oasidikufraupd.info Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request qfkmo Show response oasidikufraupd.info/	98 KB 16 KB	1132ms 695ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a6d75d79f101d4c7686f0ccfd38d6507e1df88c0277883a5ac345ecf3b0a9bc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8c9bafcc7926d2f6-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 27 Sep 2024 13:02:12 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1%2FxkuU8ttD5O%2BDhH49FVC6SNfKiFqFbRuHSgfaPWJuTO0gCbF4SnXX3eTslZpMDuIcULGAnNx3FZm9gEmXMwibUUkulfECpdGuk0M7zf8gIDKrghTD1tEgBxdWVwF6aAh06FlWF"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding
GET H3	200	speculation oasidikufraupd.info/cdn-cgi/	128 B 546 B	54ms 41ms	Other application/speculationrules+json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://oasidikufraupd.info Referer https://oasidikufraupd.info/qfkmo Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhxeTtrVqv33A45hyE4fUHcASqpkXfpvmhubTkcE4KQ9u%2B8eaPOK%2FuUBiGNwYX%2FQ9kOTblyKc320skHv8AvH6yHxOP673SX6Bg2fc66U%2F0QokeCseFewGBO4QI0FYZcPAGIG%2BzJK"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd1cc5fd2f6-FRA access-control-allow-origin https://oasidikufraupd.info content-length 128 date Fri, 27 Sep 2024 13:02:12 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	styles-new4.css oasidikufraupd.info/css/booking1/	34 KB 8 KB	88ms 75ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/css/booking1/styles-new4.css Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 794075538b19a75df8737bf2c563b3e46741007b3277ad98fced0622d9fb84d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56ed5-89d7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvKuqJZH%2BtfG%2BOvtuGscK5M5tRmOpoCqB8ff2xYxDqe0atSGUOCaMaJIVyY8M1gyVWzwOuYyAhW8NO6Fxi7FPZfH%2FCF6ASSd2rqWzWr1d8vjgnc3gFgdrt1JiAA6qu2R4ln0ZTZK"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd1cc63d2f6-FRA date Fri, 27 Sep 2024 13:02:12 GMT content-type text/css last-modified Thu, 26 Sep 2024 14:25:25 GMT vary Accept-Encoding server cloudflare
GET H3	200	chat.css oasidikufraupd.info/build/	3 KB 1 KB	86ms 73ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/build/chat.css Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56eaa-a0e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUI0gfe5B76NCPn94M9L%2FEpC%2F47yDqgJjAOUUYNZ%2Bv6glNFHH1o6yEtDBjN42kY7%2F%2B9q2q2MmYxWlSv519DKi1kYU97VBGamzcsRjIEvCnMP1%2FvaRKR9E6npIY9nYIOrhx1Pgy1u"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd1cc67d2f6-FRA date Fri, 27 Sep 2024 13:02:12 GMT content-type text/css last-modified Thu, 26 Sep 2024 14:24:42 GMT vary Accept-Encoding server cloudflare
GET H3	200	submit-new8.js Show response oasidikufraupd.info/css/booking1/	22 KB 4 KB	82ms 74ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/css/booking1/submit-new8.js Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 570c2591df16aba69639a2982be580a11662193c30f66ae6099387c47491a9cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56ed6-59ed" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOLELUMSiWczOdkVNi0E4Fk3jKLX6SFVVltuF4L4ty04fwm1%2BDrC%2FzCvWjcgdVa74Ad83Kl%2FskKBCU8ypKSyxTGbnB2ZvyiRyC%2BHikMaMLX81n0zomHwJ6MhRXc%2FgZNjMjjRBCbT"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd2af51d2f6-FRA date Fri, 27 Sep 2024 13:02:12 GMT content-type application/javascript last-modified Thu, 26 Sep 2024 14:25:26 GMT vary Accept-Encoding server cloudflare
GET H3	200	blur_input.js Show response oasidikufraupd.info/css/booking1/	21 KB 4 KB	69ms 65ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/css/booking1/blur_input.js Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5eaae12a5b85c3a24efd4d581e61ef3773befd9f64b1421c678038bf17c559ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56ed4-5465" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bixdx7jAv0f5GrAtsRXk%2FhD2biK2HV0Yl9mwHdXRgyzr%2BSNGwY%2BCBRKxxzLt4inOaCZAHxonZ27KJFeqLPtIoguqWahtrxoOdQq3EcXfIIeXGZo5tYkSpu0FQxnA3a2zFpxfvWeP"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd328f9d2f6-FRA date Fri, 27 Sep 2024 13:02:13 GMT content-type application/javascript last-modified Thu, 26 Sep 2024 14:25:24 GMT vary Accept-Encoding server cloudflare
GET H3	200	jquery.min.js Show response oasidikufraupd.info/js/	87 KB 32 KB	99ms 85ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/js/jquery.min.js Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56e8f-15d84" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08RfR9%2F%2B%2F6pNqFOa6uCJPMgLxwpuJassUrcDroD4hbRV%2FE27RPDczRmmhL1fwMIW928zZJokPgEe1SmUWQi%2Fx%2FTkhZdC1TSWiQZgGQf5vzrENgcw8IJ%2FZ9yBtBn%2BWoXlcrKsWP7m"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd1cc6ad2f6-FRA date Fri, 27 Sep 2024 13:02:12 GMT content-type application/javascript last-modified Thu, 26 Sep 2024 14:24:15 GMT vary Accept-Encoding server cloudflare
GET H2	200	502269146.jpg q-xx.bstatic.com/xdata/images/hotel/max1024x768/	138 KB 139 KB	148ms 28ms	Image image/jpeg	2600:9000:2646:6000:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q-xx.bstatic.com/xdata/images/hotel/max1024x768/502269146.jpg?k=4f0bbfbd104244f4fe8a2b647a73cea3393a351475417a77a4f9492b27da46d2&o= Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2646:6000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a1cdbc121d77d00a0e28218aeb785ff4fb86f0d698f7f10c228c0b88502b8a7b Security Headers Name Value X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/ Response headers cache-control max-age=2592000 timing-allow-origin * etag "58f625f4d509a78557f7184c5cf4d6df1571d222" age 240513 via 1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id OTpEghMmrXoMp4BAcPWx49rXVqV_7-NQOIbFh2DvrbSPnIRtIIIXBg== date Tue, 24 Sep 2024 18:13:40 GMT x-xss-protection 1; mode=block content-type image/jpeg content-language 141730 server nginx x-amz-cf-pop FRA60-P5
GET H3	200	qfkmo Show response oasidikufraupd.info/chat/ Frame 641B	30 KB 9 KB	217ms 202ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/chat/qfkmo Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f210d7b1cdcd07fec06a6a77ce7eb4a2c70eacf9c93be77da5af8553b568af15 Request headers Referer https://oasidikufraupd.info/qfkmo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8c9bafd359dbd2f6-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 27 Sep 2024 13:02:13 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTD27%2BIZY%2FlOAYXoNiJkJ5uh5wNYk6Dd7OtTGlOM4ZSiQNJ74G%2ByabAZJ9fXnLFmB5kVX%2Bu2nyWyvHaJHuNmzZSL7DXqcP%2B4IgJqvgT2Vv4gbSW%2Bu9kw2bhW408oWc4NKZPROeaW"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding
POST H3	200	user_send_status.php Show response oasidikufraupd.info/ajax/	0 454 B	315ms 301ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/ajax/user_send_status.php Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://oasidikufraupd.info/qfkmo X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJQbI%2BhhkjRfBuB31kXSDZ5FY2lUTQeX2hMfq7NcOsCq5g2dCfAFtCifm50uLPs3DLxW7%2FQ%2FfNFNXGBU8dYUsZHUJb17cq8LU6gVgKUCbD5Zu8OgZdpTdDlPFLiRbVX7RjfFcKMT"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd359e4d2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Fri, 27 Sep 2024 13:02:13 GMT content-type text/html; charset=UTF-8 server cloudflare
GET H3	200	flags.png oasidikufraupd.info/css/booking1/img/	30 KB 30 KB	68ms 66ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oasidikufraupd.info/css/booking1/img/flags.png Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/css/booking1/styles-new4.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/css/booking1/styles-new4.css Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66f56ed9-77d8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yGikMmLsMeT8cix7ppvEDTUNX%2FIkF0KtAHiVOMpGpMHSWM4xtFNkpmulaU4dE7KgdIGZaOsMxhWOUgIN5rtjoCCFwrtDFZ3Z4BwafPwWm5EO8W76PU4D15x%2BwOwsFuQZsOlVu2G"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd369f0d2f6-FRA accept-ranges bytes content-length 30680 date Fri, 27 Sep 2024 13:02:13 GMT content-type image/png last-modified Thu, 26 Sep 2024 14:25:29 GMT vary Accept-Encoding server cloudflare
GET H3	200	speculation oasidikufraupd.info/cdn-cgi/ Frame 641B	128 B 544 B	95ms 31ms	Other application/speculationrules+json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/cdn-cgi/speculation Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://oasidikufraupd.info Referer https://oasidikufraupd.info/chat/qfkmo Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0bU7aNCbbh8obssUNfOLwPOgvnwj%2Ft8oO32CQq7pq9u43h%2B%2Bo63Capqpsu6YeAX0pCJYtZf119FP1z6DeTkOaMJwnEiGZKTq0%2BD6eTMJ%2BamI7XfBiilze0hN9Y3IiCyLJZXcCx1"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd55896d2f6-FRA access-control-allow-origin https://oasidikufraupd.info content-length 128 date Fri, 27 Sep 2024 13:02:13 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	chat.css oasidikufraupd.info/css/ Frame 641B	106 KB 17 KB	129ms 89ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/css/chat.css Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/chat/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/chat/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56ec4-1a924" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0mtdqSYeUyvWfpAzfHvHQqr8VShGGxhoSLlLhU6hr54GlJhZYUYhrrNIJlaIhgMhXDwe29WdBtEpZsG%2F0Eg%2FRIa6W2K%2F05h4%2BUfI%2BGIeWBgb8jl0AWHmhWsNvd9tOnc9lJqrLnyE"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd54851d2f6-FRA date Fri, 27 Sep 2024 13:02:13 GMT content-type text/css last-modified Thu, 26 Sep 2024 14:25:08 GMT vary Accept-Encoding server cloudflare
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 641B	30 KB 6 KB	288ms 64ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/chat/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03e5f-7918" age 648298 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x29R3pJekttyNOVt%2B6x5GmJ2dlJaB9RMcOav%2B79xiWNb%2BO2bNtX9bOyD8sB2l5RwClI%2FMGafVaghiAYB71vvF72Z01DoFdjghK2O%2FT%2Frxkbrn%2FjRBMQicSBu1Ha57yRQbRNz9lIz"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 17 Sep 2025 13:02:13 GMT date Fri, 27 Sep 2024 13:02:13 GMT content-type text/css; charset=utf-8 last-modified Mon, 04 May 2020 16:10:07 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8c9bafd69e8ed1ff-FRA accept-ranges bytes access-control-allow-origin * content-length 5631 server cloudflare
GET H3	200	support.png oasidikufraupd.info/img/ Frame 641B	15 KB 16 KB	119ms 79ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oasidikufraupd.info/img/support.png Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/chat/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/chat/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66f56e87-3d12" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEH%2Fg1wIFERfYFAE3RrIsBmrn6WkrsCfKtkqupkysyiBC9RkjhZpqSrnQcos7GL%2FPjuJ%2Bp%2BOAQ8V%2F3KCahkYKZ85IQ1IU2kLgwweskDdW8UfAdLpVHuUYoBkb6D3NRDaS1QP24Oq"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd54866d2f6-FRA accept-ranges bytes content-length 15634 date Fri, 27 Sep 2024 13:02:13 GMT content-type image/png last-modified Thu, 26 Sep 2024 14:24:07 GMT vary Accept-Encoding server cloudflare
GET H3	200	support-open.png oasidikufraupd.info/img/ Frame 641B	21 KB 21 KB	116ms 75ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oasidikufraupd.info/img/support-open.png Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/chat/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/chat/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66f56e87-5400" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ee%2BzSDvdRCtA9I3L5I0aV7vL13J4Ei5kIUBDvlZ3RoInUlkRhKAL9sQRan8S3FTZ7%2BLwOAfPgF6Div49pbLtGwPUM9t5BXbBcLfXomCgOq3PhKM4GMBBWUYmxgOkfRDUlAGamkXP"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd5486ad2f6-FRA accept-ranges bytes content-length 21504 date Fri, 27 Sep 2024 13:02:13 GMT content-type image/png last-modified Thu, 26 Sep 2024 14:24:07 GMT vary Accept-Encoding server cloudflare
GET H3	200	jquery.min.js Show response oasidikufraupd.info/dist/new_card_design/ Frame 641B	87 KB 32 KB	120ms 82ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/dist/new_card_design/jquery.min.js Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/chat/qfkmo Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/chat/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"66f56ee5-15d84" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkLMqdKqbj9BBr8A6bYoyOsnSgJnuSoyX5OG1mz2jxtQalfAONy%2F2LwARDNqpK3nZHmXcZjdRJwKZ76ql8qPSf9Jdfag8QqAAXcOdmXrnrTfYIo1Dg4qImcYfJxVu67Qxh86F298"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd5486dd2f6-FRA date Fri, 27 Sep 2024 13:02:13 GMT content-type application/javascript last-modified Thu, 26 Sep 2024 14:25:41 GMT vary Accept-Encoding server cloudflare
POST H3	200	msg_check.php Show response oasidikufraupd.info/ajax/ Frame 641B	2 KB 1 KB	261ms 125ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/ajax/msg_check.php Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/dist/new_card_design/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1908dbc75b708ebaadc68151a5a6a5a3e2cb7faf4a3d1503b579ed677862a7a9 Request headers Referer https://oasidikufraupd.info/chat/qfkmo X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsR3sS0N78qHnh9E4zT19ndEd0YWdOrMPRWbWXvyOgkmEVVeDoi9HEckLDB8%2FUnVAk2zkvm7KTMx397v%2BPouE%2FuwMzRZsKlia2gz98K%2BJ5ozkqZ2ILG8gqch3OLws9LWCVqTMfXk"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd6fdd2d2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Fri, 27 Sep 2024 13:02:13 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	200	favicon.ico oasidikufraupd.info/	177 KB 44 KB	100ms 93ms	Other image/vnd.microsoft.icon	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63f125a6025a5caea38f91b98ffd8d560cdf532329f12e4fe143453161ce7dea Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/qfkmo Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"2c208-623067cf79562" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fr1mr2Lf%2BYLlm8%2B5m4L7lN8jwFDRurXEtSbYFy15m1fSE5MHhr2EikDm0Lp8%2FPVeztby7PCzSG21eKADWhF4AwUbn1C3hpbJMlndW%2BpG34Rq9LCdPrlKACJScYKT3eXMjb1ONBXP"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd7d880d2f6-FRA date Fri, 27 Sep 2024 13:02:13 GMT content-type image/vnd.microsoft.icon last-modified Thu, 26 Sep 2024 14:23:53 GMT vary Accept-Encoding server cloudflare
GET H3	200	%7Bimage%7D oasidikufraupd.info/chat/ Frame 641B	0 486 B	229ms 226ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://oasidikufraupd.info/chat/%7Bimage%7D Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://oasidikufraupd.info/chat/qfkmo Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Beaim6VwNUSsxtfzfojLY%2FbqWJXguKzQHayntRmXiXFWuyx%2BhHr4999q85osHp73SxG6xB5a7MOYW%2FoYND2IVPkCwTnB7h93jzFyRPqVLUtzOKtMdwBqjSdVqcNxXzwUIOZoxPnH"}],"group":"cf-nel","max_age":604800} cf-ray 8c9bafd8ec14d2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Fri, 27 Sep 2024 13:02:14 GMT content-type text/html; charset=UTF-8 server cloudflare
GET H3	206	chat.mp3 oasidikufraupd.info/css/ Frame 641B	12 KB 13 KB	200ms 200ms	Media audio/mpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/css/chat.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c56de2b13c86af5740564a85422cec47f56ea992e26374ebce0a024fc918e3a Request headers Referer https://oasidikufraupd.info/chat/qfkmo Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66f56ec4-31a5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNKG5977rwA6txMBue7OUjEvUt1A5UF4Hpi4fj%2BDFOkVUxfH0h%2BV9ijyGu1I5jm39X%2Fa9%2B2uAGR8%2FzP1cLU%2FSNgLOSKDoqDDZXEDzDY41%2Bn9MALhHjACE4Q9wPifJuEs%2FsAg8yNM"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-12708/12709 cf-ray 8c9bafd91cc3d2f6-FRA Content-Length 12709 date Fri, 27 Sep 2024 13:02:13 GMT content-type audio/mpeg last-modified Thu, 26 Sep 2024 14:25:08 GMT vary Accept-Encoding server cloudflare
POST H3	200	payment_card_status.php Show response oasidikufraupd.info/ajax/	16 B 475 B	114ms 96ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/ajax/payment_card_status.php Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220 Request headers Referer https://oasidikufraupd.info/qfkmo X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAmZs8p7vZO13GZn%2BuKUHLmVKPJxGVEqgKmyzCUk0mVMKpmswi4O9WgwQ8z5PVwyP4VxL0r%2BbUkctmCZjJEUBo9OYuzR%2FEZsTsss3EcyTTXs5nG6iw4dPlOyujiSgzIWPSREEmIZ"}],"group":"cf-nel","max_age":604800} cf-ray 8c9baff2ac7ad2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Fri, 27 Sep 2024 13:02:18 GMT content-type text/html; charset=UTF-8 server cloudflare
POST H3	200	user_send_status.php Show response oasidikufraupd.info/ajax/	0 474 B	156ms 147ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/ajax/user_send_status.php Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://oasidikufraupd.info/qfkmo X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJBi0avWnIZ759vciNOKDAIvukeCAmYeUq0men6F52iTUEmobhuVyfEZSS1TKhzvDWfHkWqsSb7pHOb6Hd8m4ml5%2FZ5C%2B8Urjr70v%2FjQ%2BgiBrlXQgZJQ2CVMbGaVVERHru0G4N%2FR"}],"group":"cf-nel","max_age":604800} cf-ray 8c9baff2ac83d2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 date Fri, 27 Sep 2024 13:02:18 GMT content-type text/html; charset=UTF-8 server cloudflare
POST H3	200	msg_check.php Show response oasidikufraupd.info/ajax/ Frame 641B	45 B 511 B	133ms 130ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oasidikufraupd.info/ajax/msg_check.php Requested by Host: oasidikufraupd.info URL: https://oasidikufraupd.info/dist/new_card_design/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5b7286d9c464e00264643e3bd0edb9a5212cf8bc4bb547f5f17c6f5eadda7b3 Request headers Referer https://oasidikufraupd.info/chat/qfkmo X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hqbKft9NtsZ%2FhcSjdwUNVBelgI2hzq0n8cyyzzPiYtvE%2FyQNrH3RyBgR%2BtM1%2Fd5%2Bjp4ce79LT3yuimHqaoRjxZ3vTyCieEtt2NSqGY%2Fn%2BRoZl%2BUO60%2BSM49dWHJgNNZViSooKy5"}],"group":"cf-nel","max_age":604800} cf-ray 8c9baff62a4bd2f6-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Fri, 27 Sep 2024 13:02:18 GMT content-type text/html; charset=UTF-8 server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| get_status function| onPage function| scrollToErrorInput

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oasidikufraupd.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0s9jj3tbtc4jal5fr5lhar2v0n

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
oasidikufraupd.info
q-xx.bstatic.com
104.17.25.14
188.114.97.3
2600:9000:2646:6000:5:bf05:acc0:93a1
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1908dbc75b708ebaadc68151a5a6a5a3e2cb7faf4a3d1503b579ed677862a7a9
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8
3c56de2b13c86af5740564a85422cec47f56ea992e26374ebce0a024fc918e3a
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb
570c2591df16aba69639a2982be580a11662193c30f66ae6099387c47491a9cf
5eaae12a5b85c3a24efd4d581e61ef3773befd9f64b1421c678038bf17c559ba
63f125a6025a5caea38f91b98ffd8d560cdf532329f12e4fe143453161ce7dea
6a6d75d79f101d4c7686f0ccfd38d6507e1df88c0277883a5ac345ecf3b0a9bc
794075538b19a75df8737bf2c563b3e46741007b3277ad98fced0622d9fb84d9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a1cdbc121d77d00a0e28218aeb785ff4fb86f0d698f7f10c228c0b88502b8a7b
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f210d7b1cdcd07fec06a6a77ce7eb4a2c70eacf9c93be77da5af8553b568af15
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973
f5b7286d9c464e00264643e3bd0edb9a5212cf8bc4bb547f5f17c6f5eadda7b3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4