urlscan.io logo urlscan.io
SecurityTrails logo

user165.cryptobot.investments Open in urlscan Pro
217.114.42.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.user165.cryptobot.investments/
Effective URL: https://user165.cryptobot.investments/
Submission: On August 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 42 HTTP transactions. The main IP is 217.114.42.54, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is user165.cryptobot.investments.
TLS certificate: Issued by R3 on August 5th 2022. Valid for: 3 months.
This is the only time user165.cryptobot.investments was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 38 217.114.42.54 57724 (DDOS-GUARD)
1 46.166.161.95 16125 (CHERRYSER...)
7 2a03:90c0:41:... 199524 (GCORE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 46.243.226.248 208677 (SBERCLOUD-AS)
42 7
38    217.114.42.54 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
www.user165.cryptobot.investments
user165.cryptobot.investments
1    46.166.161.95 (Lithuania)

ASN16125 (CHERRYSERVERS1-AS, LT)
icon-box.live
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
code.jivo.ru
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    46.243.226.248 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
node-sber1-az2-2.jivosite.com
Apex Domain
Subdomains		 Transfer
38 cryptobot.investments
www.user165.cryptobot.investments
user165.cryptobot.investments
1 MB
7 jivo.ru
code.jivo.ru — Cisco Umbrella Rank: 94875
371 KB
1 jivosite.com
node-sber1-az2-2.jivosite.com — Cisco Umbrella Rank: 430749
571 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1407
48 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
6 KB
1 icon-box.live
icon-box.live
1 MB
42 6
Domain Requested by
37 user165.cryptobot.investments 6 redirects user165.cryptobot.investments
7 code.jivo.ru user165.cryptobot.investments
code.jivo.ru
1 node-sber1-az2-2.jivosite.com code.jivo.ru
1 code.createjs.com user165.cryptobot.investments
1 cdnjs.cloudflare.com user165.cryptobot.investments
1 icon-box.live user165.cryptobot.investments
1 www.user165.cryptobot.investments 1 redirects
42 7

This site contains no links.

Subject Issuer Validity Valid
user165.cryptobot.investments
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
icon-box.live
cPanel, Inc. Certification Authority		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.jivo.ru
AlphaSSL CA - SHA256 - G2		 2022-05-06 -
2023-06-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2022-05-26 -
2023-06-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://user165.cryptobot.investments/
Frame ID: 81BA4906A506D3B6A60DD02B117D6E97
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cryptobot InvestmentsFlag of Vatican City

Page URL History Show full URLs

  1. https://www.user165.cryptobot.investments/ HTTP 301
    http://user165.cryptobot.investments/ HTTP 301
    https://user165.cryptobot.investments/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

2825 kB
Transfer

5986 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.user165.cryptobot.investments/ HTTP 301
    http://user165.cryptobot.investments/ HTTP 301
    https://user165.cryptobot.investments/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://user165.cryptobot.investments/css2 HTTP 301
  • https://user165.cryptobot.investments/css2/
Request Chain 32
  • https://user165.cryptobot.investments/assets/icons/sprite.svg HTTP 301
  • https://user165.cryptobot.investments/assets/icons/sprite.svg/ HTTP 301
  • https://user165.cryptobot.investments/error_page/404.html/
Request Chain 35
  • https://user165.cryptobot.investments/assets/images/_1.jpg HTTP 301
  • https://user165.cryptobot.investments/assets/images/_1.jpg/ HTTP 301
  • https://user165.cryptobot.investments/error_page/404.html/

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
user165.cryptobot.investments/
Redirect Chain
  • https://www.user165.cryptobot.investments/
  • http://user165.cryptobot.investments/
  • https://user165.cryptobot.investments/
78 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.30
Resource Hash
1652138ce15e6722bc5935c990098a40286dd83db35983658feb5c3139bf025e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 05 Aug 2022 20:23:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
ddos-guard
vary
Accept-Encoding
x-powered-by
PHP/7.4.30

Redirect headers

Connection
keep-alive
Content-Length
568
Content-Type
text/html; charset=utf8
Date
Fri, 05 Aug 2022 20:23:39 GMT
Keep-Alive
timeout=60
Location
https://user165.cryptobot.investments/
Server
ddos-guard
app.css
user165.cryptobot.investments/theme/demo2/assets/common/css/ 		299 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
ebd85618d0bedb7eb299667b379c4d924679129bbbbc6bf262a8e9b286f2920b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:38 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:40 GMT
vary
Accept-Encoding
content-type
text/css
ddg-cache-status
MISS
accept-ranges
bytes
/
icon-box.live/sprite/latest/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://icon-box.live/sprite/latest/
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.166.161.95 , Lithuania, ASN16125 (CHERRYSERVERS1-AS, LT),
Reverse DNS
Software
Apache / PHP/7.4.30
Resource Hash
f086df3bd9f5ff02f0ca2f2a543ecd93d2de36dc1f591ae9e3c8e1caf3577ceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 20:23:40 GMT
Server
Apache
X-Powered-By
PHP/7.4.30
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-control
public
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Fri, 05 Aug 2022 21:23:41 GMT
75GED0DuXk
code.jivo.ru/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/widget/75GED0DuXk
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
276dfd8818d38f7e3ebc583fd02c59693ccbd602a9514f5c92a3c48df575ec47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Fri, 05 Aug 2022 20:23:42 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2022-08-05T19:16:13+00:00
x-geo-shard
sber1
content-length
5939
last-modified
Thu, 28 Jul 2022 13:28:23 GMT
server
nginx
etag
"62e28ef7-1733"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
expires
Mon, 01 Aug 2022 18:19:35 GMT
spinner.svg
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		398 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/spinner.svg
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6ed0c4b4fbde2f09a72837f7cef3fa19effe6af1d50a4d73946c71b36d7b7bf2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS
accept-ranges
bytes
logo.png
user165.cryptobot.investments/theme/demo2/assets/common/images/logo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/logo/logo.png?v=1
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
86917b8bb468606fc8c0650a92f91604e303936b5de12de84ad286e7b747bd33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Sun, 24 Jul 2022 17:41:15 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
19460
robot.png
user165.cryptobot.investments/theme/demo2/assets/common/images/intro/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/intro/robot.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
d8ec07205248151f8d0876f4f1592acf2e0f3bc6df442623396e1e22b825e463
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
122539
jquery.min.js
user165.cryptobot.investments/theme/demo2/assets/common/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/js/jquery.min.js
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:46 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:40 GMT
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
accept-ranges
bytes
1.png
user165.cryptobot.investments/theme/demo2/assets/common/images/funds/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/funds/1.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a3eff76292ec942c9f8bdf964a080dc860e84a91d68699f92d03a160bb6104a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
4547
2.png
user165.cryptobot.investments/theme/demo2/assets/common/images/funds/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/funds/2.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6ce9df0b8ea8c9a1e15d61fbddf1c36fd2ab8b655be29e1caa70b6cf2b23e697
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
7631
3.png
user165.cryptobot.investments/theme/demo2/assets/common/images/funds/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/funds/3.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
ed1fd187e5f842730e1c71c7fac127ebf2df5b8274a272b89614f161f20131fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
6019
certt.png
user165.cryptobot.investments/theme/demo2/assets/common/images/company/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/company/certt.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
afddd99be13c787b71c4538c5db388c9694c2327fa9471494259593e32ed1db9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
133493
1.png
user165.cryptobot.investments/theme/demo2/assets/common/images/steps/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/steps/1.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
d802ce8db43ae41e1e2cb5b9365b1f8586453a1bac39fe4d7204a8c8ffca518d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
29774
2.png
user165.cryptobot.investments/theme/demo2/assets/common/images/steps/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/steps/2.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
1a48f6c4d84091ed3fcef8a5e2f65354dbb1c1b6dc3ccdb13afd8ed0eb020bd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
23246
notebook.png
user165.cryptobot.investments/theme/demo2/assets/common/images/investment/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/investment/notebook.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f72c1bd8b5e68e603cf32a93e0f7f135dc183f03ffb03377bd77508aaa8816ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
4938
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 20:23:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8022576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skO25tyydJ8Z7szdNx80xIIE4d1Nv9vgjjz7YEAbuR6%2BNCt5ovqImqDx7S8VtbXMhLqah0CFo5zu1WdEMFHkfmHMRqz25VAu%2FnMGB6hJjQlFltxFpAQxZu7ogl4DQ1c%2FCl27QhMBhUlhl988JovnVJQF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
736240828e7a68fe-FRA
expires
Wed, 26 Jul 2023 20:23:41 GMT
logo.png
user165.cryptobot.investments/theme/demo2/assets/common/images/logo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/logo/logo.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
86917b8bb468606fc8c0650a92f91604e303936b5de12de84ad286e7b747bd33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Sun, 24 Jul 2022 17:41:15 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
19460
check-line.svg
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		377 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/check-line.svg
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
c9687fe531edffc905520c7782d00fbbba55873f7194d42959dc1d384faebc82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS
accept-ranges
bytes
cross-line.svg
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		530 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/cross-line.svg
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a589274308bad146e1d77555edd9a7203ca4e8ddae9224c8ccd857d2cdadebb3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS
accept-ranges
bytes
app.js
user165.cryptobot.investments/theme/demo2/assets/common/js/ 		898 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/js/app.js
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
1ca83fd503befe2af755b2dcf3a7f5bb73356062fe208a83260edcdd4dd6e727
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Sat, 23 Jul 2022 22:28:19 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:41 GMT
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
accept-ranges
bytes
createjs-2015.11.26.min.js
code.createjs.com/ 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/createjs-2015.11.26.min.js
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 20:23:41 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 05 Aug 2022 20:38:41 GMT
indexAnimate.js
user165.cryptobot.investments/theme/demo2/assets/common/js/ 		569 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/js/indexAnimate.js
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
b0ae81165dd22ea20a9dfe56e8d184a5b931fd484f8779fd0ca5c5da56d59f90
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:46 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:41 GMT
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
MISS
accept-ranges
bytes
/
user165.cryptobot.investments/css2/
Redirect Chain
  • https://user165.cryptobot.investments/css2
  • https://user165.cryptobot.investments/css2/
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/css2/
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.30
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
age
2
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ddg-cache-status
MISS
cache-control
no-store, no-cache, must-revalidate
date
Fri, 05 Aug 2022 20:23:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:40 GMT
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
location
https://user165.cryptobot.investments/css2/
ddg-cache-status
MISS
sprite.svg
user165.cryptobot.investments/theme/demo2/assets/common/icons/ 		49 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/icons/sprite.svg
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e76d2ca9da28e340036f24f8406a389fa31c9ca94bdcad9dd7d88b8108953b6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS
accept-ranges
bytes
slogan-bg.png
user165.cryptobot.investments/theme/demo2/assets/common/images/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/logo/slogan-bg.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
92d9a45f530f1401ed84926d12d6f33d442a3efcffea91f7532019b5c3020e60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
2488
flag2.png
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/flag2.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
9e076fcab7f9ef001f9b923b9e6a53a792fa37273865b9ac954f63de806f1131
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
106073
ProximaNova-Regular.woff
user165.cryptobot.investments/theme/demo2/assets/common/fonts/ProximaNova/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/fonts/ProximaNova/ProximaNova-Regular.woff
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Origin
https://user165.cryptobot.investments
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
font/woff
ddg-cache-status
MISS
accept-ranges
bytes
ProximaNova-Bold.woff
user165.cryptobot.investments/theme/demo2/assets/common/fonts/ProximaNova/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/fonts/ProximaNova/ProximaNova-Bold.woff
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Origin
https://user165.cryptobot.investments
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
font/woff
ddg-cache-status
MISS
accept-ranges
bytes
decor.png
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/decor.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
991d749ff2a480508e4f99c6d19305a40a45e1ab26f9a8306a6061cf9d140007
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
109200
notebook-shadow.png
user165.cryptobot.investments/theme/demo2/assets/common/images/investment/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/investment/notebook-shadow.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
4c4c044dddc599dbe4427a1dd8e4fef1d0a97dc8b55719f463f41054404203f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
3329
box.svg
user165.cryptobot.investments/theme/demo2/assets/common/icons/ 		577 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/icons/box.svg
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e8123108cb4f9223e7f7a15e362fdd629ecfe4d8815b785f208ac9d2b142c766
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Mon, 23 May 2022 08:13:40 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
image/svg+xml
ddg-cache-status
MISS
accept-ranges
bytes
light1.png
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/light1.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
84e4c31f3f105397e084146d0659875bff20fb02e8c49008ade52b446697580a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
35686
light2.png
user165.cryptobot.investments/theme/demo2/assets/common/images/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/theme/demo2/assets/common/images/light2.png
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
4aa9fdb6f7054cd7f2bfca348d013a070c3b16cf6a7c9b5aecd03321e00078c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/theme/demo2/assets/common/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 23 May 2022 08:13:42 GMT
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
content-type
image/png
ddg-cache-status
MISS
accept-ranges
bytes
content-length
50537
/
user165.cryptobot.investments/error_page/404.html/
Redirect Chain
  • https://user165.cryptobot.investments/assets/icons/sprite.svg
  • https://user165.cryptobot.investments/assets/icons/sprite.svg/
  • https://user165.cryptobot.investments/error_page/404.html/
137 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://user165.cryptobot.investments/error_page/404.html/
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.30
Resource Hash
780713860590964189f301894a1c2426cae42d8fbf69957dd64e8a16724f8b39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
date
Fri, 05 Aug 2022 20:23:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

location
https://user165.cryptobot.investments/error_page/404.html/
content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
75GED0DuXk
code.jivo.ru/script/widget/config/ 		2 KB
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/script/widget/config/75GED0DuXk
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/75GED0DuXk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
eedc29511446f8c320188f53dfe2d83fab11262bb96f98063d59f3dc7872133f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 05 Aug 2022 20:23:42 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-05T19:16:14+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
sber1
content-length
774
via
1.1 sharxy
expires
Fri, 05 Aug 2022 21:16:14 GMT
75GED0DuXk
node-sber1-az2-2.jivosite.com/widget/status/2028063/ 		224 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-sber1-az2-2.jivosite.com/widget/status/2028063/75GED0DuXk?rnd=0.5582253730602671
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/75GED0DuXk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.243.226.248 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software
foxy/1.6.8 /
Resource Hash
6607d093d62697acf075c9940192d620eb629127e90e8a0d9526330bf1a54ff5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
server
foxy/1.6.8
x-botmode
no
x-geoip
DE;NW;Bochum (Bochum S\u00fcd)
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user165.cryptobot.investments
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
224
date
Fri, 05 Aug 2022 20:23:42 GMT
/
user165.cryptobot.investments/error_page/404.html/
Redirect Chain
  • https://user165.cryptobot.investments/assets/images/_1.jpg
  • https://user165.cryptobot.investments/assets/images/_1.jpg/
  • https://user165.cryptobot.investments/error_page/404.html/
137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user165.cryptobot.investments/error_page/404.html/
Protocol
H2
Server
217.114.42.54 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.30
Resource Hash
780713860590964189f301894a1c2426cae42d8fbf69957dd64e8a16724f8b39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
age
2
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ddg-cache-status
MISS
cache-control
no-store, no-cache, must-revalidate
date
Fri, 05 Aug 2022 20:23:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
server
ddos-guard
age
0
date
Fri, 05 Aug 2022 20:23:42 GMT
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
location
https://user165.cryptobot.investments/error_page/404.html/
ddg-cache-status
MISS
bundle_ru_RU.js
code.jivo.ru/js/ 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/js/bundle_ru_RU.js?rand=1659360084
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/75GED0DuXk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
904846d6ba404bfd085801f82661f659e2b3da01f2f6d8b71917c20502062ca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Fri, 05 Aug 2022 20:23:42 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2022-08-05T13:21:46+00:00
x-geo-shard
sber1
content-length
307619
last-modified
Thu, 28 Jul 2022 13:29:49 GMT
server
nginx
etag
"62e28f4d-4b1a3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivo.ru/css/ab5ceec/ 		232 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/css/ab5ceec/widget.css
Requested by
Host: user165.cryptobot.investments
URL: https://user165.cryptobot.investments/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0f7e24f740333209f72ebdb70f820cd418b4b36548401d0e85fd843030656ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user165.cryptobot.investments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-id
fr5-up-gc8
date
Fri, 05 Aug 2022 20:23:43 GMT
content-encoding
br
x-cached-since
2022-08-01T13:21:42+00:00
x-geo-shard
sber1
content-length
49012
last-modified
Thu, 28 Jul 2022 13:29:26 GMT
server
nginx
etag
"62e28f36-bf74"
vary
Accept-Encoding
content-type
text/css
via
1.1 sharxy
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Thu, 11 Aug 2022 13:21:42 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivo.ru/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://user165.cryptobot.investments/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc34
date
Fri, 05 Aug 2022 20:23:43 GMT
via
1.1 sharxy
x-cached-since
2022-07-26T10:10:46+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
sber1
Content-Length
3760
last-modified
Wed, 20 Jul 2022 08:02:54 GMT
server
nginx
etag
"62d7b6ae-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Thu, 25 Aug 2022 10:10:46 GMT
notification.mp3
code.jivo.ru/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://user165.cryptobot.investments/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc32
date
Fri, 05 Aug 2022 20:23:43 GMT
via
1.1 sharxy
x-cached-since
2022-07-14T15:15:08+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
sber1
Content-Length
5808
last-modified
Mon, 11 Jul 2022 12:57:20 GMT
server
nginx
etag
"62cc1e30-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sat, 13 Aug 2022 15:15:07 GMT
outgoing_message.mp3
code.jivo.ru/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://user165.cryptobot.investments/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc8
date
Fri, 05 Aug 2022 20:23:43 GMT
via
1.1 sharxy
x-cached-since
2022-07-22T11:58:32+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
sber1
Content-Length
5014
last-modified
Wed, 20 Jul 2022 08:02:54 GMT
server
nginx
etag
"62d7b6ae-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 21 Aug 2022 11:58:32 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| str function| $ function| jQuery object| gsapVersions object| notifier function| StickySidebar object| createjs object| JSON3 object| AdobeAn object| canvas object| stage object| exportRoot object| anim_container object| dom_overlay_container function| fnStartAnimation function| init function| handleFileLoad function| handleComplete string| id number| amount object| jQuery182018812985312917552 object| Modal function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api string| child

2 Cookies

Domain/Path Name / Value
.cryptobot.investments/ Name: __ddg1_
Value: cz640n5EwY1NfVZZzaax
user165.cryptobot.investments/ Name: PHPSESSID
Value: 8d8bd159d853d5a1d842e9cc1a2071d4

3 Console Messages

Source Level URL
Text
network error URL: https://user165.cryptobot.investments/css2/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://user165.cryptobot.investments/error_page/404.html/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://user165.cryptobot.investments/error_page/404.html/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.createjs.com
code.jivo.ru
icon-box.live
node-sber1-az2-2.jivosite.com
user165.cryptobot.investments
www.user165.cryptobot.investments
217.114.42.54
2606:4700::6811:180e
2a02:26f0:3500:11::215:14cb
2a03:90c0:41:2801::254
46.166.161.95
46.243.226.248
0f7e24f740333209f72ebdb70f820cd418b4b36548401d0e85fd843030656ff7
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1652138ce15e6722bc5935c990098a40286dd83db35983658feb5c3139bf025e
1a48f6c4d84091ed3fcef8a5e2f65354dbb1c1b6dc3ccdb13afd8ed0eb020bd4
1ca83fd503befe2af755b2dcf3a7f5bb73356062fe208a83260edcdd4dd6e727
276dfd8818d38f7e3ebc583fd02c59693ccbd602a9514f5c92a3c48df575ec47
4aa9fdb6f7054cd7f2bfca348d013a070c3b16cf6a7c9b5aecd03321e00078c2
4c4c044dddc599dbe4427a1dd8e4fef1d0a97dc8b55719f463f41054404203f0
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
6607d093d62697acf075c9940192d620eb629127e90e8a0d9526330bf1a54ff5
6ce9df0b8ea8c9a1e15d61fbddf1c36fd2ab8b655be29e1caa70b6cf2b23e697
6ed0c4b4fbde2f09a72837f7cef3fa19effe6af1d50a4d73946c71b36d7b7bf2
780713860590964189f301894a1c2426cae42d8fbf69957dd64e8a16724f8b39
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
84e4c31f3f105397e084146d0659875bff20fb02e8c49008ade52b446697580a
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307
86917b8bb468606fc8c0650a92f91604e303936b5de12de84ad286e7b747bd33
904846d6ba404bfd085801f82661f659e2b3da01f2f6d8b71917c20502062ca0
92d9a45f530f1401ed84926d12d6f33d442a3efcffea91f7532019b5c3020e60
991d749ff2a480508e4f99c6d19305a40a45e1ab26f9a8306a6061cf9d140007
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
9e076fcab7f9ef001f9b923b9e6a53a792fa37273865b9ac954f63de806f1131
a3eff76292ec942c9f8bdf964a080dc860e84a91d68699f92d03a160bb6104a6
a589274308bad146e1d77555edd9a7203ca4e8ddae9224c8ccd857d2cdadebb3
afddd99be13c787b71c4538c5db388c9694c2327fa9471494259593e32ed1db9
b0ae81165dd22ea20a9dfe56e8d184a5b931fd484f8779fd0ca5c5da56d59f90
c9687fe531edffc905520c7782d00fbbba55873f7194d42959dc1d384faebc82
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d802ce8db43ae41e1e2cb5b9365b1f8586453a1bac39fe4d7204a8c8ffca518d
d8ec07205248151f8d0876f4f1592acf2e0f3bc6df442623396e1e22b825e463
e76d2ca9da28e340036f24f8406a389fa31c9ca94bdcad9dd7d88b8108953b6f
e8123108cb4f9223e7f7a15e362fdd629ecfe4d8815b785f208ac9d2b142c766
ebd85618d0bedb7eb299667b379c4d924679129bbbbc6bf262a8e9b286f2920b
ed1fd187e5f842730e1c71c7fac127ebf2df5b8274a272b89614f161f20131fa
eedc29511446f8c320188f53dfe2d83fab11262bb96f98063d59f3dc7872133f
f086df3bd9f5ff02f0ca2f2a543ecd93d2de36dc1f591ae9e3c8e1caf3577ceb
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f72c1bd8b5e68e603cf32a93e0f7f135dc183f03ffb03377bd77508aaa8816ef
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43