ampbadakslt.top Open in urlscan Pro
104.171.112.108  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ampbadakslt.top/	42 KB 42 KB	532ms 143ms	Document text/html	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Full URL https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 0fef4e2c9eef0fbc05fc976df2a37363e542281679e850179985f5f958297874 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 43100 Content-Type text/html Date Sun, 23 Jun 2024 00:37:28 GMT Keep-Alive timeout=5, max=100 Last-Modified Sat, 22 Jun 2024 12:12:12 GMT Server Apache
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	95ms 29ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sun, 23 Jun 2024 00:37:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73110 x-xss-protection 0 server sffe etag "4b352ddb18ca8962" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 23 Jun 2024 00:37:28 GMT
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 143704376573741481bb15593e19e2ba569ef6027bfdccb3dce8c96b0aef73cf Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67a44b99e9143a05698573a2c7e94e6a4b79efb4d4b9b56bd47d6b7b32d3c18e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	84 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 37b6bf941e344e1bd6caa7409b379336fefcac3b0dfaf7e113272c93c6150ce7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07c1239a07e2f036b9b4bcf1a59a7899e05352a146894af6d315454ca4f49fe5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ddfaec439fe6628d877c797e569b97068090ec25f64428a6c55a4b8e1f9a999a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	82 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dfee5712d884b7c5620dfc5c57aac4dc16d3a1fb0c711043f7f55f6925d7df1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	82 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c776c04f9fd60fb0263475d0c1f73aed176d222074c3b90e479ed7693b80373 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6917e12e6960b39c3cf374470f3bece50516876217ffc7014846400968fa280 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H/1.1	200 OK	logoweb.png ampbadakslt.top/	95 KB 95 KB	411ms 136ms	Image image/png	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/logoweb.png Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash df52deac2df1adde2c36fb1c9e7d8db33989c2edfc7b46e9dd5a3f9a3d95e8b7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 96828
GET H2	200	1900x380.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS8G-OJddB2S2iFYGKnO6GLYukqn44WrOb7VJT2-gYqPuntxGQIxbBUVtYlJpkRLvgSuIKzwbbK_agSgoOJEpIIUsJ2TVaXwwFomLFZoi9ds_yV1ItHJ20dYSrhOBllX3SsyI8DPxs9-brMeL5...	130 KB 130 KB	851ms 804ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS8G-OJddB2S2iFYGKnO6GLYukqn44WrOb7VJT2-gYqPuntxGQIxbBUVtYlJpkRLvgSuIKzwbbK_agSgoOJEpIIUsJ2TVaXwwFomLFZoi9ds_yV1ItHJ20dYSrhOBllX3SsyI8DPxs9-brMeL5QLuq1VKIqAXTA_jB04utpLpihMNJFieDL1GCRw/s1600/1900x380.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9dfaae06186dce520018bc1ad532666937ca5a5f97a0e2e6f204fd1b8ddc0cad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:37:29 GMT x-content-type-options nosniff server fife etag "v5e" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="1900x380.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132663 x-xss-protection 0 expires Mon, 24 Jun 2024 00:37:29 GMT
GET H/1.1	200 OK	1.gif ampbadakslt.top/	47 KB 47 KB	477ms 134ms	Image image/gif	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/1.gif Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 1648f63e42fa629025c97870584e83852a1aa676b0a85f9a924eed6e01606871 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:09 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 48234
GET H/1.1	200 OK	rtp.gif ampbadakslt.top/	636 KB 636 KB	673ms 136ms	Image image/gif	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/rtp.gif Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 38f5359c7ce63f8320580dd7ca81785318dcd542ce7a20b38dea3ca9a5aafd5c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:29 GMT Last-Modified Sat, 22 Jun 2024 12:12:13 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 651122
GET H2	200	live_casino_big.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEleu9_Dyr7IS71-QuzYaijtKSIdjO0M2JXiK8DFiqFLsuwKTBbBDmmPjK0VuxWbPOP2oJksNjkzt9BO25Q8nBDwxiWGpD8JjGLyP_cY4LYOvuEOtxHgfqqI42TjVs71PVQLACWqpoz8NRpE5E...	92 KB 92 KB	748ms 702ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEleu9_Dyr7IS71-QuzYaijtKSIdjO0M2JXiK8DFiqFLsuwKTBbBDmmPjK0VuxWbPOP2oJksNjkzt9BO25Q8nBDwxiWGpD8JjGLyP_cY4LYOvuEOtxHgfqqI42TjVs71PVQLACWqpoz8NRpE5Et9mfeoCLWzoobL6psjjIl8FnJ41_p2q3CRm-jw/s1600/live_casino_big.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash dbbf8d25352799fa57be4df74bd602f2525923a073fc7853eb02324a8c4c6bae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:37:29 GMT x-content-type-options nosniff server fife etag "v60" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="live_casino_big.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94055 x-xss-protection 0 expires Mon, 24 Jun 2024 00:37:29 GMT
GET H2	200	lottery.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigPSGPJ_CorVcORDd7rAcpWqtA0V12vol4_cShOTp9StZ-1V4EycnIKPFIW27jACQVdnQG58BA5ybCdxkLWsZDE25MuTCd7MBQk-u16-oi0yi3xXFvGOrvAUnU-rgk5avVQJVFOirWsUJ4e9CB...	55 KB 55 KB	719ms 673ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigPSGPJ_CorVcORDd7rAcpWqtA0V12vol4_cShOTp9StZ-1V4EycnIKPFIW27jACQVdnQG58BA5ybCdxkLWsZDE25MuTCd7MBQk-u16-oi0yi3xXFvGOrvAUnU-rgk5avVQJVFOirWsUJ4e9CBG7iP9M5snzm0Dg056LsPWopA1DRPqwq5wgiMQA/s1600/lottery.png Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 745a4962efd590417e47e2db105e321d4230034bf065b82781cb37abc74f3161 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:37:29 GMT x-content-type-options nosniff server fife etag "v62" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="lottery.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56510 x-xss-protection 0 expires Mon, 24 Jun 2024 00:37:29 GMT
GET H/1.1	200 OK	bonus.png ampbadakslt.top/	109 KB 109 KB	673ms 135ms	Image image/png	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/bonus.png Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash fd111e6943dbeb80151ae85141e468648ad2e35d101a2d2a7a3794c2273766f1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:29 GMT Last-Modified Sat, 22 Jun 2024 12:12:11 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 111656
GET H/1.1	200 OK	wallet.png ampbadakslt.top/	48 KB 48 KB	674ms 135ms	Image image/png	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/wallet.png Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash b5f36d08435fc35fdccdcab59361fea8b30d4fe9fcfe68bf14471c4760eb7d0c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:29 GMT Last-Modified Sat, 22 Jun 2024 12:12:17 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 49400
GET H/1.1	200 OK	apk.jpg ampbadakslt.top/	13 KB 13 KB	675ms 135ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/apk.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash f82931e7e55c3dddd5541d72d68a987fdaf02d5fb341bfb856d9a5aa12c596ea Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:29 GMT Last-Modified Sat, 22 Jun 2024 12:12:10 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13568
GET H/1.1	200 OK	13.jpg ampbadakslt.top/	18 KB 18 KB	341ms 134ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/13.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 43ba110cdb0d29188fe6b321713b3b9738e7dfc8656ecb8b114543f942c80c81 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:09 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18000
GET H/1.1	200 OK	14.jpg ampbadakslt.top/	18 KB 19 KB	405ms 136ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/14.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 60b762faaa8cc4646f1ffaf243c97cfdf8605fb02f497688d5d32c0807c92433 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:10 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18792
GET H/1.1	200 OK	15.jpg ampbadakslt.top/	20 KB 20 KB	404ms 135ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/15.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 4e5f75b084fd4d913ae5a3e85e6e4890ceda3121709e56ea5aa8d832125ad90f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:09 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 20575
GET H/1.1	200 OK	16.jpg ampbadakslt.top/	20 KB 20 KB	205ms 138ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/16.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 78b527f59c327d2325db5c8487d9977cb1a8dec38bf499d9132d90a16b44d973 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:11 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 20407
GET H/1.1	200 OK	17.jpg ampbadakslt.top/	17 KB 18 KB	406ms 135ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/17.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash 1e570def743b537beeb396a980cd96bf5bcef94023339ac261378d001afa9466 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:09 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 17736
GET H/1.1	200 OK	18.jpg ampbadakslt.top/	16 KB 16 KB	407ms 136ms	Image image/jpeg	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Show image Full URL https://ampbadakslt.top/18.jpg Requested by Host: ampbadakslt.top URL: https://ampbadakslt.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash ed1af869649c9af2d630b36e7ab120d60a5e714a4edccfbb307d2f3798f7ad53 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:28 GMT Last-Modified Sat, 22 Jun 2024 12:12:09 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 16000
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012406071948000/v0/	8 KB 3 KB	61ms 22ms	Script text/javascript	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406071948000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash 81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Origin https://ampbadakslt.top Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 18 Jun 2024 18:02:52 GMT age 369276 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2977 x-xss-protection 0 server sffe etag "a476e4d9b6073913" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 18 Jun 2025 18:02:52 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012406071948000/v0/	12 KB 4 KB	58ms 19ms	Script text/javascript	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406071948000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash edecc4722ba79a432957aef7b0592457f23e4354c9d35ba9ad6110a169d99df5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Origin https://ampbadakslt.top Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 18 Jun 2024 18:02:52 GMT age 369276 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3935 x-xss-protection 0 server sffe etag "fa3972d0647e9996" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 18 Jun 2025 18:02:52 GMT
GET H/1.1	404 Not Found	favicon.ico ampbadakslt.top/	315 B 515 B	131ms 128ms	Other text/html	104.171.112.108 DACEN-2
General Check archive.org Show headers Download Go to Full URL https://ampbadakslt.top/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.171.112.108 , United States, ASN31863 (DACEN-2, US), Reverse DNS buddha.windewa.info Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ampbadakslt.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 00:37:29 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ampbadakslt.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampbadakslt.top
blogger.googleusercontent.com
cdn.ampproject.org
104.171.112.108
142.250.186.33
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2001
07c1239a07e2f036b9b4bcf1a59a7899e05352a146894af6d315454ca4f49fe5
0fef4e2c9eef0fbc05fc976df2a37363e542281679e850179985f5f958297874
143704376573741481bb15593e19e2ba569ef6027bfdccb3dce8c96b0aef73cf
1648f63e42fa629025c97870584e83852a1aa676b0a85f9a924eed6e01606871
1e570def743b537beeb396a980cd96bf5bcef94023339ac261378d001afa9466
37b6bf941e344e1bd6caa7409b379336fefcac3b0dfaf7e113272c93c6150ce7
38f5359c7ce63f8320580dd7ca81785318dcd542ce7a20b38dea3ca9a5aafd5c
43ba110cdb0d29188fe6b321713b3b9738e7dfc8656ecb8b114543f942c80c81
4e5f75b084fd4d913ae5a3e85e6e4890ceda3121709e56ea5aa8d832125ad90f
5dfee5712d884b7c5620dfc5c57aac4dc16d3a1fb0c711043f7f55f6925d7df1
60b762faaa8cc4646f1ffaf243c97cfdf8605fb02f497688d5d32c0807c92433
67a44b99e9143a05698573a2c7e94e6a4b79efb4d4b9b56bd47d6b7b32d3c18e
745a4962efd590417e47e2db105e321d4230034bf065b82781cb37abc74f3161
78b527f59c327d2325db5c8487d9977cb1a8dec38bf499d9132d90a16b44d973
81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e
9c776c04f9fd60fb0263475d0c1f73aed176d222074c3b90e479ed7693b80373
9dfaae06186dce520018bc1ad532666937ca5a5f97a0e2e6f204fd1b8ddc0cad
b5f36d08435fc35fdccdcab59361fea8b30d4fe9fcfe68bf14471c4760eb7d0c
b6917e12e6960b39c3cf374470f3bece50516876217ffc7014846400968fa280
bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbbf8d25352799fa57be4df74bd602f2525923a073fc7853eb02324a8c4c6bae
ddfaec439fe6628d877c797e569b97068090ec25f64428a6c55a4b8e1f9a999a
df52deac2df1adde2c36fb1c9e7d8db33989c2edfc7b46e9dd5a3f9a3d95e8b7
ed1af869649c9af2d630b36e7ab120d60a5e714a4edccfbb307d2f3798f7ad53
edecc4722ba79a432957aef7b0592457f23e4354c9d35ba9ad6110a169d99df5
f82931e7e55c3dddd5541d72d68a987fdaf02d5fb341bfb856d9a5aa12c596ea
fd111e6943dbeb80151ae85141e468648ad2e35d101a2d2a7a3794c2273766f1