ua.sellmicrobecua.fun Open in urlscan Pro
185.68.16.204  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ua.sellmicrobecua.fun/	16 KB 5 KB	2445ms 708ms	Document text/html	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash b5155a61c8f65fa85e6dbc4ca553b41e78543d2bf0d36a7d9659929be88c8208 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sat, 13 Jan 2024 23:37:22 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx x-ray wnp32835:0.530/wn32835:0.530/wa32835:D=522375
GET H2	200	css2.css ua.sellmicrobecua.fun/css/	776 B 934 B	185ms 172ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/css2.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 55f0ab4972f72797e8f4ea8a56c5eda7f0dad88eede3d687de8da2764c6054d1 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:33 GMT server nginx etag "6584138d-308" content-type text/css accept-ranges bytes content-length 776
GET H2	200	slick.css ua.sellmicrobecua.fun/css/	2 KB 2 KB	183ms 170ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/slick.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-6f0" content-type text/css accept-ranges bytes content-length 1776
GET H2	200	raleway.css ua.sellmicrobecua.fun/css/	2 KB 2 KB	186ms 173ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/raleway.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash f2be48585658439f2c447e0105e299c5121b8e83c9495e63448f18801a22cce1 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-636" content-type text/css accept-ranges bytes content-length 1590
GET H2	200	GothamPro.css ua.sellmicrobecua.fun/css/	1 KB 1 KB	192ms 179ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/GothamPro.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 1e688179065909f72d188304a5dd87be012621231f3663783c82346349561670 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:32 GMT server nginx etag "6584138c-4ab" content-type text/css accept-ranges bytes content-length 1195
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/	100 KB 19 KB	122ms 42ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 115727 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18861 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-49ad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctXyO8XZ7KY0y3RxgAzGenT2ahk44sHK9GybNzOeJXmhu84p4dwVfZeYRSfu%2BwQlzYspRahxQSE4q7ldMPpT2O9PUMyWzUEY8eCZ98aXa5NJDil%2BGF78ZofsYIcSGjjoqAZALXv5"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8451777b5b9409fe-MIA expires Thu, 02 Jan 2025 23:37:22 GMT
GET H2	200	css2 fonts.googleapis.com/	17 KB 1 KB	237ms 91ms	Stylesheet text/css	142.251.41.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;500;600;700;800;900&display=swap Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.41.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f10.1e100.net Software ESF / Resource Hash 659b68c31ecef9a7869dbaaadee969a0aeb5beb12d94bff226e0e699592e6e9e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jan 2024 23:37:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jan 2024 23:37:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jan 2024 23:37:22 GMT
GET H2	200	reset.css ua.sellmicrobecua.fun/css/	2 KB 880 B	186ms 174ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/reset.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash efad3598a1f77b3787f0028f0a87061a654b08c5ba5f5e47708d4032e20d969b Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag W/"6584138b-8d4" content-type text/css
GET H2	200	settings.css ua.sellmicrobecua.fun/css/	5 KB 1 KB	185ms 176ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/settings.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 94728a0ce046326ce1b72ea464505447d3244760cf5b1089efc8884a868bff2d Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:55:38 GMT server nginx etag W/"658419aa-12a1" content-type text/css
GET H2	200	style.css ua.sellmicrobecua.fun/css/	13 KB 3 KB	314ms 305ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/style.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 255d9e6a83e8260b9b01608f846c1288d8f11f83349fbbb169e3ec3003b603f9 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 11:03:41 GMT server nginx etag W/"65841b8d-333b" content-type text/css
GET H2	200	js Show response www.googletagmanager.com/gtag/	242 KB 82 KB	262ms 102ms	Script application/javascript	142.251.40.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.168 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f8.1e100.net Software Google Tag Manager / Resource Hash 31518972a287ea3b020185d521c4c656a288c84fecaca3e757f52f7b75fc713e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83072 x-xss-protection 0 last-modified Sat, 13 Jan 2024 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 13 Jan 2024 23:37:22 GMT
GET H2	200	__2023-01-11__152642.jpg ua.sellmicrobecua.fun/images/	77 KB 77 KB	326ms 318ms	Image image/jpeg	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/__2023-01-11__152642.jpg Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 41b9f04d53bcd7b99c69253cb4befe1dad4e3f19874a3d0cb70a079223fd250c Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-1336c" content-type image/jpeg accept-ranges bytes content-length 78700
GET H2	200	__2023-08-30__102008.png ua.sellmicrobecua.fun/images/	204 KB 204 KB	591ms 583ms	Image image/png	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/__2023-08-30__102008.png Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash b496b9ce51696ff56644a25460ac972f3ddc604c0aa4cb84a1c58f2767d09687 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-32f91" content-type image/png accept-ranges bytes content-length 208785
GET H2	200	20644z5b698a6e_650x4.jpg ua.sellmicrobecua.fun/images/	70 KB 70 KB	423ms 416ms	Image image/jpeg	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/20644z5b698a6e_650x4.jpg Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 9d0c556b92436c85e13c63ed51d0436c893f3c0c263114c8d43f9010a652a95d Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-11620" content-type image/jpeg accept-ranges bytes content-length 71200
GET H2	200	Zapah-iz-septika.jpeg ua.sellmicrobecua.fun/images/	181 KB 182 KB	444ms 437ms	Image image/jpeg	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/Zapah-iz-septika.jpeg Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 538d57a07f033ea23a237d5c66f27bc0c9627b45e3d7df40c8fa2c5d7d1f14e2 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-2d51e" content-type image/jpeg accept-ranges bytes content-length 185630
GET H2	200	Bakterii-i-himiya-dl.jpeg ua.sellmicrobecua.fun/images/	36 KB 36 KB	568ms 562ms	Image image/jpeg	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/Bakterii-i-himiya-dl.jpeg Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash d2fb19db98153106a82f80330aac69b709df34abc1a9af21bf503bcf710b3d14 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-8f16" content-type image/jpeg accept-ranges bytes content-length 36630
GET H2	200	rev.png ua.sellmicrobecua.fun/images/	170 KB 170 KB	561ms 558ms	Image image/png	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/rev.png Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 2c60fb9af8d868394b357c3c3bf8658773290154dcc5d0441efa8792bdd70eec Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-2a705" content-type image/png accept-ranges bytes content-length 173829
GET H2	200	rev1.png ua.sellmicrobecua.fun/images/	167 KB 167 KB	585ms 583ms	Image image/png	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/rev1.png Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 91e6582252be0ef0d4af1b0477700148fdceff84a696a9af49d6b1238cdbf8b8 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-29c88" content-type image/png accept-ranges bytes content-length 171144
GET H2	200	znizhka.png ua.sellmicrobecua.fun/images/	40 KB 40 KB	710ms 708ms	Image image/png	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/znizhka.png Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 2e9fe48c62e60e04748e50b953d96f404e600b2106750c59e345668a5f56070b Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag "6584138b-9fa5" content-type image/png accept-ranges bytes content-length 40869
GET H2	200	roboto.css ua.sellmicrobecua.fun/css/	4 KB 545 B	420ms 414ms	Stylesheet text/css	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/css/roboto.css Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash c939a188ea978b78b8875c6f26a3b229fb8ba702b12b943fc376353fcc7c1c19 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:29:32 GMT server nginx etag W/"6584138c-e57" content-type text/css
GET H2	200	jquery.min.js Show response ua.sellmicrobecua.fun/js/	82 KB 28 KB	753ms 748ms	Script application/javascript	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/js/jquery.min.js Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag W/"6584138b-14960" content-type application/javascript
GET H2	200	all.min.js Show response cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/js/	1 MB 401 KB	46ms 41ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/js/all.min.js Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24b8bce65fa6e4860f2dc4301e829475dbc971b0f49fafd9074da88ce03514c0 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3616510 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 409743 last-modified Fri, 01 Dec 2023 00:32:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65692999-6408f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqAqJZws349e2xm8MsDBQb4knoC39%2FYoSlZ8DtYHDxD3dUd8441zexjXrpWlvJemz1tLIDXeCAg5y%2FAakoAa%2FySkApG21ns4zjKfvndvduHM8NFedhXBHm8mVaUwbswFjhNYoA1g"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8451777cede209fe-MIA expires Thu, 02 Jan 2025 23:37:22 GMT
GET H2	200	slick.min.js Show response ua.sellmicrobecua.fun/js/	42 KB 10 KB	753ms 749ms	Script application/javascript	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/js/slick.min.js Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag W/"6584138b-a76f" content-type application/javascript
GET H2	200	main.js Show response ua.sellmicrobecua.fun/js/	3 KB 1 KB	554ms 550ms	Script application/javascript	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ua.sellmicrobecua.fun/js/main.js Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 2c263c21fcdf022c9e1d20d68616e4d9d8daff7fe80afaede6698856d42e8b70 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.010/wn32835:0.000/ content-encoding br last-modified Thu, 21 Dec 2023 10:29:31 GMT server nginx etag W/"6584138b-af7" content-type application/javascript
GET H2	200	jquery.maskedinput.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	4 KB 2 KB	43ms 39ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.min.js Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3127411 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1714 last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-10e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QCXQWvPS1xm0OZPPPAzVGsfKyCjaiLg2cB%2FsTcUfIt3sg6Ur0YDDenzWiz6ma%2F4zGYVuKWkP1hId0N%2FKoxJuc0v7d0%2BUCS%2Fjal0K0DBF1LNeIEGPOgKfRIojbesnL3ld3eoV5g%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8451777cede309fe-MIA expires Thu, 02 Jan 2025 23:37:22 GMT
GET H2	200	zx.png ua.sellmicrobecua.fun/images/	276 KB 276 KB	747ms 746ms	Image image/png	185.68.16.204 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ua.sellmicrobecua.fun/images/zx.png Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.204 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web661.default-host.net Software nginx / Resource Hash 1a2d5588a3ae975e9364ddcb8ea78914b7b2bce180dd37ff0ec59921f852f8f3 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:37:22 GMT x-ray wnp32835:0.000/wn32835:0.000/ last-modified Thu, 21 Dec 2023 10:29:33 GMT server nginx etag "6584138d-44e75" content-type image/png accept-ranges bytes content-length 282229
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v27/	50 KB 50 KB	272ms 109ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ua.sellmicrobecua.fun accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 02:27:59 GMT x-content-type-options nosniff age 76163 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51404 x-xss-protection 0 last-modified Wed, 18 Oct 2023 17:52:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 02:27:59 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 fonts.gstatic.com/s/robotocondensed/v27/	28 KB 29 KB	222ms 64ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ua.sellmicrobecua.fun accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 20:01:35 GMT x-content-type-options nosniff age 358547 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28696 x-xss-protection 0 last-modified Wed, 18 Oct 2023 17:53:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 20:01:35 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11436593573/	2 KB 2 KB	215ms 78ms	Script text/javascript	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11436593573/?random=1705189043095&cv=11&fst=1705189043095&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&auid=2097446146.1705189043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software cafe / Resource Hash 612fd7af2fa385ef014ca3e8e92c65fc87140523be87f6aef2fa57436414460f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1322 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11436541107/	2 KB 1 KB	205ms 82ms	Script text/javascript	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11436541107/?random=1705189043137&cv=11&fst=1705189043137&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&auid=2097446146.1705189043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software cafe / Resource Hash 30ceef5337554be043475b47b7d94f6885785fb9c6031f857a089e4fb9afdd63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11436500278/	2 KB 1 KB	190ms 79ms	Script text/javascript	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11436500278/?random=1705189043149&cv=11&fst=1705189043149&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&auid=2097446146.1705189043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software cafe / Resource Hash 4358b8bebb5ae7a73f6594fa6ef50f9a2041cdf3d9f5646312b7de3f92c2496c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1321 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11444234942/	2 KB 1 KB	185ms 84ms	Script text/javascript	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11444234942/?random=1705189043162&cv=11&fst=1705189043162&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&auid=2097446146.1705189043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software cafe / Resource Hash 65d5719e0d57fbcc4987c9c8faa76477e7a766d499bf66b4e33fc07f379b1dc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1323 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11457910182/	2 KB 1 KB	181ms 92ms	Script text/javascript	142.250.65.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11457910182/?random=1705189043172&cv=11&fst=1705189043172&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&auid=2097446146.1705189043&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11436593573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s72-in-f2.1e100.net Software cafe / Resource Hash 0846c694a41e44d0aa03c13a8eae9d287b4bb64f55db926589d6bddb120da898 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11436593573/	42 B 455 B	241ms 77ms	Image image/gif	142.250.176.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11436593573/?random=1705189043095&cv=11&fst=1705186800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_nES70vYwm6warMUVqsp3OOpLWKm25g&random=2963282921&rmt_tld=0&ipr=y Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11436500278/	42 B 108 B	244ms 81ms	Image image/gif	142.250.176.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11436500278/?random=1705189043149&cv=11&fst=1705186800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dEO5R6w0Ulh2pg1aq_19NjUS_4tnyQ&random=697545678&rmt_tld=0&ipr=y Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11436541107/	42 B 108 B	241ms 79ms	Image image/gif	142.250.176.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11436541107/?random=1705189043137&cv=11&fst=1705186800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_UMBlm9IkxiGgR9cDTjdYgIPOTijqDQ&random=2486777814&rmt_tld=0&ipr=y Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11444234942/	42 B 108 B	235ms 82ms	Image image/gif	142.250.176.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11444234942/?random=1705189043162&cv=11&fst=1705186800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_nT0LJVOhvjJo1DkLdSn0oRKs_TNtug&random=2751042643&rmt_tld=0&ipr=y Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/11457910182/	42 B 108 B	231ms 80ms	Image image/gif	142.250.176.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11457910182/?random=1705189043172&cv=11&fst=1705186800000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9173230144&u_w=1600&u_h=1200&url=https%3A%2F%2Fua.sellmicrobecua.fun%2F&frm=0&tiba=%D0%91%D0%B0%D0%BA%D1%82%D0%B5%D1%80%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%A1%D0%B5%D0%BF%D1%82%D0%B8%D0%BA%D1%96%D0%B2%20%D1%82%D0%B0%20%D0%B2%D0%B8%D0%B3%D1%80%D1%96%D0%B1%D0%BD%D0%B8%D1%85%20%D1%8F%D0%BC%20Microbec%20Ultra&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_khueKnBP_AwjeGQ9J4SiJBgKmVLGUQ&random=1315115980&rmt_tld=0&ipr=y Requested by Host: ua.sellmicrobecua.fun URL: https://ua.sellmicrobecua.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ua.sellmicrobecua.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jan 2024 23:37:23 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| $ function| jQuery object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome number| endTime function| updateTimer number| timer function| formatTime

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ua.sellmicrobecua.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 698f245d82ad1f9944e344a76d5fee90
			.sellmicrobecua.fun/	1970-01-20 19:49:25	Name: _gcl_au Value: 1.1.2097446146.1705189043
			.doubleclick.net/	1970-01-20 17:39:49	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ua.sellmicrobecua.fun
www.google.com
www.googletagmanager.com
104.17.25.14
142.250.176.196
142.250.65.194
142.251.40.131
142.251.40.168
142.251.41.10
185.68.16.204
0846c694a41e44d0aa03c13a8eae9d287b4bb64f55db926589d6bddb120da898
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1a2d5588a3ae975e9364ddcb8ea78914b7b2bce180dd37ff0ec59921f852f8f3
1e688179065909f72d188304a5dd87be012621231f3663783c82346349561670
24b8bce65fa6e4860f2dc4301e829475dbc971b0f49fafd9074da88ce03514c0
255d9e6a83e8260b9b01608f846c1288d8f11f83349fbbb169e3ec3003b603f9
2c263c21fcdf022c9e1d20d68616e4d9d8daff7fe80afaede6698856d42e8b70
2c60fb9af8d868394b357c3c3bf8658773290154dcc5d0441efa8792bdd70eec
2e9fe48c62e60e04748e50b953d96f404e600b2106750c59e345668a5f56070b
30ceef5337554be043475b47b7d94f6885785fb9c6031f857a089e4fb9afdd63
31518972a287ea3b020185d521c4c656a288c84fecaca3e757f52f7b75fc713e
41b9f04d53bcd7b99c69253cb4befe1dad4e3f19874a3d0cb70a079223fd250c
4358b8bebb5ae7a73f6594fa6ef50f9a2041cdf3d9f5646312b7de3f92c2496c
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
538d57a07f033ea23a237d5c66f27bc0c9627b45e3d7df40c8fa2c5d7d1f14e2
55f0ab4972f72797e8f4ea8a56c5eda7f0dad88eede3d687de8da2764c6054d1
612fd7af2fa385ef014ca3e8e92c65fc87140523be87f6aef2fa57436414460f
6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4
659b68c31ecef9a7869dbaaadee969a0aeb5beb12d94bff226e0e699592e6e9e
65d5719e0d57fbcc4987c9c8faa76477e7a766d499bf66b4e33fc07f379b1dc5
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
91e6582252be0ef0d4af1b0477700148fdceff84a696a9af49d6b1238cdbf8b8
94728a0ce046326ce1b72ea464505447d3244760cf5b1089efc8884a868bff2d
9d0c556b92436c85e13c63ed51d0436c893f3c0c263114c8d43f9010a652a95d
b496b9ce51696ff56644a25460ac972f3ddc604c0aa4cb84a1c58f2767d09687
b5155a61c8f65fa85e6dbc4ca553b41e78543d2bf0d36a7d9659929be88c8208
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c939a188ea978b78b8875c6f26a3b229fb8ba702b12b943fc376353fcc7c1c19
d2fb19db98153106a82f80330aac69b709df34abc1a9af21bf503bcf710b3d14
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad3598a1f77b3787f0028f0a87061a654b08c5ba5f5e47708d4032e20d969b
f2be48585658439f2c447e0105e299c5121b8e83c9495e63448f18801a22cce1
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62