urlscan.io logo urlscan.io
SecurityTrails logo

dc-7612fe8ad777.hvacservice.website Open in urlscan Pro
185.253.34.169  Public Scan

Go To Rescan Add Verdict Report
URL: https://dc-7612fe8ad777.hvacservice.website/
Submission: On September 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 50 HTTP transactions. The main IP is 185.253.34.169, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is dc-7612fe8ad777.hvacservice.website.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.
This is the only time dc-7612fe8ad777.hvacservice.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.253.34.169 29182 (THEFIRST-AS)
38 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.198 39134 (UNITEDNET)
50 6
1    185.253.34.169 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: whm15site5.hostfx.ru
dc-7612fe8ad777.hvacservice.website
38    2606:4700:3034::6815:10c5 (United States)

ASN13335 (CLOUDFLARENET, US)
4sale-domain.website
2    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:400e:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
Domain Requested by
38 4sale-domain.website dc-7612fe8ad777.hvacservice.website
4sale-domain.website
5 fonts.gstatic.com fonts.googleapis.com
2 counter.yadro.ru 1 redirects dc-7612fe8ad777.hvacservice.website
2 fonts.googleapis.com dc-7612fe8ad777.hvacservice.website
1 dc-7612fe8ad777.hvacservice.website
50 5

This site contains links to these domains. Also see Links.

Domain
4sale-domain.website
Subject Issuer Validity Valid
dc-7612fe8ad777.hvacservice.website
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-13 -
2022-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://dc-7612fe8ad777.hvacservice.website/
Frame ID: 2D7A89DBEEBFEB2E0630ED8AD9A98586
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manfaat highlow Indonesia

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Bag
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

624 kB
Transfer

1023 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dc-7612fe8ad777.hvacservice.website/ 		108 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.253.34.169 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
whm15site5.hostfx.ru
Software
ddos-guard / PHP/7.4.23
Resource Hash
68d06a686b06fd35ae1bb7a712d977ff909f8a7f53d61741116891dff952e369

Request headers

:method
GET
:authority
dc-7612fe8ad777.hvacservice.website
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
ddos-guard
set-cookie
__ddg1=BqFzWsgtpzAdEwdRPadr; Domain=.hvacservice.website; HttpOnly; Path=/; Expires=Fri, 09-Sep-2022 09:52:03 GMT 5a09b429a87e5b73e2525f2c133b83a9=0; expires=Thu, 09-Sep-2021 10:52:03 GMT; Max-Age=3600; path=/; secure
x-powered-by
PHP/7.4.23
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Thu, 09 Sep 2021 09:52:03 GMT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by
LiteSpeed
style7679.min.css
4sale-domain.website/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/css/dist/block-library/style7679.min.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk30%2B0YryM9j%2BxNiV35%2B42SAml9FW2%2BSmJi97UWtV7db3LDyV4tiHZQoTSgS63Qohor%2FrFg8sJtgvcxV2Qi5Bwy7O%2BypAH80EcGdprrWeMRk1Y95VkiMsul9QxI7Td6A1CT8rS7KIxP%2FvMQwhx4yonS7vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8c94edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
style2055.css
4sale-domain.website/wp-content/themes/kulik/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/style2055.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2c0eeacf7fbd45071f4718d6c304585417a4aade07aca90d081783bd1c3a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:47:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gocpufosMjbDfzH62FBX1UHHfDyqiZ%2Fk1OsAN9EPBMFb4HmKqnBqAPfigHPsz5%2BuhoccSrkKDWYb73URgIdhUCmDQmzDly3yJs9jWmhFNL4k4C4qQHPw4ijrYwB1NfeQZoQCSuMgLKwcD6pCfNhFV5Is4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d04edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
font-awesome2112.css
4sale-domain.website/wp-content/themes/kulik/assets/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/css/font-awesome2112.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993bc75a107b07ab9fd9049be63d0ef4437b26be93a3b7b7325c4fbc07f403a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BVHwRHuojqZNFSMtY41XyUxXjgVrwVw7fjD2dQ8ohBWxxtuGgHSMDppZ%2B%2FZigTgjF1OKrNqE0itsa6BqOvXjnCJsVzZXDxNBB9bZqs%2FuxN%2B82OnUBH%2BcHJ0oLR5HxOLPr3CgBRqRrPOMYn8m4yE0zWFvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d24edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
fontello6814.css
4sale-domain.website/wp-content/themes/kulik/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/css/fontello6814.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8151de1a7f97d9279c928db272f7a2f029e6ad77a49c31039a67d628dc92a6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjZprnG1ZDgle5Je0snKAER5tiTS32PeMgKsCZFjlysJEfaKDRqCnf5uG6k2FFt6fREUofA%2FHjDD8IJQr%2BYMapuROPhy5nHor2BvS%2F%2BkrPmcH39O0kaLjXJTOENkOvbfIUfKrhqc30TCh6qMXnFjk%2FwvLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d44edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
slick3675.css
4sale-domain.website/wp-content/themes/kulik/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/css/slick3675.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDl2a2D1wiesqj5trVa8tUPHlYiZv3IwXHFqwKDjSM2wpKe1VqFAAbQEgL8f3V0MQHwcxEquiIpLFrO%2FzJKcI0ozFxeYbBctHSuJ1HwiwcpXM5og3JcY8TL6xNFte94HI1YJLs7pb1klejCRMqZL9oTTag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d64edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
perfect-scrollbar7893.css
4sale-domain.website/wp-content/themes/kulik/assets/css/ 		1 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/css/perfect-scrollbar7893.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1692d7499d76cf87b57efb7ceefa184bdaeb3574d0d2a01c2a61cbd936d2094c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by%2Bcj%2FrJjWmEOLIRNNR%2B6LFAFnqwrOE581rQxj2Tc4LlLBbupIM07b42HeWecl%2BdJCicIE4frX9JMhHYJWvm8JjuXQqGPJ5Z4PncMicmFM4qqkWeb3tRLszMFrLD2T61ePHKjIobr7iwCHzBZif%2Fon7gSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d74edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
responsive3532.css
4sale-domain.website/wp-content/themes/kulik/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/css/responsive3532.css
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a110168029a05e4295292b6e5424ed32d1e23fac32d38d6f4eec7cacca3468f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30o13mDvgV9jfsDG5pjRnrU2BbybrmPPEFFcCcCtyiT0GZeKKHoAHVV%2BUINZsCrkvyCLMhopi3j1ATI9BiwsgK%2FOt0ZwjdGMSNMSuO3B7C%2F9xqBDyRprPjvW9%2FmVwWLZSdBOILMdbyytn2sS6%2FPz5%2Bl45w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8d94edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
css
fonts.googleapis.com/ 		3 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 08:23:28 GMT
server
ESF
date
Thu, 09 Sep 2021 09:52:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Sep 2021 09:52:03 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e032919556b613dde0be35f450341276abaf2f89e77626f921b6ccfabdb7824b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 08:35:53 GMT
server
ESF
date
Thu, 09 Sep 2021 09:52:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Sep 2021 09:52:03 GMT
jquery1053.min.js
4sale-domain.website/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/js/jquery/jquery1053.min.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAxi5i1rtgi%2FHx%2BLzjZUF0d5fl5qfYoZ%2FIHMaun89iYo0ikB8E88cE4HHg0knxdgDt%2BrJ6XY4KhILkh6gooZfPe7ck%2BhZH1eGEXUIIW%2FnLZPN1IXtP6gFvz26H6xW1uFRWJRKuZf63%2BxC%2BjVn1A4WbYo3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8db4edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
jquery-migrate1664.min.js
4sale-domain.website/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/js/jquery/jquery-migrate1664.min.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9TNG7mcSsG69TFDalpYnaR4Q7FanUHHIXKGrFjX26nInxtL2BycmjcZ%2F1q5BYZYNe9r%2BPnEqo%2FsEnW%2FDs0BWrpjhr%2BK532BXCl1Q1%2BzWLOVClypCz5nVK6M%2B1bLBKjIsjdyU6Bj8aP2Ltv2YSc%2Bo8wrVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8dd4edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
wp-emoji-release3039.min.js
4sale-domain.website/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/js/wp-emoji-release3039.min.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9751ce4663531b14ce1992c23b7a23f06a4978ee47d9dcf2c3e7695059e903d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:47:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WfnRYTrfuJdgt7v0AooOh%2B0AhxFTTbmFRaNRcpptVOwGHbYzePjUTswdkcale2Zb5rlwgBtARqSrDvVxVSEhYiVZV%2Bje3aiYd%2BBtj9KvQjagaolehQtxKABt5tYoRxfycXj6xDwgYZarNgpYuR27WhHNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf858a9c1e4edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
custom-plugins1010.js
4sale-domain.website/wp-content/themes/kulik/assets/js/ 		125 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/js/custom-plugins1010.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5fa39ea8b0f084d27f7d2c8690601ea3a4eacb65f6d9f81e0364f11fdf355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAIuBUveY1mDRueBjxI8BA6ClKH1iwVZ3vTzff%2BqG%2BfckIHjGw9dLuw6pjkN8GKzECqQKL1c613hrPoQ5tC8402CFDV0b430phyKotM7xFUCQk0N76246ZE9O8QcFki5w9xXacXGAFMTo40sD0i7Z6xvKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8e14edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
custom-scripts3900.js
4sale-domain.website/wp-content/themes/kulik/assets/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-content/themes/kulik/assets/js/custom-scripts3900.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1f332043417dc2cc10b011ba265a7da2c5e37b151fc5cf893e574dd79eef1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:54:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxuL7Y8by9qbWhcc%2FxfsuRbivTB%2Fp6%2FUQzQyZ%2FxZiQqo36m9ryt5sBK0X07SUDpCRnN%2FmspmEMLfMZ55nqjPJFQJovi%2FwcXiGMx2%2F4TYstatQlot3bAtvazUN2L86Qy9liteH6P4nzGZrFpiyzmDMIJ3XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8e24edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
comment-reply9029.min.js
4sale-domain.website/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/js/comment-reply9029.min.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 13:52:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4%2FTupZvUZzJNe8ctaLu5I2fUHUEWXfENFR%2FvDZiB6lsOfOnzpacaLwCtBef73eaiKnbOKjssiwP05ORAonWovj7cclZe5MN03P0hT%2BohKPEJQmcTn%2BslAlposzvN5MbWLrdaxaMd4z3NN%2FptbUGdE%2B53Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8e04edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
wp-embed6902.min.js
4sale-domain.website/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4sale-domain.website/wp-includes/js/wp-embed6902.min.js
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 14 Jun 2021 12:47:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnTVGbE6JGD09hL8zL%2FE1rnVR%2Fu3F%2FkowAv77hVXqmTw0YGvJjnJewka57mYl2lO%2BY%2BCi62iQjW%2BMktU8qFrM%2FfgLeM9cUsIfj1E%2BBEJdTGFI4GUbGcCy3kTJoPFDCD1dgdT%2F6z0Fd0NEpRDDgCSdyvvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68bf8588b8df4edf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 16 Sep 2021 09:52:04 GMT
fontawesome-webfont.woff2@v=4.7.0
4sale-domain.website/wp-content/themes/kulik/assets/fonts/ 		0
0
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dc-7612fe8ad777.hvacservice.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 06:16:14 GMT
x-content-type-options
nosniff
age
12950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 06:16:14 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dc-7612fe8ad777.hvacservice.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 06:16:08 GMT
x-content-type-options
nosniff
age
12956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 06:16:08 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dc-7612fe8ad777.hvacservice.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 06:35:41 GMT
x-content-type-options
nosniff
age
530183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 06:35:41 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dc-7612fe8ad777.hvacservice.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 07:17:19 GMT
x-content-type-options
nosniff
age
527685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13792
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 07:17:19 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dc-7612fe8ad777.hvacservice.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 05:50:09 GMT
x-content-type-options
nosniff
age
532915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 05:50:09 GMT
7s8njxq.jpg
4sale-domain.website/wp-content/uploads/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/7s8njxq.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497c9b5592dc63ca90d3e29935ae3e5991925dd1a74e2c5c263e514e594cc180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9285
last-modified
Mon, 14 Jun 2021 12:49:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSRGAIPNc%2BGHSFFX8PiLdC4H9cC2aM3cfAJ35qsnjPjIQZ0EXVuEwZ3PeorKEHb0oVNNwGZ8QKcxkLUHnj%2BrThDfhlhY0O2PH14bpC98%2BWZ6Uc0k1a1jS5MGQudz%2BXjIpFx2npGFFlnWFVCkHHi7MsBvSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d7a4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
o4eh9i.jpg
4sale-domain.website/wp-content/uploads/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/o4eh9i.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f190b792f9c627eafef9128d69a907f9a2fc999cfbb14fa801ea32fb1221f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25146
last-modified
Mon, 14 Jun 2021 12:52:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5DZF0r5cLywwbwCTrizpUrsysvvb1GhtOvIgfjgg2QXrmaxGqNAyH5LXaSwqIYWFtO5ZI%2FZy0btKXnASviNis8bWUtDH1QqOmFXdh7u4Uw4TJ%2FNSL695s%2BnDhewwg1uEm5VT16644lgIEDZg05hnne46A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d804edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
0ah63.jpg
4sale-domain.website/wp-content/uploads/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/0ah63.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3c0fe10edba3ed7ade8cca6d4d39dc8a3204e5eaaeb6e95a6e56cf5e966317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11762
last-modified
Mon, 14 Jun 2021 12:47:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ7rhlJctJ1%2BdR3R72OpWRthd549CHxvvY9Pso79dNAxnB6b531DFiGYwkXJP1fGZmlE48Tlu22PH%2FeG0JLSubeAod9Echa4sM6gO6rVuKU4YOGpzx86I9CIxmAxXzo08vzUksNwlTYzu4t4AjLMS8TFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d824edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
9rt3kh.jpg
4sale-domain.website/wp-content/uploads/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/9rt3kh.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c6a15a07cda7b0ccfdbbdc1671ab05e47f8d1286817a8fa4486bcf707ebd60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:06 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14882
last-modified
Mon, 14 Jun 2021 12:49:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4byhOp7w%2F%2F5QDwcJdYSTZkjEITl3%2Bm%2BEz%2B5%2Btcv6LwowRVy08RGFs0C8mupEe5k1jE1gBcnnOl3zv32SB2rUeV9NiscDyI6mRfv0pFCnUHKjBY0A%2FuBwJKU1mM9Ja0kGX8qcqSQVUMuw9qRatePboCJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d834edf-FRA
expires
Thu, 16 Sep 2021 09:52:06 GMT
a6eg.jpg
4sale-domain.website/wp-content/uploads/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/a6eg.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56444afc8096ccb514fdd8b1abab1118fffada4976fda28fdffddf17b78d485

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17509
last-modified
Mon, 14 Jun 2021 12:49:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SzyBUKlIzub00qMROebvEH5fJ79Q2HFedCcY9DWdbweMRg9vDFyyfoxYrNF1pNr%2FE%2FbUgB%2BBZYeyDpOfbKDLB7dAsVrGIGVeQVdE1DpWWBZ6RzswWtoXJj1kY9aRwJIeqQlMAtbTsxFm7SmdcaJQp20Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d884edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
650np.jpg
4sale-domain.website/wp-content/uploads/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/650np.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec043092d5fdd7a12ae1db966310c1b12a909936efda34b6ca253d431c18bcd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138146
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18036
last-modified
Mon, 14 Jun 2021 14:06:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsPJh0fGHqCju2vvNSKeb5N02vU4%2BKEgIc3jElkwniKtN3WOZByACMVjco41NwbFww0c6kqOmsZBEIDZIHJwu30Wm%2BSgum7bmd7qpZfmNFNfIsvfR1M9eoc%2FqXcFDbJZ%2Fv8CcYtzlOkDW43tUpGvD4%2BUGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d894edf-FRA
expires
Tue, 14 Sep 2021 19:29:38 GMT
2a4cmk5.jpg
4sale-domain.website/wp-content/uploads/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/2a4cmk5.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9167c8691f01efbd3dddb26b35884b3218a73bd5813d8484a57dc787d3f585a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18557
last-modified
Mon, 14 Jun 2021 12:47:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAewsPvfdt%2F0PIvsxXlBJgQzpKOoFVOqz2wZyGX4KZvrDkXfabqqyvPQbSf%2BtvFKAeBtD%2BDzgj5VM7S8507cMpHC03kzK%2FpVu%2FsocnxuvHPczepfh9h2G4Z%2F5mGfjVMZLFd%2BjU5i1Y8w4yGvbYe2om9PDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d8c4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
8h5vd.jpg
4sale-domain.website/wp-content/uploads/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/8h5vd.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79be8a3eb7853962509e91c9e3d0d0cceba7f1d8a3af2d5267c8a1799ec7342d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:05 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7006
last-modified
Mon, 14 Jun 2021 12:49:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viUe1X5s1uvseQ1MYJiPXEPMBuTABI0iQP8HpHxUxnt6iu9C%2FFAv3eeT%2Bht%2Bp%2FoRmQDrh0sECNBziTJAE%2FJkFuAclbromIGR3oMRGUWOs7YzQAgS%2F%2FGOMvGfcEgkjQw%2BBhckDrcPYlTMOFqM7BcX1W9dlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d8d4edf-FRA
expires
Thu, 16 Sep 2021 09:52:05 GMT
p34f.jpg
4sale-domain.website/wp-content/uploads/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/p34f.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9f87b0e962e7beba1023895fe910fd4fe684a3e13f0c15fe09b07fbc062acb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11850
last-modified
Mon, 14 Jun 2021 12:52:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u1GKv%2Fq3%2FKGa2bNvGSjr0uQ4vYam5RyP%2FOgQuVloxkfOp7YomhlXjIysu35dTPHcFjX5VpZkvDEe7JtAvgh%2B6WuXWz7FunSz5sGjU9uf3XApihbAuYnM2KjQUt%2Fdk%2BQAZ6VJrFGb15OXnVCqppDFCZTiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d8e4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
pos8e3h.jpg
4sale-domain.website/wp-content/uploads/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/pos8e3h.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c956864885e6e6c751574b902d37efc58a05caac665846f49029b77de64b209

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:05 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11410
last-modified
Mon, 14 Jun 2021 12:52:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Z%2B00x85af0T4EmRrMvLgIcLhzKbSFZdJ03nOCXfmAZGjrZCCg4HnYPG2tIFR6VGWsDbwuodJP08flJsae4C1JvlmO%2BesuRNyCs0wUxneXDVGiqkmoxJkXM9h0K1Z%2BdRknhWYPlKkQFKHAc%2FBZUyovHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d8f4edf-FRA
expires
Thu, 16 Sep 2021 09:52:05 GMT
5b7nku.jpg
4sale-domain.website/wp-content/uploads/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/5b7nku.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
244ff89e070258b19397a31d944f4f263dd14d8b4b0f8bec1f30166fc46c9d9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:05 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19127
last-modified
Mon, 14 Jun 2021 12:48:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyC1PIr%2BAtnOFVBtJ24yzukZXqbiBATFHONmUuMv%2BXzhHACfAr14d%2Fs%2BqcyZf7YuBfkbg480q3qzk7O7C4RWs4nyd9zTC7kJUzpXgz9ec9eFwLK12UxFpKVR8Uw7Ps%2BWBGwllARxb9P6cNZOhokJxEtBiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d904edf-FRA
expires
Thu, 16 Sep 2021 09:52:05 GMT
kc5pm.jpg
4sale-domain.website/wp-content/uploads/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/kc5pm.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b82863a03d1da25a640f6660640c400a4d89d27b3bbc8c045296fe477b78b2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19181
last-modified
Mon, 14 Jun 2021 12:51:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKJw1cafTI9APB5hdvt%2FDldNGdB6gJO41Rtz%2FJX1Nqys6mvANt3w5yQTtsiwdxvohoXbftDm7hh%2Fy0j84Ns3M7%2BH%2BmhDp7m2%2FVdWWNHmEN5s%2FDlenaxaj%2FtLTl2upBiCrM%2Ff4Lh5KUVTCZ4fUPxjp%2BwTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d934edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
mc9ds5z.jpg
4sale-domain.website/wp-content/uploads/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/mc9ds5z.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc809de1ac3166332d901ed1632565093de6afae395e928d0a971226a9501fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20496
last-modified
Mon, 14 Jun 2021 12:52:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCXYL%2FlIv7ph5PmDpQkZGnun8tSOZe3qJcjrUlvcZo8i%2BeDpjd3f7bNUVU68Oez2AEyOzKUkpUnpMdm%2BpwRMCK0%2F%2BCIxo1AUl6aGsXGtDr883q%2FbN8SzHWQ4WXnyybVvOoC56adboMsTl5AQmhHKVfTS3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d954edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
2unmj.jpg
4sale-domain.website/wp-content/uploads/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/2unmj.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe211e28adbe30bcf09994d722b4ca04035023d3da35c5ed73cb02cc1d2afca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17625
last-modified
Mon, 14 Jun 2021 12:47:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q00aR7QHhSLHOo%2Fd7MrnalNCjogEvEYm4vU9hZKq%2Bgi5cKf51S95yXTRwgoZxq4gqiSA4LRuIh9X2wX0rg7ifDyQeashFtZRAnobiJCCo6ypJmgZQBr%2F3uGOFeM%2BbzJ7CWvPsjMwD1QAO%2FvmoDzClvhl0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d984edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
va8rc.jpg
4sale-domain.website/wp-content/uploads/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/va8rc.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9ee613b7715ad42fff95b579e83555cd1516930563dc586dc9d790307a741f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14969
last-modified
Mon, 14 Jun 2021 12:53:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF75P6vq%2Fo53I%2FXP43lbdkXGHroUKIIp%2B%2BRjMDVvSDJpPjb%2BWeVxG7kSnq3NnlGQ5vjHQwH6izAGbiN8lxJhciu44PVmNpufb7Wod%2BN0RWA2Sw54cJ0Fph18Kk71UUvuyPyjRkQAtkNbGY7D3vjl8fVxtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d9a4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
2b54.jpg
4sale-domain.website/wp-content/uploads/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/2b54.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8856cb1cde8ecbb8ded6a1c524c2bfd4643ccf243e84c9b284094957fa9b4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12643
last-modified
Mon, 14 Jun 2021 12:47:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1NLm1%2BTZ%2Fkv0aD5KyT7VmbIvwumMqg%2BuI8PcWV%2BWv%2FAIyS2bcKngTK4Me2XxhOiRtWll7VOLmAxb629ErqKsmXFd4x0WoyurYyDt3xr009aeokSGM0Xhey0a67mgNvs1lWo3qFmMwgFG00Jzw4Xb2uTqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d9b4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
huf5ya.jpg
4sale-domain.website/wp-content/uploads/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/huf5ya.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6adaee4a36f4a3b76c929934a8a559124b1c57fc59e36597586facee713189

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19290
last-modified
Mon, 14 Jun 2021 13:53:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31Ouj50BSWRuoxLTSsK6LUHNQHD3UtnJaHZ418niVz9wu1W5dF8o5O6MtoGBNeL3%2BoKEjlfYgRvvlZwwLgBhsAGgNJqzLOCYVs0AmF8NVT2nOkEIyIsGhecxvraSx2yQOupCB8WnemsUXhrVcJCcv7PiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d9c4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
562zjv9.jpg
4sale-domain.website/wp-content/uploads/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/562zjv9.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd135dcef1626b80d7fcfbc7ecd60b36a856f45bb6cc6c17971d165b16ecc45a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20164
last-modified
Mon, 14 Jun 2021 12:48:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8doReMUwAXoS%2Bxg14EneViys5PrDBCUsHSvVYg9azx5ITqWfyfU8QkPGzE%2FnEI8RyTXFUolnmAbxobytmarP%2Bm8dpGPcIcopKjLyJ4xlRlR1csCJMW1RGftcXjM3sr5J1hLSGmCiE2x7Hictfmtu%2BqyzPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4d9e4edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
6cjhs9z.jpg
4sale-domain.website/wp-content/uploads/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/6cjhs9z.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747c53604ecd27545b38dc33963f4a55e06d65f25725afc30ec81d454733dbeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28978
last-modified
Mon, 14 Jun 2021 12:48:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLdu6af9CNUQaR4sbhwOM3nOhjRtjIrTzswZ0wZtfgsptMbXbOusaVJlcJW1CyFg6VbKwLU9iLA7hHNEcC6fuLWmWfV%2FwrhMh4KqbGU0j57DtY4T8ue%2B49a%2Bfd0YmT6K7tk8Ru%2FoSlHi1EIf8AWYL95ZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da04edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
dih73.jpg
4sale-domain.website/wp-content/uploads/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/dih73.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d6632413a1155053dd06d36afa5c3342fb49e56260c93f9e5da3434b08df92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15496
last-modified
Mon, 14 Jun 2021 12:50:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gobj245SbDy2tQBu8FzA1uYuYtIigUaKjbOU3l7hc%2Fmqhms7FtqLcNL6Ypu5xIuspSdr9fo3d0iNsD9OIegYbK3gFsWp4Men%2Ffc1SF5xxmuFtBRPlXUbo5KnfPpKoCP4NdxWAm2pGrofGIZ7Zu1aE34KFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da24edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
q3npa6.jpg
4sale-domain.website/wp-content/uploads/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/q3npa6.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c164ef471e0256f5e8e34e989ecdb0f6ac5d5d53c520034e63776bb02d57c440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13565
last-modified
Mon, 14 Jun 2021 12:52:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REAooViWXmNJjNJY65EPrVXo1pZVSX4RCwBxCg6vMY9VSLULemtRr1Fd6vAhbs7Df5HBdAP9Pi%2FINPI4q0yBHieVYTjmrqWuS%2FnIguMmirdjz8mMa6QBmbzR%2FZrAHFmW6e7osjhqqYb0QxeJcmL2Fzebgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da34edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
isd8f.jpg
4sale-domain.website/wp-content/uploads/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/isd8f.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88274cf12aa37575c136f4a0f07f3aeb9e3ea418c49181b29164cf56237bac6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15385
last-modified
Mon, 14 Jun 2021 12:51:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxDb201TzcUr9z1TvNLAGmZoKcrLucYV5qTdW61sZlpu%2BPaE1Es2u47X%2BSldDVR%2B4lPe0NpRhZDgumKp2wIb5zTsrr8KfDshotjcUJbRrtQ7DE%2Betze9qdOv8zqJxv2zuKjHGfqzKoeDTp%2FiJeU%2FDKDEcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da64edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
37ion.jpg
4sale-domain.website/wp-content/uploads/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/37ion.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
615583f56db17402e5123e0e58a4485f8d239c39b7eb4502765ed2390591a7a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17779
last-modified
Mon, 14 Jun 2021 12:47:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkPOioD8sxPfOMUQ06wUPayNb0P80E77CkqPTOv%2FuHSYN2tIqzGLnuMcxGLCuEmjLsSgxZ2Pk5tffKQ5PLeoqIoVEbMfnzoVqZ7U%2FQ1IqY7%2FcVH%2Flm6FKTHEGUxQHlAKNtatUIplnUjzg10A2E0SUfEB0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da84edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
n0vq.jpg
4sale-domain.website/wp-content/uploads/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4sale-domain.website/wp-content/uploads/images/n0vq.jpg
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4f498637c96c9654a2d948465183eb5cb331834a36b0f222981caabdf6dd4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 09:52:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18230
last-modified
Mon, 14 Jun 2021 12:52:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4PlYj56r7HDQ0s5%2F1tFby9l8CsFcRzuFmmKPSkXVcvdNOcm8BiDrS3SktU7%2BKdRiHI2v4EpCNBOxqxNCq3efzuoK8q7fS%2B1k8YgEjf5VLm1vHFBl8nIkuj6yKCyPFtJ%2FSeH02hnxuvA9BXpZRHqofB0kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68bf858b4da94edf-FRA
expires
Thu, 16 Sep 2021 09:52:04 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843
Requested by
Host: dc-7612fe8ad777.hvacservice.website
URL: https://dc-7612fe8ad777.hvacservice.website/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dc-7612fe8ad777.hvacservice.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 09:52:09 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Sep 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 09:52:09 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dc-7612fe8ad777.hvacservice.website/;0.7450034802843
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 08 Sep 2020 21:00:00 GMT
fontawesome-webfont.woff@v=4.7.0
4sale-domain.website/wp-content/themes/kulik/assets/fonts/ 		0
0
fontawesome-webfont.ttf@v=4.7.0
4sale-domain.website/wp-content/themes/kulik/assets/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
4sale-domain.website
URL
https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff2@v=4.7.0
Domain
4sale-domain.website
URL
https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff@v=4.7.0
Domain
4sale-domain.website
URL
https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.ttf@v=4.7.0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings function| $ function| jQuery function| ashePreloader function| asheStickySidebar object| addComment object| wp object| twemoji

4 Cookies

Domain/Path Name / Value
.hvacservice.website/ Name: __ddg1
Value: BqFzWsgtpzAdEwdRPadr
dc-7612fe8ad777.hvacservice.website/ Name: 5a09b429a87e5b73e2525f2c133b83a9
Value: 0
.yadro.ru/ Name: FTID
Value: 1XETb926nYe91XETb9001E7A
.yadro.ru/ Name: VID
Value: 1YJlnN2udS891XETb9001E8c

6 Console Messages

Source Level URL
Text
javascript error URL: https://dc-7612fe8ad777.hvacservice.website/
Message:
Access to font at 'https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff2@v=4.7.0' from origin 'https://dc-7612fe8ad777.hvacservice.website' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff2@v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://dc-7612fe8ad777.hvacservice.website/
Message:
Access to font at 'https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff@v=4.7.0' from origin 'https://dc-7612fe8ad777.hvacservice.website' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.woff@v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://dc-7612fe8ad777.hvacservice.website/
Message:
Access to font at 'https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.ttf@v=4.7.0' from origin 'https://dc-7612fe8ad777.hvacservice.website' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://4sale-domain.website/wp-content/themes/kulik/assets/fonts/fontawesome-webfont.ttf@v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4sale-domain.website
counter.yadro.ru
dc-7612fe8ad777.hvacservice.website
fonts.googleapis.com
fonts.gstatic.com
4sale-domain.website
185.253.34.169
2606:4700:3034::6815:10c5
2a00:1450:400e:80c::2003
2a00:1450:400e:80f::200a
88.212.201.198
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98
0b82863a03d1da25a640f6660640c400a4d89d27b3bbc8c045296fe477b78b2b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1692d7499d76cf87b57efb7ceefa184bdaeb3574d0d2a01c2a61cbd936d2094c
1a110168029a05e4295292b6e5424ed32d1e23fac32d38d6f4eec7cacca3468f
244ff89e070258b19397a31d944f4f263dd14d8b4b0f8bec1f30166fc46c9d9f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97
43f190b792f9c627eafef9128d69a907f9a2fc999cfbb14fa801ea32fb1221f4
497c9b5592dc63ca90d3e29935ae3e5991925dd1a74e2c5c263e514e594cc180
4b9ee613b7715ad42fff95b579e83555cd1516930563dc586dc9d790307a741f
4cc809de1ac3166332d901ed1632565093de6afae395e928d0a971226a9501fc
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
615583f56db17402e5123e0e58a4485f8d239c39b7eb4502765ed2390591a7a6
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
68c6a15a07cda7b0ccfdbbdc1671ab05e47f8d1286817a8fa4486bcf707ebd60
68d06a686b06fd35ae1bb7a712d977ff909f8a7f53d61741116891dff952e369
6c956864885e6e6c751574b902d37efc58a05caac665846f49029b77de64b209
747c53604ecd27545b38dc33963f4a55e06d65f25725afc30ec81d454733dbeb
79be8a3eb7853962509e91c9e3d0d0cceba7f1d8a3af2d5267c8a1799ec7342d
7fe211e28adbe30bcf09994d722b4ca04035023d3da35c5ed73cb02cc1d2afca
9167c8691f01efbd3dddb26b35884b3218a73bd5813d8484a57dc787d3f585a3
9751ce4663531b14ce1992c23b7a23f06a4978ee47d9dcf2c3e7695059e903d9
97e5fa39ea8b0f084d27f7d2c8690601ea3a4eacb65f6d9f81e0364f11fdf355
993bc75a107b07ab9fd9049be63d0ef4437b26be93a3b7b7325c4fbc07f403a3
9e4f498637c96c9654a2d948465183eb5cb331834a36b0f222981caabdf6dd4f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa2c0eeacf7fbd45071f4718d6c304585417a4aade07aca90d081783bd1c3a46
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
b56444afc8096ccb514fdd8b1abab1118fffada4976fda28fdffddf17b78d485
b8151de1a7f97d9279c928db272f7a2f029e6ad77a49c31039a67d628dc92a6d
bd135dcef1626b80d7fcfbc7ecd60b36a856f45bb6cc6c17971d165b16ecc45a
bf8856cb1cde8ecbb8ded6a1c524c2bfd4643ccf243e84c9b284094957fa9b4d
c164ef471e0256f5e8e34e989ecdb0f6ac5d5d53c520034e63776bb02d57c440
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c88274cf12aa37575c136f4a0f07f3aeb9e3ea418c49181b29164cf56237bac6
ca3c0fe10edba3ed7ade8cca6d4d39dc8a3204e5eaaeb6e95a6e56cf5e966317
ce1f332043417dc2cc10b011ba265a7da2c5e37b151fc5cf893e574dd79eef1c
e032919556b613dde0be35f450341276abaf2f89e77626f921b6ccfabdb7824b
e1d6632413a1155053dd06d36afa5c3342fb49e56260c93f9e5da3434b08df92
ea9f87b0e962e7beba1023895fe910fd4fe684a3e13f0c15fe09b07fbc062acb
ec043092d5fdd7a12ae1db966310c1b12a909936efda34b6ca253d431c18bcd8
ee6adaee4a36f4a3b76c929934a8a559124b1c57fc59e36597586facee713189
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40