
x-lpt-log-events
0
x-lpt-db-queries
0
loaded
lpt-crm.online/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lpt-crm.online/track/loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.213.150.212 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://jollyleprechaun.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, lpt-parser-submit-btn
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
https://jollyleprechaun.ru
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 18:41:36 GMT
server
nginx/1.12.2
x-backend-server
stats-new-1
x-origin
normal
x-upstream
stats-fpm

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| Modernizr function| once function| __reSizeApply function| __onScroll function| __afterMaker function| _makeReserv function| _reserv_click function| observeDom function| observeDom_old function| initSlider function| imageLoadInit function| _getNextLoadItem function| toServiceMessage function| toServiceWarning function| toServiceError function| callback_stand function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| start_3d_tour function| posAfisha function| createPanoViewer function| removepano function| embedpano object| krpanoJS function| embedpanoJS undefined| $ function| jQuery function| ES6Promise object| drupalSettings object| drupalTranslations object| Drupal object| Popper function| tippy object| lptWg number| timeStmp function| Inputmask object| WebuiPopovers object| AnimSlider object| LPT_VK_MODAL_INTERVAL boolean| LPTRACKER_VISITOR_ID string| LPTRACKER_VIEW_ID number| LPTRACKER_SITE_ID string| LPTRACKER_BASE_URL function| jQstat

5 Cookies

Domain/Path Name / Value
.lpt-crm.online/ Name: session_id
Value: jlHMlIDsFWs0SmxPGSRXvJr9kLSw1kOz
jollyleprechaun.ru/ Name: lp_tracker_id
Value: 87841
jollyleprechaun.ru/ Name: ip
Value: false
jollyleprechaun.ru/ Name: lptracker_visitor_id
Value: false
jollyleprechaun.ru/ Name: lptracker_view_id
Value: 8d7afdd8-c8dc-4419-a9e8-3e3d8410d81c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
jollyleprechaun.ru
lpt-crm.online
my.lptracker.ru
2a00:1450:400d:806::2003
2a00:1450:400d:80a::200a
2a03:c980:d990:63c9:217:144:99:201
31.184.251.194
95.213.150.212
000164e7c71db83fc44417939d4d2352fb206eb0a1e22f1aa2100b10b85988fb
04f396330cfe8b7b5cee40130690405f4213ce6e7ec4ecaf1d9e227a5321336c
0a61da71444215dd81a12b1d128249ff28946ca1c414cf86866eafe9bb06460c
0ceb48329a11fd4544a8e60e32f285dd26920746bece73f5c9c70366cc2b76a0
1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1
260907e5a76e23d6db268a41973394535a5f22f1c2642dd24d9c169d13debb1d
3ed5864d9b5d7391c326bf19725387340fbdd2cda7ede4dd3d1efc2e98c182fb
3fd735239276b9a4c6226ec6c8c904ce090096f2e3847a534f07830461014ca2
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
55f2ad632d59d45546b84b620e8591d9a386b7f1f3b6c728b5b415d1b6dfd19c
5abf9e05cd9b047b1ac9a82fc04868396a911241bf5b48a99f23b80eb709ab5f
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66a1141faf1e88dca588cf9fc03689f79ee1cad0d0906cd8a7caf5ca665b67a8
68eb54bc5b9a46791ecc01ac3d9541d48adc1bcba7305eed93b61acdb1a22975
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4
737f91769194cdd9ec517b649a1f27399229fcc3e8baeadd0fa06b80b5c0bc75
829d5d41251c58256e25f5c224d56eba64bfa90c9567f47dc752533dc57a9265
84e837d3de74b052d59fc4c34db1d35e38cb19df8312d10d285b2a1a9716261f
86727c472fbbd749bac1ab67f78e6fefd1e0cf178960e200c883f59b96b9d217
86a8093a2176baf022b1ed9e87d10d0e902ba960bebd8c2a62e4fbe760d43de6
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9d1b36f09109326c3c1d12de4cff207eec737872b00c53a699a02ea1f61a3bb7
acc42879b0ea4ee60f2801b2cc45635f42293320d6759618541a2dd113f00dc2
af8912b2aaea3342a7a00f8871bc191e847b049c1f73422a3b33a3199cdac1c6
b33a5483986d33270bbddc90c10c41361b8dfc07254b91e3080972195d12c976
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
b47fa05a90f32ee5115857f27d94c559b7fa7e62809ca07e2d86a08d1dca1fab
cf7b2633e9aad9a5c2b3321eaccd9c571e74cc662dc51d7aab1ecdeb8ed7c7fc
d2052acceff514e960ef6c2df05f4c84d0b9e01eb942363baeaabc8be3a2f076
d794b7c78229e237ae8335032150704df6f7afd912c950cbe3ca53a64498a064
dd91e78c539d5aad36f8e056202c63cb2534bedc2ff1a2f68bfdc5f3fc0b85ec
e2e9ad34fe969b733d80f3710d478c154bbeb3137b6eacbeff7b71511bde4dc8
ea345ff7863ddb3bf9e2d80c066db29f9e5ffbb5ed4321430b799bef1e2b18ba
f57c819f0cdf7781b02a27af82e845255638c37a2a4b55eabd8bd30171d35d7f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef