URL: https://airdrops.oneclick.fi/
Submission: On October 08 via api from JP — Scanned from FI

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 31 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is airdrops.oneclick.fi.
TLS certificate: Issued by E5 on August 21st 2024. Valid for: 3 months.
This is the only time airdrops.oneclick.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 188.114.96.3 13335 (CLOUDFLAR...)
1 172.217.18.8 15169 (GOOGLE)
1 18.66.102.53 16509 (AMAZON-02)
1 13.32.27.5 16509 (AMAZON-02)
2 3 104.17.245.203 13335 (CLOUDFLAR...)
3 23.53.43.59 20940 (AKAMAI-ASN1)
1 13.33.187.92 16509 (AMAZON-02)
1 52.4.215.226 14618 (AMAZON-AES)
1 54.171.225.199 16509 (AMAZON-02)
2 216.239.34.36 15169 (GOOGLE)
2 34.117.12.109 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
31 13
Apex Domain
Subdomains
Transfer
15 oneclick.fi
airdrops.oneclick.fi
defi.oneclick.fi
3 MB
3 openwidget.com
cdn.openwidget.com — Cisco Umbrella Rank: 167740
api.openwidget.com — Cisco Umbrella Rank: 169231
30 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
34 KB
2 0xarc.io
prod.clickstream.api.0xarc.io
189 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
57 B
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 852
heapanalytics.com — Cisco Umbrella Rank: 666
38 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
1 sentry.io
o494993.ingest.sentry.io
340 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6755
171 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
103 KB
31 10
Domain Requested by
13 airdrops.oneclick.fi airdrops.oneclick.fi
3 unpkg.com 2 redirects airdrops.oneclick.fi
2 defi.oneclick.fi airdrops.oneclick.fi
2 prod.clickstream.api.0xarc.io unpkg.com
2 region1.google-analytics.com www.googletagmanager.com
airdrops.oneclick.fi
2 cdn.openwidget.com airdrops.oneclick.fi
cdn.openwidget.com
1 o494993.ingest.sentry.io airdrops.oneclick.fi
1 content.hotjar.io script.hotjar.com
1 api.openwidget.com cdn.openwidget.com
1 heapanalytics.com airdrops.oneclick.fi
1 script.hotjar.com static.hotjar.com
1 cdn.heapanalytics.com airdrops.oneclick.fi
1 static.hotjar.com airdrops.oneclick.fi
1 www.googletagmanager.com airdrops.oneclick.fi
31 14

This site contains links to these domains. Also see Links.

Domain
twitter.com
discord.gg
medium.com
www.youtube.com
www.oneclick.fi
discord.com
Subject Issuer Validity Valid
airdrops.oneclick.fi
E5
2024-08-21 -
2024-11-19
3 months crt.sh
*.google-analytics.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02
2024-05-29 -
2025-06-26
a year crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-10 -
2025-07-10
a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2023-11-09 -
2024-12-08
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
prod.clickstream.api.0xarc.io
R11
2024-09-25 -
2024-12-24
3 months crt.sh
defi.oneclick.fi
E6
2024-09-07 -
2024-12-06
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-03 -
2025-07-29
10 months crt.sh

This page contains 2 frames:

Primary Page: https://airdrops.oneclick.fi/
Frame ID: EDBBAAD33FD4FD0B99278B02CFFF7946
Requests: 33 HTTP requests in this frame

Frame: https://cdn.openwidget.com/widget/openwidget.html?embedded=1&widget_version=3&use_parent_storage=1&organizationId=6edc9125-4778-4b41-8a7e-fb9da1d4c958
Frame ID: 2877A3AE3396C67CA8C1C324BAA7A7B4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home for the best DeFi yields

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

31
Requests

94 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

5
Countries

3380 kB
Transfer

9386 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/@arcxmoney/analytics HTTP 302
  • https://unpkg.com/@arcxmoney/analytics@2.2.2 HTTP 302
  • https://unpkg.com/@arcxmoney/analytics@2.2.2/dist/index.umd.min.js

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
airdrops.oneclick.fi/
4 KB
2 KB
Document
General
Full URL
https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84f514dac818cf0826813e14fedcddae63ab1e3d581d53d320326087ca67756

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cf57605bbdedbfe-FRA
content-encoding
br
content-type
text/html
date
Tue, 08 Oct 2024 10:31:23 GMT
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKt3%2FMOaqdA%2FHpIed12hRCNv4au04hI2KXsDPtzQ3g56bu0FOqi4bElmUnJIWg73DLlYOwKB2BpR1ujzBY95Cv6DNRF%2Bt%2BlaXu5Kqup0yWp4N0Lc67nrEL13HkTmWbcqASaWQr0T5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
accept-encoding
speculation
airdrops.oneclick.fi/cdn-cgi/
128 B
493 B
Other
General
Full URL
https://airdrops.oneclick.fi/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7mKne%2Bxw%2FL5yawWbBkMIghRgi6lbqcUEDFYUa0F47HQreCdfS9V3IBHXNKH1SXkqoORoIz3FslIopDztysoZcpJ9YyMos0Z9zcv3cERqQ0NXGrwfJk12fRjU4mkJGDmO5Ar%2B%2FRn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf576072802dbfe-FRA
access-control-allow-origin
https://airdrops.oneclick.fi
content-length
128
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
306 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5EBX4MZY9
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
551c023a701f508e2fa264dbd491b00d0c073272362e05d13ea27be126e6f4d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 08 Oct 2024 10:31:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104409
x-xss-protection
0
server
Google Tag Manager
main.0d1c24e7.js
airdrops.oneclick.fi/static/js/
7 MB
2 MB
Script
General
Full URL
https://airdrops.oneclick.fi/static/js/main.0d1c24e7.js
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6381dd53d909823558ff6e2bd54052e2e0b66a4edbd161e787ecef462791a195

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"6671592c-6ee737"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYqQGq3E89KdFUHO8hzuQVMFDleVKP3ZQhgynil6iB%2FZXs0MtIJTPq2SypPhrmrMyPxZHqM8JOsyD8FQoexxB3njCSFlFQVdBRFfxS0m%2BWoWpsJwfxmjcRUOFM8K%2FpbnLvfEoAJ9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5760768dddbfe-FRA
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
application/javascript
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
main.63dd04cb.css
airdrops.oneclick.fi/static/css/
81 KB
19 KB
Stylesheet
General
Full URL
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64bab19011e30fff5f8443470c691d7ac66132fd4d9077562a1e413e97069b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"6671592c-14394"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTVKB06xLQsMAlH4wX54XTaxx5TpYgr2QkLUsrq4uSGHH56xSZu98oMl0OkXv1RfIXF9Lf1ufDUnuJyy%2BN3ADCshErqRO12quQq9ty%2BDYfD9%2F7EmCRsS%2Bx5dkq5n%2BmYlVrT2TrSUbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf576072ffedbfe-FRA
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
text/css
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
hotjar-3433930.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3433930.js?sv=6
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
83b85b02554598eaa84c0cd97f5a2d17d2ab908d076a87079460c29d0d216383
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/19cd7d030792a62d4a69fb0bb5872ba1
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
VSLxZo3Hr_S4YC-3J7iGUjBG7oViclH254uBtt6d4TThS3OP5nzORw==
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
heap-3087993022.js
cdn.heapanalytics.com/js/
117 KB
38 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-3087993022.js
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-5.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
fd9ade1eab3ea49d8f56491d4ef25449f2cbde83951d0c528017bad1eacf0564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

content-encoding
br
etag
W/"1d4bc-iVW2EMOp+OZTRB0aTictK1FBJsE"
age
38
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
MBzwNZh8Dsd0p2eUL9V8QFKXTxAmfALDDxT3HkRt8aTJnSRH7UNv1A==
date
Tue, 08 Oct 2024 10:30:46 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
server
nginx
index.umd.min.js
unpkg.com/@arcxmoney/analytics@2.2.2/dist/
Redirect Chain
  • https://unpkg.com/@arcxmoney/analytics
  • https://unpkg.com/@arcxmoney/analytics@2.2.2
  • https://unpkg.com/@arcxmoney/analytics@2.2.2/dist/index.umd.min.js
86 KB
33 KB
Script
General
Full URL
https://unpkg.com/@arcxmoney/analytics@2.2.2/dist/index.umd.min.js
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Server
104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5983f54b35cecd4b3412949c956280d435498cc043b099dba927e008d80b5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1591d-tr2Jk1GFtoNnbSeI9aHfxpOD5kc"
age
8457
x-content-type-options
nosniff
date
Tue, 08 Oct 2024 10:31:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J9NJVX4MTVF4GQ4YBQ371WY9-arn
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8cf5760e3a928d8f-HEL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
location
/@arcxmoney/analytics@2.2.2/dist/index.umd.min.js
content-encoding
br
cf-cache-status
HIT
age
8458
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8cf5760c48c68d8f-HEL
access-control-allow-origin
*
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J9NJVVJFVM9VK526YJ50SNSP-arn
server
cloudflare
openwidget.js
cdn.openwidget.com/
82 KB
26 KB
Script
General
Full URL
https://cdn.openwidget.com/openwidget.js
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dc21cce7be7e11b3ffc04dda71a25b5dcb52f0f4edb7ce089b49fdc4017bb49d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

content-type
application/javascript; charset=utf-8
cache-control
max-age=28800
content-encoding
br
etag
W/"c065168acc77bb02cece4c83b0f210f7"
x-amz-version-id
mjXeyUTYtldflz2d.Q1ZbKd6qps0jBT8
expires
Tue, 08 Oct 2024 18:31:24 GMT
access-control-allow-origin
*
content-length
26531
x-amz-cf-id
TWvSJR2gXGE6yfnehXCDrgLMVqNHYprL7uRe7i57py0-uURxvmK7aQ==
date
Tue, 08 Oct 2024 10:31:24 GMT
last-modified
Thu, 03 Oct 2024 13:21:47 GMT
vary
Accept-Encoding
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
bg-texture.5844156da7e1af700418.png
airdrops.oneclick.fi/static/media/
677 KB
679 KB
Image
General
Full URL
https://airdrops.oneclick.fi/static/media/bg-texture.5844156da7e1af700418.png
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dbcb06847409f98f60304b2f451e73fc636713f0c4c8244c216de0779f975e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-a95cd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwIwGiLRk%2BwyAMwHfCOWwRxhYcFHalVzGmmCji%2BaOiP3GzgThPm6oECTk5jY4iLJaAk43gUqChECsaSwUfU6UHZFxYgVvXKo7MskqZN5Q0AWnuDaDo0p7opxu%2B%2FULSrrex13FnvJJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf576083b48dbfe-FRA
accept-ranges
bytes
content-length
693709
date
Tue, 08 Oct 2024 10:31:24 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
modules.c455055d4255707cc766.js
script.hotjar.com/
224 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.c455055d4255707cc766.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3433930.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-92.fra60.r.cloudfront.net
Software
/
Resource Hash
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

x-robots-tag
none
content-encoding
br
etag
"00be896dff288cee0f2fab3c81ad1a2f"
age
82097
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CpwlM8hgnc3GVlIpvBFT_ZEzbDgqYOtTtqK7BdNCYsw7YhJ04BOPLA==
date
Mon, 07 Oct 2024 11:43:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 11:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56546
x-amz-cf-pop
FRA60-P9
h
heapanalytics.com/
37 B
378 B
Image
General
Full URL
https://heapanalytics.com/h?a=3087993022&u=44811187402389&v=1904383269589192&s=7094587067113077&b=web&tv=4.0&z=0&h=%2F&d=airdrops.oneclick.fi&t=Home%20for%20the%20best%20DeFi%20yields&ts=1728383484445&sch=1200&scw=1600&st=1728383484463&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.215.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-215-226.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Tue, 08 Oct 2024 10:31:25 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
6edc9125-4778-4b41-8a7e-fb9da1d4c958
api.openwidget.com/v1.0/configuration/
9 KB
4 KB
Script
General
Full URL
https://api.openwidget.com/v1.0/configuration/6edc9125-4778-4b41-8a7e-fb9da1d4c958?jsonp=__ow_config
Requested by
Host: cdn.openwidget.com
URL: https://cdn.openwidget.com/openwidget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-59.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
ee680853491979a735c9de0c39d75c41dfc480f510f72a6f45bf70c44484406c
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

content-encoding
gzip
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
akamai-cache-control
max-age=10
date
Tue, 08 Oct 2024 10:31:25 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cdn-cache-control
no-store
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cache-control
max-age=10, public, must-revalidate
x-envoy-upstream-service-time
14
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
content-length
3438
x-xss-protection
0
origin-agent-cluster
?1
server
istio-envoy
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=3433930&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c455055d4255707cc766.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.225.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-225-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
89b352f03b98aebd7f0b9b7efe94bb0aff369b33174069f2d51b0b5958468dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://airdrops.oneclick.fi/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Tue, 08 Oct 2024 10:31:26 GMT
content-type
application/json
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R5EBX4MZY9&gtm=45je4a20v9106797085za200&_p=1728383483950&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1807935904.1728383485&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728383485&sct=1&seg=0&dl=https%3A%2F%2Fairdrops.oneclick.fi%2F&dt=Home%20for%20the%20best%20DeFi%20yields&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2203
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5EBX4MZY9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://airdrops.oneclick.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 10:31:26 GMT
content-type
text/plain
server
Golfe2
openwidget.html
cdn.openwidget.com/widget/ Frame 2877
0
0
Document
General
Full URL
https://cdn.openwidget.com/widget/openwidget.html?embedded=1&widget_version=3&use_parent_storage=1&organizationId=6edc9125-4778-4b41-8a7e-fb9da1d4c958
Requested by
Host: cdn.openwidget.com
URL: https://cdn.openwidget.com/openwidget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://airdrops.oneclick.fi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
456
content-type
text/html
date
Tue, 08 Oct 2024 10:31:26 GMT
etag
"bf57e4e791082ee16857cfe09fa9ebdf"
expires
Tue, 08 Oct 2024 10:31:26 GMT
last-modified
Tue, 08 Oct 2024 08:45:20 GMT
pragma
no-cache
server
AmazonS3
vary
Accept-Encoding
x-amz-cf-id
_nriaboHCCQibY4KX5IjK-pEPH9I3RDS_cjeONfcztBkkwhcjiHkoQ==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
md4CuFZ9acfahBQ0SYJgt1MyQ8eG1U3i
identify
prod.clickstream.api.0xarc.io/v1/
26 B
189 B
Fetch
General
Full URL
https://prod.clickstream.api.0xarc.io/v1/identify
Requested by
Host: unpkg.com
URL: https://unpkg.com/@arcxmoney/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.12.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.12.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
e8991ed08463786dc901c5c636ce2c8e27b2d2da6fbcfe12d370f8693347163b

Request headers

X-Library-Usage
npm-package
Referer
https://airdrops.oneclick.fi/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-sdk-version
2.2.2
Content-Type
application/json; charset=UTF-8
x-api-key
2a5d33f604f83f82ae255bee1970a2db23286f98a5159753bc4ffa572b99c1bf

Response headers

cache-control
no-store
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
date
Tue, 08 Oct 2024 10:31:26 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
Google Frontend
x-cloud-trace-context
82cf0b701387dbedac74c6170bddc3b8
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
identify
prod.clickstream.api.0xarc.io/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.clickstream.api.0xarc.io/v1/identify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.12.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.12.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-library-usage,x-sdk-version
Access-Control-Request-Method
POST
Origin
https://airdrops.oneclick.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key,x-library-usage,x-sdk-version
access-control-allow-methods
GET,PUT,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 08 Oct 2024 10:31:26 GMT
server
Google Frontend
vary
Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
902656f266dacaeac37bb1cbf5ad517f
x-powered-by
Express
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad7213cda7871bda3bf1076d2b63342b0d4ba9e2b3caa039b5050b3069d89b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6e49e39fdc7fe6de10974a5f2bb2128c7b89299133a8ff5931944c11d525ab2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
123e1248f59eef05a42436f841138e2bcf0a3ac45709856c428995c753c25c68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dee09466f7eeede3aec82c5fd5e2605b7a1495560ed25df5e11a7cfe4e59663

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
fc414436-c11f-467a-b877-4f1f7dbb2868
https://airdrops.oneclick.fi/ Frame
0
0

Aeroport.83a9737aed9710dc489e.ttf
airdrops.oneclick.fi/static/media/
117 KB
117 KB
Font
General
Full URL
https://airdrops.oneclick.fi/static/media/Aeroport.83a9737aed9710dc489e.ttf
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29919a92386996430f3cffcd57213acd93735170181f067a37d64eec02a1c2ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-1d234"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apfU1Mm2%2Fx5Unr6jIS6mnVzY33ZJVxh1Vecb5gxsbV80M%2FqhKcdIlFFQ9DuTux4%2BJ89PS5PyoU7m6dFmbEPNb2APvbBCGpIA50%2BDFaswUnpswRVOsMlGGdseq7IXFhEclyPYd1TRYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a71dbfe-FRA
accept-ranges
bytes
content-length
119348
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
application/octet-stream
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
Tactic%20Round%20Med.f2e7a2ab7496f3f01c1a.ttf
airdrops.oneclick.fi/static/media/
109 KB
110 KB
Font
General
Full URL
https://airdrops.oneclick.fi/static/media/Tactic%20Round%20Med.f2e7a2ab7496f3f01c1a.ttf
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13938a1d7a8d76701ffc54ef50139f09fdf7d9d28ddfccbfd8875f1f5f46f99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-1b5fc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvNuAmq982zyW2jSkm3R%2FfE5QufOT2sRqGJmkm9zRgxEiD1uB4EkQclgWMy0fNQahEXKHDe5Pdr1wM4Xax%2Fv%2FBtdyPSwI0Nu7XriYSO1Tl45fgw2Lp3FEl2F3e1X125jjKuV1E5yXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a73dbfe-FRA
accept-ranges
bytes
content-length
112124
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
application/octet-stream
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
Aeroport-Light.cb91aeec08eb24618c24.ttf
airdrops.oneclick.fi/static/media/
117 KB
118 KB
Font
General
Full URL
https://airdrops.oneclick.fi/static/media/Aeroport-Light.cb91aeec08eb24618c24.ttf
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
153d2797506ed8669b6659c36cc1b426a309bd96781a8a5cfdc7d2aad2dfc349

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-1d4ac"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pIZnnWHJ3pevRuO5PMb4jxaCWhb0XxGljg0JfBa0ay7OEhW15x5lPh7jb7RtHXQuM5nZ0%2BNZMKzgvUDSIvgJ2ylSruthWxaOFzeHpopJ5WXe%2F%2FPY8arIcrby8uyX4otbFHJLMJInA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a77dbfe-FRA
accept-ranges
bytes
content-length
119980
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
application/octet-stream
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
Tactic%20Round%20Bld.50499630368a7f798cf9.ttf
airdrops.oneclick.fi/static/media/
109 KB
109 KB
Font
General
Full URL
https://airdrops.oneclick.fi/static/media/Tactic%20Round%20Bld.50499630368a7f798cf9.ttf
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3a479ff8fdc1942b77816af7e9a6d7bc597ea7c09fe3bafd78331438fb8c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-1b380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZDjl4QzzULVo4r77ZdXrAoaHHDbGtw3btx2Zg6mTRrDSvqQ3%2FyhToWbT%2BIcPxoeThLPVuYjDOJ52TUjq0uwNqoD59%2BvM48xoGzQ3yt8RuF%2F%2BvM%2BRgKr1nMjSDAHjj8eWWAAsJs%2FfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a78dbfe-FRA
accept-ranges
bytes
content-length
111488
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
application/octet-stream
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
Aeroport-Medium.9f52323cfa5e5ec055e8.ttf
airdrops.oneclick.fi/static/media/
117 KB
117 KB
Font
General
Full URL
https://airdrops.oneclick.fi/static/media/Aeroport-Medium.9f52323cfa5e5ec055e8.ttf
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/css/main.63dd04cb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9e7b9455b3bc925a2b8045a0e812156bf21a84166e6140a110ccfadc032f86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://airdrops.oneclick.fi
Referer
https://airdrops.oneclick.fi/static/css/main.63dd04cb.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-1d32c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1FisOghxSx3VY77CZBZEyMxQaUKsrytypLMEmP1wG%2BaY6p209wK%2FtYbd9UKu5UZpB10r8U%2BTkYXUigzgCrCnrvlG4GaswtoZdDZDihuQxe2F5KfovrH60GnCWstcFGSgoK8aFkcTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a7bdbfe-FRA
accept-ranges
bytes
content-length
119596
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
application/octet-stream
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8697c1b5bcd641321361ab84dc764bdfa8676f4c959be0155dbade53199fd409

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a3f6bf2d17a0c608c1963b819c64730a0f92ef18f4381ef0b05b028a3b93f57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
airdrop.53e15e1d7b1d5ef53bba.png
airdrops.oneclick.fi/static/media/
17 KB
18 KB
Image
General
Full URL
https://airdrops.oneclick.fi/static/media/airdrop.53e15e1d7b1d5ef53bba.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d407a26925d410e96206fe076309df241c731edd8121e6843856c24b343a0212

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-4532"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4lNayrNi4vUj79wesrYMurm218NaXgQaJJdQm4LoTJ73iB5GfrG93YeuvGa9JJIAWexqNy1izYoRc51zJLuWYqaC4vaHi6PC5QULf0MgN%2F%2BUIhPOdryTl9vJtyZmUcKkPGn7GN8pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a6bdbfe-FRA
accept-ranges
bytes
content-length
17714
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
airdrop-dark.f787748c393d4b14fb14.png
airdrops.oneclick.fi/static/media/
22 KB
22 KB
Image
General
Full URL
https://airdrops.oneclick.fi/static/media/airdrop-dark.f787748c393d4b14fb14.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aacdc76df225f2a8822df79114d54d26af66732e68dd183e6b0549a7edafb35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6671592c-56ad"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLFRgEAHtNDojzovG0XpKEECumASoGlBo825semq8TMr3QNaJFdDhqxczYIJiLvmOARfB3PnoSmb%2F%2F3HBHyyrtuZRSJa3IB35jMT7d7yjW%2BGERheidSNR09xiEc30brCm9NEdruz8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761a7a6ddbfe-FRA
accept-ranges
bytes
content-length
22189
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 09:53:48 GMT
vary
Accept-Encoding
server
cloudflare
risk-trendings
defi.oneclick.fi/api/v1/analysis/ Frame
0
0
Preflight
General
Full URL
https://defi.oneclick.fi/api/v1/analysis/risk-trendings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
baggage,sentry-trace
Access-Control-Request-Method
GET
Origin
https://airdrops.oneclick.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
baggage,sentry-trace
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8cf576201a3ddbec-FRA
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 08 Oct 2024 10:31:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rjac9P6OR7w%2Bjxzeeu7bLVJDF4QIUsl432sHW%2FUuTL5MyWeOD4P4B7z8AyQsIctaNj8jFfN%2F8qfWNpR9mMKk4Zcw%2FXrkHBPM3tUiHJuTK%2BdsoRhTJO6MV3%2F4jy%2FLBhExM6JK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
risk-trendings
defi.oneclick.fi/api/v1/analysis/
121 B
427 B
XHR
General
Full URL
https://defi.oneclick.fi/api/v1/analysis/risk-trendings
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/js/main.0d1c24e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414f18c9fc03bb201cbdbd45420aa96836f1b6befb262dc3729f1785400291a5
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sentry-trace
482377f53e8e4cb296cfa63d78d1a2ee-928dc6409791daed-1
Referer
https://airdrops.oneclick.fi/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
baggage
sentry-environment=production,sentry-public_key=0b84667b0ab9ce06a9323a92efe7a453,sentry-trace_id=482377f53e8e4cb296cfa63d78d1a2ee,sentry-sample_rate=1,sentry-sampled=true

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"79-Y+ufNYW40ez58cRTW4w/7uvOHnU"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZjJFnMARAjYgaRinoCs6tqihZ9ezWu9Sm%2FgB314H%2FAodp3XH5%2F8U4RI%2BdkchFaLGqDjCyALgoUengwOEg0rOWnAMOZq1nGlYWwoQsUO3cOv7xTThF5p1LtVEKjzPbYbsms5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Tue, 08 Oct 2024 10:31:28 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8cf57621e8aadbec-FRA
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
favicon.ico
airdrops.oneclick.fi/
54 KB
8 KB
Other
General
Full URL
https://airdrops.oneclick.fi/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e633b1fd384c8ee5656f3ef050728b26202d901571a85dc2109cd8f4642c085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"667158be-d96a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtzTzqrstGFztKv7ugKMbU649H93ZKwya5TYUH84P7%2F%2F99pXv%2BJuYAFESkrMZeM9IY3016YQ9yPcK%2FWTmgN%2BgGCfA7zuwi523sy5yvrxSxeE%2FieelaKoNjuCromVkP6BH2tFAXuWuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cf5761b1c0fdbfe-FRA
date
Tue, 08 Oct 2024 10:31:27 GMT
content-type
image/x-icon
last-modified
Tue, 18 Jun 2024 09:51:58 GMT
vary
Accept-Encoding
server
cloudflare
/
o494993.ingest.sentry.io/api/4505704449441792/envelope/
41 B
340 B
Fetch
General
Full URL
https://o494993.ingest.sentry.io/api/4505704449441792/envelope/?sentry_key=0b84667b0ab9ce06a9323a92efe7a453&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/js/main.0d1c24e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c708ab471650b0000be3c5bb8adc87a3c9740f2968560f70b305d75eedc08c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://airdrops.oneclick.fi/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
date
Tue, 08 Oct 2024 10:31:30 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
collect
region1.google-analytics.com/g/
0
57 B
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R5EBX4MZY9&gtm=45je4a20v9106797085za200&_p=1728383483950&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1807935904.1728383485&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728383485&sct=1&seg=0&dl=https%3A%2F%2Fairdrops.oneclick.fi%2F&dt=Home%20for%20the%20best%20DeFi%20yields&en=scroll&epn.percent_scrolled=90&_et=16&tfd=7222
Requested by
Host: airdrops.oneclick.fi
URL: https://airdrops.oneclick.fi/static/js/main.0d1c24e7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://airdrops.oneclick.fi/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://airdrops.oneclick.fi
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 10:31:30 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
airdrops.oneclick.fi
URL
blob:https://airdrops.oneclick.fi/fc414436-c11f-467a-b877-4f1f7dbb2868

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| hj object| _hjSettings object| heap object| __ow object| OpenWidget object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled boolean| __ow_inited object| LC_API object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| ArcxAnalyticsSdk object| webpackChunk_1cc_app object| regeneratorRuntime object| _ethers object| __APOLLO_CLIENT__ object| __SENTRY__ object| __sentry_instrumentation_handlers__ object| arcx

11 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: ab2b2b3b-be95-4691-a174-91168b6c13ac
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: fbb1330d0b8a9d32405f2dcbd643fec5a9c413a6341c3c309af8e31df3e28447ead2fd15d2f27d90068c4e17b19023d01abc8671d4ddfa0aac829988ba45
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: ab2b2b3b-be95-4691-a174-91168b6c13ac
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: fbb1330d0b8a9d32405f2dcbd643fec5a9c413a6341c3c309af8e31df3e28447ead2fd15d2f27d90068c4e17b19023d01abc8671d4ddfa0aac829988ba45
.oneclick.fi/ Name: _hp2_id.3087993022
Value: %7B%22userId%22%3A%2244811187402389%22%2C%22pageviewId%22%3A%221904383269589192%22%2C%22sessionId%22%3A%227094587067113077%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.oneclick.fi/ Name: _hjSessionUser_3433930
Value: eyJpZCI6IjEwNzk3N2Y4LTQzYTUtNTgzNC1iMmU4LTgyODIwZWFjYWU0OSIsImNyZWF0ZWQiOjE3MjgzODM0ODUyMDAsImV4aXN0aW5nIjp0cnVlfQ==
.oneclick.fi/ Name: _hjSession_3433930
Value: eyJpZCI6IjZiMWQyYmU1LWRiN2ItNGI1MC04MDBlLWQyYjY1NTk5ODM5NSIsImMiOjE3MjgzODM0ODUyMDEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.oneclick.fi/ Name: _ga
Value: GA1.1.1807935904.1728383485
.oneclick.fi/ Name: _ga_R5EBX4MZY9
Value: GS1.1.1728383485.1.0.1728383485.0.0.0
.oneclick.fi/ Name: _hp2_ses_props.3087993022
Value: %7B%22ts%22%3A1728383484445%2C%22d%22%3A%22airdrops.oneclick.fi%22%2C%22h%22%3A%22%2F%22%7D
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1728383517&tag=e3e195af7adacd588d54713bb281547ce5c11dca

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airdrops.oneclick.fi
api.openwidget.com
cdn.heapanalytics.com
cdn.openwidget.com
content.hotjar.io
defi.oneclick.fi
heapanalytics.com
o494993.ingest.sentry.io
prod.clickstream.api.0xarc.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
unpkg.com
www.googletagmanager.com
airdrops.oneclick.fi
104.17.245.203
13.32.27.5
13.33.187.92
172.217.18.8
18.66.102.53
188.114.96.3
216.239.34.36
23.53.43.59
34.117.12.109
34.120.195.249
52.4.215.226
54.171.225.199
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
123e1248f59eef05a42436f841138e2bcf0a3ac45709856c428995c753c25c68
153d2797506ed8669b6659c36cc1b426a309bd96781a8a5cfdc7d2aad2dfc349
1aacdc76df225f2a8822df79114d54d26af66732e68dd183e6b0549a7edafb35
1e633b1fd384c8ee5656f3ef050728b26202d901571a85dc2109cd8f4642c085
29919a92386996430f3cffcd57213acd93735170181f067a37d64eec02a1c2ef
3ad7213cda7871bda3bf1076d2b63342b0d4ba9e2b3caa039b5050b3069d89b6
414f18c9fc03bb201cbdbd45420aa96836f1b6befb262dc3729f1785400291a5
4dbcb06847409f98f60304b2f451e73fc636713f0c4c8244c216de0779f975e1
551c023a701f508e2fa264dbd491b00d0c073272362e05d13ea27be126e6f4d5
5dee09466f7eeede3aec82c5fd5e2605b7a1495560ed25df5e11a7cfe4e59663
6381dd53d909823558ff6e2bd54052e2e0b66a4edbd161e787ecef462791a195
83b85b02554598eaa84c0cd97f5a2d17d2ab908d076a87079460c29d0d216383
8697c1b5bcd641321361ab84dc764bdfa8676f4c959be0155dbade53199fd409
89b352f03b98aebd7f0b9b7efe94bb0aff369b33174069f2d51b0b5958468dfb
8a3f6bf2d17a0c608c1963b819c64730a0f92ef18f4381ef0b05b028a3b93f57
a84f514dac818cf0826813e14fedcddae63ab1e3d581d53d320326087ca67756
b6e49e39fdc7fe6de10974a5f2bb2128c7b89299133a8ff5931944c11d525ab2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5983f54b35cecd4b3412949c956280d435498cc043b099dba927e008d80b5f3
c708ab471650b0000be3c5bb8adc87a3c9740f2968560f70b305d75eedc08c66
d407a26925d410e96206fe076309df241c731edd8121e6843856c24b343a0212
dc21cce7be7e11b3ffc04dda71a25b5dcb52f0f4edb7ce089b49fdc4017bb49d
dc9e7b9455b3bc925a2b8045a0e812156bf21a84166e6140a110ccfadc032f86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bab19011e30fff5f8443470c691d7ac66132fd4d9077562a1e413e97069b7
e8991ed08463786dc901c5c636ce2c8e27b2d2da6fbcfe12d370f8693347163b
ee680853491979a735c9de0c39d75c41dfc480f510f72a6f45bf70c44484406c
f13938a1d7a8d76701ffc54ef50139f09fdf7d9d28ddfccbfd8875f1f5f46f99
fd3a479ff8fdc1942b77816af7e9a6d7bc597ea7c09fe3bafd78331438fb8c54
fd9ade1eab3ea49d8f56491d4ef25449f2cbde83951d0c528017bad1eacf0564