urlscan.io logo urlscan.io
SecurityTrails logo

amber.com.hr Open in urlscan Pro
206.81.24.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://promesbicheagella.ml/login.php
Effective URL: https://amber.com.hr/login.php
Submission Tags: krdprod
Submission: On September 09 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 206.81.24.144, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is amber.com.hr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2021. Valid for: a year.
This is the only time amber.com.hr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
12 206.81.24.144 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 5
1    2606:4700:3037::ac43:ba16 (United States)

ASN13335 (CLOUDFLARENET, US)
promesbicheagella.ml
12    206.81.24.144 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: amber.com.hr
amber.com.hr
2    2a00:1450:4007:817::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4007:818::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4007:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
12 amber.com.hr amber.com.hr
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com amber.com.hr
www.google-analytics.com
2 fonts.googleapis.com amber.com.hr
1 stats.g.doubleclick.net www.google-analytics.com
1 promesbicheagella.ml 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
www.amber.com.hr
Sectigo RSA Domain Validation Secure Server CA		 2021-06-28 -
2022-06-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://amber.com.hr/login.php
Frame ID: 8D3C533AB9C772C0AF4D65F42A7DB51A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amber Niche

Page URL History Show full URLs

  1. https://promesbicheagella.ml/login.php HTTP 301
    https://amber.com.hr/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

779 kB
Transfer

1852 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://promesbicheagella.ml/login.php HTTP 301
    https://amber.com.hr/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
amber.com.hr/
Redirect Chain
  • https://promesbicheagella.ml/login.php
  • https://amber.com.hr/login.php
199 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
6095227ff18fc37c3572921ddda77928b36f66e3ed73378d25494f0c1153e93e

Request headers

:method
GET
:authority
amber.com.hr
:scheme
https
:path
/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.14.2
date
Thu, 09 Sep 2021 16:52:23 GMT
content-type
text/html; charset=utf-8
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

date
Thu, 09 Sep 2021 16:52:23 GMT
content-type
text/html
location
https://amber.com.hr/login.php
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpJ7Uk6LbcIw6P3fkfLxTXbvXdfGodi0xKHIRe2ECdKeQIV0ZJMN0sI2Jt4govk5gSaihrx00JtX%2FPRi6MOW7%2BksQ%2BZLgBmULCkTdgwTVn0IygxtbiXJn2ekmDJKFcpHsiqgixpknBDxb21b7055Ij4sBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c1ed3d7e7b5c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
73d7f44.js
amber.com.hr/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/73d7f44.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
0ac78fbfdbd701bb70a04870b37e4bbe28fe5d2a8508ceacbd2612f7e2970730

Request headers

:path
/_nuxt/73d7f44.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"b55-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cda5aef.js
amber.com.hr/_nuxt/ 		255 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/cda5aef.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
ee2e83eb7b3704ef7a4bbf70154522cedec8f880fa2bc2942a66b39732f34214

Request headers

:path
/_nuxt/cda5aef.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"3fbb0-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
b7aa6a9.js
amber.com.hr/_nuxt/ 		540 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/b7aa6a9.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
22e93092fa1ccaff5a04fc1d40adeb3a025605dbef5cd948938b0d2e7e2a72da

Request headers

:path
/_nuxt/b7aa6a9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"86f6c-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
0166032.js
amber.com.hr/_nuxt/ 		179 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/0166032.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
46f831c5dc057828a7a5218b6e6aa3025a3f6bc7d163d8693f4eca67e13903b2

Request headers

:path
/_nuxt/0166032.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"2cb0a-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
css2
fonts.googleapis.com/ 		1 KB
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Unna:ital@0;1&display=swap
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cef412f134a1eac4ada4526c33f9d02f7961eb9fb5022eba76fa4fccf3471c93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 16:52:23 GMT
server
ESF
date
Thu, 09 Sep 2021 16:52:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Sep 2021 16:52:23 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b2438094b6d5f6c4090bcf5ae095ce3c562d12d6982b1d24f245cbbde381e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 16:29:55 GMT
server
ESF
date
Thu, 09 Sep 2021 16:52:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Sep 2021 16:52:23 GMT
49bfd3b.js
amber.com.hr/_nuxt/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/49bfd3b.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
ba08c315178cec044006b2d202fdde0f6fa704b04c640a5183c3b5a92980d8fd

Request headers

:path
/_nuxt/49bfd3b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"18048-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
ec364ba.js
amber.com.hr/_nuxt/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/ec364ba.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
19f537db5fac0e2c9d84a8cadf49f4455e978f3a2103ae7c5c2357de93212444

Request headers

:path
/_nuxt/ec364ba.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"9e20-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
c181bd3.js
amber.com.hr/_nuxt/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/c181bd3.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
688105191ff25cca600b592a46bfea4ad6b343aa90aa34117684d40fc05b90d0

Request headers

:path
/_nuxt/c181bd3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"56f6-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
5d4b11f.js
amber.com.hr/_nuxt/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/5d4b11f.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
cfad54cfb1a5737da0068d2e6fdaf776384e0be696394bf0727cead7227609a4

Request headers

:path
/_nuxt/5d4b11f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"58fd-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
f6da8aa.js
amber.com.hr/_nuxt/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/f6da8aa.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
7059f9a0ee3fd112e30c806b4af9ed407f3bc7c9157e8cb397b43db370ac9722

Request headers

:path
/_nuxt/f6da8aa.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"8798-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
marble-bg.2d4c4fd.png
amber.com.hr/_nuxt/img/ 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amber.com.hr/_nuxt/img/marble-bg.2d4c4fd.png
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
0d8304e6d0c7f1d0b4cd88d1a2c183435df165915d831bae39f69d212fe0dd58

Request headers

:path
/_nuxt/img/marble-bg.2d4c4fd.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"4a969-17a57a5d660"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
305513
AYCEpXzofN0NOp8LlQ.woff2
fonts.gstatic.com/s/unna/v16/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/unna/v16/AYCEpXzofN0NOp8LlQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Unna:ital@0;1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ee4c53cae3b77f946f158cf0fbd6d5e8bc05ef24badd43037f2c283fbd3e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amber.com.hr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 03:07:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:46:29 GMT
server
sffe
age
49515
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20476
x-xss-protection
0
expires
Fri, 09 Sep 2022 03:07:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amber.com.hr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 19:37:43 GMT
x-content-type-options
nosniff
age
249281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 19:37:43 GMT
AYCEpXzofN0NOpELlVHC.woff2
fonts.gstatic.com/s/unna/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/unna/v16/AYCEpXzofN0NOpELlVHC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Unna:ital@0;1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8f663f520454c5a980c17b6cedf602030d6e9d088be6802445e4e74f6a4b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amber.com.hr
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 21:43:26 GMT
x-content-type-options
nosniff
age
241738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:46:28 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 21:43:26 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/0166032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2091
date
Thu, 09 Sep 2021 16:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 09 Sep 2021 18:17:33 GMT
cf215eb.js
amber.com.hr/_nuxt/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amber.com.hr/_nuxt/cf215eb.js
Requested by
Host: amber.com.hr
URL: https://amber.com.hr/_nuxt/73d7f44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.81.24.144 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
amber.com.hr
Software
nginx/1.14.2 /
Resource Hash
17a0a85ed5954e9e636fe4de765ead6cecd4088a497595dc754052eff1b11d72

Request headers

:path
/_nuxt/cf215eb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
amber.com.hr
referer
https://amber.com.hr/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://amber.com.hr/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:52:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:02:04 GMT
server
nginx/1.14.2
etag
W/"ecda-17a57a5d660"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1263229770&t=pageview&_s=1&dl=https%3A%2F%2Famber.com.hr%2Flogin.php&dp=%2Flogin.php&ul=en-us&de=UTF-8&dt=Amber%20Niche&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1687822046&gjid=1520028650&cid=650542606.1631206344&tid=UA-159554208-11&_gid=1223739806.1631206344&_r=1&_slc=1&z=1125007315
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amber.com.hr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:52:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amber.com.hr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-159554208-11&cid=650542606.1631206344&jid=1687822046&gjid=1520028650&_gid=1223739806.1631206344&_u=YEBAAEAAAAAAAC~&z=1089370877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amber.com.hr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Sep 2021 16:52:24 GMT
content-type
text/plain
access-control-allow-origin
https://amber.com.hr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady string| GoogleAnalyticsObject function| ga object| $nuxt object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.amber.com.hr/ Name: _ga
Value: GA1.3.650542606.1631206344
.amber.com.hr/ Name: _gid
Value: GA1.3.1223739806.1631206344
.amber.com.hr/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://amber.com.hr/login.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amber.com.hr
fonts.googleapis.com
fonts.gstatic.com
promesbicheagella.ml
stats.g.doubleclick.net
www.google-analytics.com
206.81.24.144
2606:4700:3037::ac43:ba16
2a00:1450:4007:80a::200e
2a00:1450:4007:817::200a
2a00:1450:4007:818::2003
2a00:1450:400c:c0a::9d
0ac78fbfdbd701bb70a04870b37e4bbe28fe5d2a8508ceacbd2612f7e2970730
0d8304e6d0c7f1d0b4cd88d1a2c183435df165915d831bae39f69d212fe0dd58
17a0a85ed5954e9e636fe4de765ead6cecd4088a497595dc754052eff1b11d72
19f537db5fac0e2c9d84a8cadf49f4455e978f3a2103ae7c5c2357de93212444
22e93092fa1ccaff5a04fc1d40adeb3a025605dbef5cd948938b0d2e7e2a72da
2f8f663f520454c5a980c17b6cedf602030d6e9d088be6802445e4e74f6a4b52
46f831c5dc057828a7a5218b6e6aa3025a3f6bc7d163d8693f4eca67e13903b2
6095227ff18fc37c3572921ddda77928b36f66e3ed73378d25494f0c1153e93e
688105191ff25cca600b592a46bfea4ad6b343aa90aa34117684d40fc05b90d0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7059f9a0ee3fd112e30c806b4af9ed407f3bc7c9157e8cb397b43db370ac9722
8b2438094b6d5f6c4090bcf5ae095ce3c562d12d6982b1d24f245cbbde381e74
92ee4c53cae3b77f946f158cf0fbd6d5e8bc05ef24badd43037f2c283fbd3e9c
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba08c315178cec044006b2d202fdde0f6fa704b04c640a5183c3b5a92980d8fd
cef412f134a1eac4ada4526c33f9d02f7961eb9fb5022eba76fa4fccf3471c93
cfad54cfb1a5737da0068d2e6fdaf776384e0be696394bf0727cead7227609a4
ee2e83eb7b3704ef7a4bbf70154522cedec8f880fa2bc2942a66b39732f34214
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62