jeninudes.com Open in urlscan Pro
107.180.57.59  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response jeninudes.com/	1 KB 931 B	255ms 123ms	Document text/html	107.180.57.59 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://jeninudes.com/ Protocol HTTP/1.1 Server 107.180.57.59 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-57-59.ip.secureserver.net Software Apache / Resource Hash 49be12e3b4602e48c1e4aebf3ee654ac015ea2806073a15f845856d8765ef4d3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 585 Content-Type text/html Date Wed, 06 Jul 2022 17:02:51 GMT ETag "7a00f15-44b-5e2e532e134b4-gzip" Keep-Alive timeout=5 Last-Modified Sun, 03 Jul 2022 11:48:32 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H/1.1	200 OK	/ Show response locks.ngarls.com/ Frame 2A6E	5 KB 2 KB	250ms 119ms	Document text/html	107.180.57.59 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://locks.ngarls.com/ Requested by Host: jeninudes.com URL: http://jeninudes.com/ Protocol HTTP/1.1 Server 107.180.57.59 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-57-59.ip.secureserver.net Software Apache / Resource Hash 1282983077f37eccf83d50e530387811527c150f7dfe2bb5a14d948a332e2a5c Request headers Referer http://jeninudes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 1518 Content-Type text/html Date Wed, 06 Jul 2022 17:02:51 GMT ETag "7a00f11-12c3-5e302ea345b45-gzip" Keep-Alive timeout=5 Last-Modified Mon, 04 Jul 2022 23:15:42 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H2	200	FkFp4OG.jpg i.imgur.com/	119 KB 120 KB	60ms 9ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/FkFp4OG.jpg Requested by Host: jeninudes.com URL: http://jeninudes.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 09a68ffcf554e85244cbcf541997353c4d7c5b96667e9dcf41e9867423027db3 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://jeninudes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:51 GMT x-content-type-options nosniff age 3110441 x-cache HIT, HIT content-length 121975 x-served-by cache-iad-kiad7000100-IAD, cache-hhn4064-HHN last-modified Mon, 15 Nov 2021 19:46:58 GMT server cat factory 1.0 x-timer S1657126971.416319,VS0,VE2 etag "0a7b5280f48ebaa01ec95483c9b0007f" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ Frame 2A6E	120 KB 21 KB	38ms 19ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css Requested by Host: locks.ngarls.com URL: http://locks.ngarls.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://locks.ngarls.com/ Origin http://locks.ngarls.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 865 age 3003913 cdn-cachedat 05/03/2022 15:36:09 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 etag W/"5d5357cb3704e1f43a1f5bfed2aebf42" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 6010fc38d9d3e38f24e974a55ed15fa7 cf-ray 7269e914dc3d6921-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/ Frame 2A6E	2 KB 1 KB	42ms 18ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700 Requested by Host: locks.ngarls.com URL: http://locks.ngarls.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e2dd310aa86824e25ec3e4ebcc7509dfebf350bd819b4e3f252d1d3f2fe6f608 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://locks.ngarls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Jul 2022 15:48:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Jul 2022 17:02:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Jul 2022 17:02:51 GMT
GET H2	200	css fonts.googleapis.com/ Frame 2A6E	5 KB 740 B	42ms 19ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600 Requested by Host: locks.ngarls.com URL: http://locks.ngarls.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://locks.ngarls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Jul 2022 16:32:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Jul 2022 17:02:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Jul 2022 17:02:51 GMT
GET H/1.1	200 OK	/ Show response bz.ngarls.com/ Frame F024	154 B 490 B	266ms 123ms	Document text/html	107.180.57.59 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://bz.ngarls.com/ Requested by Host: locks.ngarls.com URL: http://locks.ngarls.com/ Protocol HTTP/1.1 Server 107.180.57.59 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-57-59.ip.secureserver.net Software Apache / Resource Hash 929b03d012daa29c4a27f69c894cb5cf606f28d6928f0cebf4117eec54ae22fa Request headers Referer http://locks.ngarls.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 145 Content-Type text/html Date Wed, 06 Jul 2022 17:02:51 GMT ETag "7a00f12-9a-5e302e634a128-gzip" Keep-Alive timeout=5 Last-Modified Mon, 04 Jul 2022 23:14:35 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H/1.1	200 OK	/ Show response b.ambibs.com/ Frame 258C	37 KB 13 KB	241ms 112ms	Document text/html	107.180.57.59 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://b.ambibs.com/ Requested by Host: bz.ngarls.com URL: http://bz.ngarls.com/ Protocol HTTP/1.1 Server 107.180.57.59 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-57-59.ip.secureserver.net Software Apache / Resource Hash d5a73fcbcd3aac8c5de890e581cca078be31ed5c40e3d7cccca1dc618c6ae6eb Request headers Referer http://bz.ngarls.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 12897 Content-Type text/html Date Wed, 06 Jul 2022 17:02:52 GMT ETag "7a00f07-9230-5e30e66fcafc1-gzip" Keep-Alive timeout=5 Last-Modified Tue, 05 Jul 2022 12:58:00 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/ Frame 258C	6 KB 768 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,300,500 Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Jul 2022 16:49:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Jul 2022 17:02:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Jul 2022 17:02:52 GMT
GET H2	200	avolo.css d3qilfrpqzfrg4.cloudfront.net/public/css/cl/mobile/ Frame 258C	11 KB 3 KB	37ms 8ms	Stylesheet text/css	2600:9000:214f:1000:f:ef4c:ed00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3qilfrpqzfrg4.cloudfront.net/public/css/cl/mobile/avolo.css Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:1000:f:ef4c:ed00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 53647b653466d92e41eaad27393820f62373cd5ccc84df52291333bb1879f0ee Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 25 Jun 2022 15:44:21 GMT content-encoding br last-modified Wed, 20 Oct 2021 21:17:05 GMT server AmazonS3 age 955112 etag W/"4a5ac0c6dbec972f8e3c9d3a85e08fa8" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) cache-control max-age=2628000 x-amz-cf-pop FRA53-C1 x-amz-cf-id wqQ4AE5HQMlFKH94qGKHb90jOXSnC2UrxEWAvoKZzOZZynZHjtkcKw== expires Tue, 20 Oct 2026 21:13:04 GMT
GET H2	200	Brazzers-Emblema.png logos-marcas.com/wp-content/uploads/2021/08/ Frame 258C	15 KB 16 KB	51ms 16ms	Image image/png	2606:4700:3032::ac43:d6a2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://logos-marcas.com/wp-content/uploads/2021/08/Brazzers-Emblema.png Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d6a2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9720da705e5edfc74d3559daf6073c4c5f31835c0589d4da963e8a8c129453a Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 136115 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15581 last-modified Thu, 19 Aug 2021 08:48:51 GMT server cloudflare etag "611e1af3-3cdd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYemGAxmU6EMq10cPBADrqP06HI4tzT30ZBQbY%2Byv2GZALrs%2FsJZq%2B7E%2FKEihkcjI%2Fugdhcgo0lNw8coVGwYw3ah9C48cVx%2BJEh4lEnUQqWhGtn1m84rB0i4lB%2F58%2FuKUfPGtpg1IoPq6ZctKlfB"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31968000 accept-ranges bytes cf-ray 7269e9189d6b9b49-FRA expires Mon, 10 Jul 2023 03:14:17 GMT
GET H2	200	RealityKings-logo.png 1000logos.net/wp-content/uploads/2021/04/ Frame 258C	52 KB 53 KB	50ms 19ms	Image image/png	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1000logos.net/wp-content/uploads/2021/04/RealityKings-logo.png Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d05984b1e889845bfc0bc4e72869d59f95f0634d293f830d9b93a266167934ae Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 31567 content-length 53283 last-modified Wed, 16 Feb 2022 14:15:50 GMT server cloudflare etag "620d0716-d023" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbN5azoS5yjaHuRx2PQXsmUebY41LXW1Dn%2BuOPH8qVUaj5AmtCOCtfCTwYdOmrKESTvpOFUHX1WciDTBJ34Az%2FPpVpZSb%2BLh3ZevfkvJWKGx9vpFGr1dfzKOXObg78daQ81suekJ7oBwRKQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=864000 accept-ranges bytes cf-ray 7269e9188ac5928d-FRA expires Sat, 16 Jul 2022 08:16:45 GMT
GET H2	200	Interventions-%E2%80%96-Derridas-Margins.gif cutewallpaper.org/21/loading-gif-transparent-background/ Frame 258C	139 KB 140 KB	52ms 20ms	Image image/gif	2606:4700:20::681a:e6e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cutewallpaper.org/21/loading-gif-transparent-background/Interventions-%E2%80%96-Derridas-Margins.gif Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e6e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acfd71a5078ffac50258946805d003dac8342a2f40a249a6080719331199914e Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:52 GMT via 1.1 varnish (Varnish/6.2) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 424 content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 142695 last-modified Tue, 17 Dec 2019 11:59:59 GMT server cloudflare etag "22d67-599e511454b8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2l3MQXJxbW2hSLQPxyxe6hh1MBsLFtiW4AH3JKh4G%2BfV%2FQZTchd4wuBp74SW5fuMdhNK9MGe5eqV2sLEH91K6QHXaTWDIMyOAZ%2FvgJu%2BXtYTSe1B5K0YGGKoKVrUV7U5JWPQVhoaiRyVCqqSs7h"}],"group":"cf-nel","max_age":604800} x-varnish 494144949 cache-control max-age=31536000 accept-ranges bytes cf-ray 7269e918893890ac-FRA
GET H2	200	avolo.js Show response d3qilfrpqzfrg4.cloudfront.net/public/js/cl/mobile/ Frame 258C	269 KB 78 KB	30ms 8ms	Script application/javascript	2600:9000:214f:1000:f:ef4c:ed00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3qilfrpqzfrg4.cloudfront.net/public/js/cl/mobile/avolo.js Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:1000:f:ef4c:ed00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5104f1dff254eb662e47a7b1caba3078076ed001fdefc916dfb35854b5aea2fa Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 25 Jun 2022 15:44:21 GMT content-encoding br last-modified Thu, 16 Dec 2021 16:18:24 GMT server AmazonS3 age 955112 etag W/"b20d948cc309a52b5c4a0ddca8e8b813" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) cache-control max-age=2628000 x-amz-cf-pop FRA53-C1 x-amz-cf-id A9-QeAQVwu66rzDeEIT-A67V-z_hZ1rAs4affqBPDDZ5PfT5zVZlwA== expires Wed, 16 Dec 2026 16:18:23 GMT
GET H/1.1	200 OK	background_image-XOWN s3.amazonaws.com/cdn.mobverify.com/cl/99mjdl/avolo/ Frame 258C	8 KB 8 KB	720ms 120ms	Image image/png	52.216.161.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/cdn.mobverify.com/cl/99mjdl/avolo/background_image-XOWN Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.161.45 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b144377c58b90f9503cbaedb07f2749be28752ee327165ef29a8e6a2f34d4812 Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:02:53 GMT Last-Modified Sun, 14 Nov 2021 16:24:39 GMT Server AmazonS3 x-amz-request-id T81CWGJHMSPP8MPD ETag "d4d6dafea9e7488ce9c790ae221487e5" Content-Type text/plain Accept-Ranges bytes Content-Length 8229 x-amz-id-2 hyhUbsdEEzOfAycJWsOxugZI/7qLOum76mmLjdU6fN+SyGgxB12avXnXXEl444rIkcksQzPbYas=
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 258C	15 KB 16 KB	514ms 8ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://b.ambibs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 16:39:45 GMT x-content-type-options nosniff age 174187 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 16:39:45 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 258C	16 KB 16 KB	518ms 12ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://b.ambibs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 12:56:05 GMT x-content-type-options nosniff age 187607 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 12:56:05 GMT
POST H3	202	/ Show response sessions.bugsnag.com/ Frame 258C	21 B 34 B	167ms 149ms	XHR application/json	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers Bugsnag-Payload-Version 1 Referer http://b.ambibs.com/ Bugsnag-Sent-At 2022-07-06T17:02:52.282Z accept-language de-DE,de;q=0.9 Bugsnag-Api-Key bfb8263dbe38ef60e4b32e270006604d User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Wed, 06 Jul 2022 17:02:53 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 content-type application/json
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 258C	15 KB 15 KB	472ms 17ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://b.ambibs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 19:07:55 GMT x-content-type-options nosniff age 165297 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 19:07:55 GMT
OPTIONS H2	200	/ sessions.bugsnag.com/ Frame	0 0	624ms 145ms	Preflight	2600:1901:0:7a0b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sessions.bugsnag.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type Access-Control-Request-Method POST Origin http://b.ambibs.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-headers Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 06 Jul 2022 17:02:52 GMT via 1.1 google
GET H2	200	nr-spa-1216.min.js Show response js-agent.newrelic.com/ Frame 258C	49 KB 18 KB	36ms 7ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1216.min.js Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id UU.F5jvoumAjQChriwTQHbisCFw_OInU content-encoding gzip etag "63e2df852d15ab21d7ff8fc4363222e8" x-amz-request-id WR5M2RR5ZRTA7MH5 x-cache HIT cross-origin-resource-policy cross-origin content-length 18216 x-amz-id-2 XPFt7E2z7j+V5Y4zBY8vnwXqbM8lon7/5G4BtB0QEqzYMUdSQ1Roa3coQlnR3tgK1UXAkOLX1+Q= x-served-by cache-hhn4021-HHN last-modified Thu, 14 Apr 2022 16:45:57 GMT server AmazonS3 x-timer S1657126973.012382,VS0,VE0 date Wed, 06 Jul 2022 17:02:53 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 10874
GET H/1.1	200 OK	c25b69ac34 Show response bam-cell.nr-data.net/1/ Frame 258C	49 B 1 KB	171ms 142ms	Script text/javascript	162.247.243.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/c25b69ac34?a=1824637757&v=1216.487a282&to=ZgFQYktXWUMCWkVZDV9Lc1VNX1heTE1eXw5CSlFZV0JSXhcUXV8BWgFAGE9fUkc%3D&rst=1072&ck=1&ref=http://b.ambibs.com/&ap=288&be=255&fe=1026&dc=353&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1657126971950,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:36,%22c%22:36,%22ce%22:131,%22rq%22:131,%22rp%22:243,%22rpe%22:250,%22dl%22:245,%22di%22:353,%22ds%22:353,%22de%22:359,%22dc%22:1026,%22l%22:1027,%22le%22:1028%7D,%22navigation%22:%7B%7D%7D&fp=337&fcp=337&at=SkZTFANNSk0%3D&jsonp=NREUM.setToken Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:02:53 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Connection keep-alive Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wid07AS4iSsxfXrkfBgeNmbthXTuKP19LmsrLGCvziCdFjP6WqWEEUO8Pzf7AvEQysY8pSs%2B7BChUecMT2gxp%2FuoLA%2FeHECgmqZd1WNDosokqrgRj923j7SPpwFg4a68%2BHxWarvf"}],"group":"cf-nel","max_age":604800} Content-Type text/javascript Access-Control-Allow-Origin * access-control-allow-credentials true CF-Ray 7269e91d9f3d91de-FRA
GET H2	200	1 Show response stats.pusher.com/timeline/v2/jsonp/ Frame 258C	0 75 B	297ms 93ms	Script application/javascript	54.208.83.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stats.pusher.com/timeline/v2/jsonp/1?session=MjUxNjY0MTU2&bundle=MQ%3D%3D&key=NDk3MWRlMjY2NjZhNmZlZGU1MGE%3D&lib=anM%3D&version=NC40LjA%3D&cluster=dXMy&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2NTcxMjY5NzIyOTJ9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjU3MTI2OTcyMjkyfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjU3MTI2OTcyMjkzfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY1NzEyNjk3MjI5M30seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY1NzEyNjk3MjI5M30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY1NzEyNjk3MzEwM30seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIxNDU5NS43NzY2NDg2In0sInRpbWVzdGFtcCI6MTY1NzEyNjk3MzEwNH1d Requested by Host: b.ambibs.com URL: http://b.ambibs.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.208.83.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-208-83-145.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://b.ambibs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:02:53 GMT server awselb/2.0 content-length 0 content-type application/javascript; charset=utf-8

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c2571330705776ee

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1000logos.net
b.ambibs.com
bam-cell.nr-data.net
bz.ngarls.com
cutewallpaper.org
d3qilfrpqzfrg4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
jeninudes.com
js-agent.newrelic.com
locks.ngarls.com
logos-marcas.com
maxcdn.bootstrapcdn.com
s3.amazonaws.com
sessions.bugsnag.com
stats.pusher.com
107.180.57.59
151.101.112.193
151.101.194.137
162.247.243.147
2600:1901:0:7a0b::
2600:9000:214f:1000:f:ef4c:ed00:21
2606:4700:20::681a:e6e
2606:4700:20::ac43:472d
2606:4700:3032::ac43:d6a2
2606:4700::6812:bcf
2a00:1450:4001:80b::2003
2a00:1450:4001:829::200a
52.216.161.45
54.208.83.145
09a68ffcf554e85244cbcf541997353c4d7c5b96667e9dcf41e9867423027db3
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
1282983077f37eccf83d50e530387811527c150f7dfe2bb5a14d948a332e2a5c
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
49be12e3b4602e48c1e4aebf3ee654ac015ea2806073a15f845856d8765ef4d3
5104f1dff254eb662e47a7b1caba3078076ed001fdefc916dfb35854b5aea2fa
53647b653466d92e41eaad27393820f62373cd5ccc84df52291333bb1879f0ee
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
929b03d012daa29c4a27f69c894cb5cf606f28d6928f0cebf4117eec54ae22fa
acfd71a5078ffac50258946805d003dac8342a2f40a249a6080719331199914e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b144377c58b90f9503cbaedb07f2749be28752ee327165ef29a8e6a2f34d4812
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
d05984b1e889845bfc0bc4e72869d59f95f0634d293f830d9b93a266167934ae
d5a73fcbcd3aac8c5de890e581cca078be31ed5c40e3d7cccca1dc618c6ae6eb
d9720da705e5edfc74d3559daf6073c4c5f31835c0589d4da963e8a8c129453a
e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f
e2dd310aa86824e25ec3e4ebcc7509dfebf350bd819b4e3f252d1d3f2fe6f608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef