urlscan.io logo urlscan.io
SecurityTrails logo

btcclicks.com Open in urlscan Pro
104.26.5.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://j.mp/btcclicks
Effective URL: https://btcclicks.com/?r=18ad2a04
Submission: On February 19 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 20 HTTP transactions. The main IP is 104.26.5.171, located in United States and belongs to CLOUDFLARENET, US. The main domain is btcclicks.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 11th 2019. Valid for: a year.
This is the only time btcclicks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.16 396982 (GOOGLE-PR...)
1 10 104.26.5.171 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
2 162.247.242.18 23467 (NEWRELIC-...)
20 7
1    67.199.248.16 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: j.mp
j.mp
10    104.26.5.171 (United States)

ASN13335 (CLOUDFLARENET, US)
btcclicks.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700:3037::681b:bcfb (United States)

ASN13335 (CLOUDFLARENET, US)
coinad.com
2    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
10 btcclicks.com 1 redirects btcclicks.com
3 coinad.com btcclicks.com
2 bam.nr-data.net js-agent.newrelic.com
btcclicks.com
2 fonts.gstatic.com btcclicks.com
2 www.google-analytics.com btcclicks.com
1 js-agent.newrelic.com btcclicks.com
1 fonts.googleapis.com btcclicks.com
1 j.mp 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
coinad.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
btcclicks.com
CloudFlare Inc ECC CA-2		 2019-09-11 -
2020-09-10		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-29 -
2020-10-09		 8 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://btcclicks.com/?r=18ad2a04
Frame ID: DE39274DF9CEFF61D03F9015AFF6E38A
Requests: 17 HTTP requests in this frame

Frame: https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=G6452TEGH6Y6Q
Frame ID: 9F81F9850D9061C1C1CEAFAD82A2796D
Requests: 1 HTTP requests in this frame

Frame: https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=OGQZQUVQJXZBH
Frame ID: 46955766D19B09C2A4EEB261F920A045
Requests: 1 HTTP requests in this frame

Frame: https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=96TDDCI1CMUUX
Frame ID: 419E9A69E275F0452AA8631C5410418E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://j.mp/btcclicks HTTP 301
    http://btcclicks.com/?r=18ad2a04 HTTP 301
    https://btcclicks.com/?r=18ad2a04 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

643 kB
Transfer

1374 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://j.mp/btcclicks HTTP 301
    http://btcclicks.com/?r=18ad2a04 HTTP 301
    https://btcclicks.com/?r=18ad2a04 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
btcclicks.com/
Redirect Chain
  • http://j.mp/btcclicks
  • http://btcclicks.com/?r=18ad2a04
  • https://btcclicks.com/?r=18ad2a04
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b81b869035aa370879f0cb76b10a89a325a88f4b1a065c0b79b3e29f75d03fa

Request headers

:method
GET
:authority
btcclicks.com
:scheme
https
:path
/?r=18ad2a04
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d234227ef87c4ae916efe69648b41b8961582080562; PHPSESSID=rrm42ducd8dn0nccq452lh6rr4; ref=18ad2a04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 19 Feb 2020 02:49:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-origin
http://btcclicks.com
access-control-allow-credentials
true
set-cookie
ref=18ad2a04; expires=Fri, 20-Mar-2020 02:49:23 GMT; Max-Age=2592000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5674ed5f3c99d8b5-AMS
content-encoding
br

Redirect headers

Date
Wed, 19 Feb 2020 02:49:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d234227ef87c4ae916efe69648b41b8961582080562; expires=Fri, 20-Mar-20 02:49:22 GMT; path=/; domain=.btcclicks.com; HttpOnly; SameSite=Lax PHPSESSID=rrm42ducd8dn0nccq452lh6rr4; path=/; HttpOnly ref=18ad2a04; expires=Fri, 20-Mar-2020 02:49:22 GMT; Max-Age=2592000
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Access-Control-Allow-Origin
https://btcclicks.com
Access-Control-Allow-Credentials
true
Location
https://btcclicks.com/?r=18ad2a04
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5674ed5caed1c785-AMS
css-67232ec0.css
btcclicks.com/css/ 		178 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btcclicks.com/css/css-67232ec0.css
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbaa9954e341e977acc8618caaf45ea63818cf685f264127f34b08b9ded1cb23

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
content-encoding
br
cf-cache-status
HIT
age
225446
cf-polished
origSize=182524
status
200
pragma
public
last-modified
Mon, 30 Jul 2018 08:15:48 GMT
server
cloudflare
etag
W/"5b5ec934-2c8fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Sun, 23 Feb 2020 12:11:57 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray
5674ed637978d8b5-AMS
cf-bgj
minify
js-4bf157a7.js
btcclicks.com/js/ 		642 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btcclicks.com/js/js-4bf157a7.js
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d548f37790c334ba98c948694f03969dee6774ae47cd3b50b6e26fcc9c1adf11

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
content-encoding
br
cf-cache-status
HIT
age
534205
cf-polished
origSize=668255
status
200
pragma
public
last-modified
Thu, 27 Jun 2019 05:52:23 GMT
server
cloudflare
etag
W/"5d145997-a325f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
expires
Wed, 19 Feb 2020 22:25:58 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray
5674ed637979d8b5-AMS
cf-bgj
minify
css
fonts.googleapis.com/ 		4 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Feb 2020 02:49:23 GMT
server
ESF
date
Wed, 19 Feb 2020 02:49:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Feb 2020 02:49:23 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
951
date
Wed, 19 Feb 2020 02:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Wed, 19 Feb 2020 04:33:32 GMT
show.php
coinad.com/ads/show/ Frame 9F81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=G6452TEGH6Y6Q
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:bcfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash

Request headers

:method
GET
:authority
coinad.com
:scheme
https
:path
/ads/show/show.php?a=NG6YVO4NNYJAD&b=G6452TEGH6Y6Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://btcclicks.com/?r=18ad2a04
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://btcclicks.com/?r=18ad2a04

Response headers

status
200
date
Wed, 19 Feb 2020 02:49:24 GMT
content-type
text/html
set-cookie
__cfduid=d67f106009397e1eb8454fc0654a3181d1582080563; expires=Fri, 20-Mar-20 02:49:23 GMT; path=/; domain=.coinad.com; HttpOnly; SameSite=Lax
x-powered-by
PHP/5.5.9-1ubuntu4.29
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5674ed640e171e47-FRA
content-encoding
br
show.php
coinad.com/ads/show/ Frame 4695 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=OGQZQUVQJXZBH
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:bcfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash

Request headers

:method
GET
:authority
coinad.com
:scheme
https
:path
/ads/show/show.php?a=NG6YVO4NNYJAD&b=OGQZQUVQJXZBH
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://btcclicks.com/?r=18ad2a04
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://btcclicks.com/?r=18ad2a04

Response headers

status
200
date
Wed, 19 Feb 2020 02:49:24 GMT
content-type
text/html
set-cookie
__cfduid=d67f106009397e1eb8454fc0654a3181d1582080563; expires=Fri, 20-Mar-20 02:49:23 GMT; path=/; domain=.coinad.com; HttpOnly; SameSite=Lax
x-powered-by
PHP/5.5.9-1ubuntu4.29
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5674ed640e1a1e47-FRA
content-encoding
br
show.php
coinad.com/ads/show/ Frame 419E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://coinad.com/ads/show/show.php?a=NG6YVO4NNYJAD&b=96TDDCI1CMUUX
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:bcfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash

Request headers

:method
GET
:authority
coinad.com
:scheme
https
:path
/ads/show/show.php?a=NG6YVO4NNYJAD&b=96TDDCI1CMUUX
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://btcclicks.com/?r=18ad2a04
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://btcclicks.com/?r=18ad2a04

Response headers

status
200
date
Wed, 19 Feb 2020 02:49:24 GMT
content-type
text/html
set-cookie
__cfduid=d67f106009397e1eb8454fc0654a3181d1582080563; expires=Fri, 20-Mar-20 02:49:23 GMT; path=/; domain=.coinad.com; HttpOnly; SameSite=Lax
x-powered-by
PHP/5.5.9-1ubuntu4.29
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5674ed640e1c1e47-FRA
content-encoding
br
logo_dark_bg.png
btcclicks.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btcclicks.com/images/logo_dark_bg.png
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c4aab3626ae59866294a39510d8cba0152ffa989068b8be02309245ba66361

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
age
532630
cf-polished
origSize=15737
status
200
content-length
10260
pragma
public
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
etag
"56188bd7-3d79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 19 Feb 2020 22:52:13 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
5674ed63fa01d8b5-AMS
cf-bgj
imgq:100
icon_sandwich.png
btcclicks.com/images/ 		123 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btcclicks.com/images/icon_sandwich.png
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f5c72b6574bb0bc929fd76bd55b7207fbff03b8baf4d351f9bec92a872caf3

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
age
361739
cf-polished
pngoptimizer, origSize=1022
status
200
content-length
123
pragma
public
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
etag
"56188bd7-3fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Fri, 21 Feb 2020 22:20:24 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
5674ed63fa04d8b5-AMS
cf-bgj
imgq:100
btc_bg_b.jpg
btcclicks.com/images/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btcclicks.com/images/btc_bg_b.jpg
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde0a23b915d188c50e64ce5241d4367a2c65e4f4209d79ba2aa27a9369439ea

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
age
360520
cf-polished
status=not_needed
status
200
content-length
192567
pragma
public
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
etag
"56188bd7-2f037"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Fri, 21 Feb 2020 22:40:42 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
5674ed63fa05d8b5-AMS
cf-bgj
imgq:100
btc_bg_a.jpg
btcclicks.com/images/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btcclicks.com/images/btc_bg_a.jpg
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c218106c7e2e41384ca7f032048811818467afb3ed3d74366d36e45d51a82025

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
age
10059
cf-polished
origSize=171215
status
200
content-length
166801
pragma
public
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
etag
"56188bd7-29ccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 00:01:44 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
5674ed63fa06d8b5-AMS
cf-bgj
imgq:100
patt_diagonals.png
btcclicks.com/images/ 		123 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btcclicks.com/images/patt_diagonals.png
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52db5d0428d813df4968c8b467c859bc1f6df32b99fe3df956f312e218d97a2

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
age
495334
cf-polished
status=not_needed
status
200
content-length
123
pragma
public
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
etag
"56188bd7-7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 20 Feb 2020 09:13:49 GMT
cache-control
public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
5674ed63fa07d8b5-AMS
cf-bgj
imgq:100
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin
https://btcclicks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:26:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
2305401
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13612
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:26:02 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin
https://btcclicks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:08:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
2306462
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:08:21 GMT
fontawesome-webfont.woff2
btcclicks.com/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://btcclicks.com/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://btcclicks.com/css/css-67232ec0.css
Origin
https://btcclicks.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Feb 2020 02:49:23 GMT
cf-cache-status
HIT
last-modified
Sat, 10 Oct 2015 03:53:59 GMT
server
cloudflare
age
360912
etag
"56188bd7-fbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5674ed63fa10d8b5-AMS
content-length
64464
expires
Fri, 28 Feb 2020 22:34:11 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1878899881&t=pageview&_s=1&dl=https%3A%2F%2Fbtcclicks.com%2F%3Fr%3D18ad2a04&ul=en-us&de=UTF-8&dt=Bitcoin%20PTC%20-%20Earn%20BTC%20for%20Viewing%20Ads%20%7C%20BTCClicks&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=2076876704&gjid=1011457617&cid=1885069817.1582080564&tid=UA-41200286-1&_gid=1250469033.1582080564&_r=1&cd1=Ads%20Not%20Blocked&cd2=4e60f30d&z=1035636765
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 19 Feb 2020 02:49:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1167.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1167.min.js
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 02:49:24 GMT
content-encoding
gzip
x-amz-request-id
3F6B13CD94955BD2
x-cache
HIT
status
200
content-length
10178
x-amz-id-2
owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by
cache-fra19130-FRA
last-modified
Fri, 07 Feb 2020 23:39:55 GMT
server
AmazonS3
x-timer
S1582080565.731395,VS0,VE0
etag
"8155781ab74e51eee2ead2c1d5902e63"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
325
604fd9d045
bam.nr-data.net/1/ 		57 B
274 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/604fd9d045?a=20356313&v=1167.2a4546b&to=YwRWMkRQDRcDVxZQXlpOdxNFRQwJTV0MXVRM&rst=2251&ref=https://btcclicks.com/&ap=27&be=1239&fe=2154&dc=1374&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1582080562510,%22n%22:0,%22f%22:528,%22dn%22:529,%22dne%22:529,%22c%22:529,%22s%22:540,%22ce%22:560,%22rq%22:560,%22rp%22:1233,%22rpe%22:1234,%22dl%22:1235,%22di%22:1374,%22ds%22:1374,%22de%22:1390,%22dc%22:2153,%22l%22:2153,%22le%22:2154%7D,%22navigation%22:%7B%7D%7D&fp=1348&fcp=1348&at=T0NVRAxKHhk%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
604fd9d045
bam.nr-data.net/events/1/ 		24 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/604fd9d045?a=20356313&v=1167.2a4546b&to=YwRWMkRQDRcDVxZQXlpOdxNFRQwJTV0MXVRM&rst=12249&ref=https://btcclicks.com/
Requested by
Host: btcclicks.com
URL: https://btcclicks.com/?r=18ad2a04
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://btcclicks.com/?r=18ad2a04
Origin
https://btcclicks.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://btcclicks.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga object| _0x8a47 function| md5cycle function| cmn function| ff function| gg function| hh function| ii function| md51 function| md5blk function| rhex function| hex function| md5 function| add32 function| onRecaptchaLoad object| hex_chr function| $ function| jQuery object| jQuery19104025287582246324 object| bootbox string| txt object| html5 object| Modernizr object| Pace object| _0x9ead object| hgd object| _0x2f44 function| ftuh function| SwfStore object| BTCClicks object| Util object| google_tag_data object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.coinad.com/ Name: _gid
Value: GA1.2.2048474858.1582080564
mellowads.com/ Name: user
Value: referrer=
.coinad.com/ Name: _ga
Value: GA1.2.477449115.1582080564
.coinad.com/ Name: _gat
Value: 1
.btcclicks.com/ Name: _gid
Value: GA1.2.1250469033.1582080564
btcclicks.com/ Name: ref
Value: 18ad2a04
btcclicks.com/ Name: PHPSESSID
Value: rrm42ducd8dn0nccq452lh6rr4
.btcclicks.com/ Name: _ga
Value: GA1.2.1885069817.1582080564
.btcclicks.com/ Name: _gat
Value: 1
.btcclicks.com/ Name: __cfduid
Value: d234227ef87c4ae916efe69648b41b8961582080562

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
btcclicks.com
coinad.com
fonts.googleapis.com
fonts.gstatic.com
j.mp
js-agent.newrelic.com
www.google-analytics.com
104.26.5.171
151.101.14.110
162.247.242.18
2606:4700:3037::681b:bcfb
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:819::2003
67.199.248.16
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
3b81b869035aa370879f0cb76b10a89a325a88f4b1a065c0b79b3e29f75d03fa
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
51f5c72b6574bb0bc929fd76bd55b7207fbff03b8baf4d351f9bec92a872caf3
53c4aab3626ae59866294a39510d8cba0152ffa989068b8be02309245ba66361
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
c218106c7e2e41384ca7f032048811818467afb3ed3d74366d36e45d51a82025
d52db5d0428d813df4968c8b467c859bc1f6df32b99fe3df956f312e218d97a2
d548f37790c334ba98c948694f03969dee6774ae47cd3b50b6e26fcc9c1adf11
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fbaa9954e341e977acc8618caaf45ea63818cf685f264127f34b08b9ded1cb23
fde0a23b915d188c50e64ce5241d4367a2c65e4f4209d79ba2aa27a9369439ea