topbinaryoptions.ca Open in urlscan Pro
2606:4700:3035::6818:71c4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://loginidb.com/
Effective URL:
https://topbinaryoptions.ca/
Submission: On August 28 via automatic, source certstream-suspicious (August 28th 2020, 8:18:14 am UTC)

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::6818:71c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is topbinaryoptions.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 27th 2020. Valid for: a year.

This is the only time topbinaryoptions.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	89.223.90.242 89.223.90.242		201848 (TRADERSOFT) (TRADERSOFT)
14	2606:4700:303... 2606:4700:3035::6818:71c4		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a		15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81a::2003		15169 (GOOGLE) (GOOGLE)
20	3

1 89.223.90.242 (Russian Federation) 1 redirects

ASN201848 (TRADERSOFT, RU)
PTR: 188341.simplecloud.ru

loginidb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::6818:71c4 (United States)

ASN13335 (CLOUDFLARENET, US)

topbinaryoptions.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	topbinaryoptions.ca topbinaryoptions.ca	531 KB
4	gstatic.com fonts.gstatic.com	97 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	loginidb.com 1 redirects loginidb.com	311 B
20	4

	Domain	Requested by
14	topbinaryoptions.ca	topbinaryoptions.ca
4	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	topbinaryoptions.ca
1	loginidb.com	1 redirects
20	4

This site contains links to these domains. Also see Links.

Domain
zthemes.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-27` - `2021-05-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://topbinaryoptions.ca/
Frame ID: 02A616F5866BFB5124E25A27341709FE
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://loginidb.com/ HTTP 301
https://topbinaryoptions.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

630 kB
Transfer

839 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://zthemes.net/
Title: ZThemes Studio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://loginidb.com/ HTTP 301
https://topbinaryoptions.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
topbinaryoptions.ca/
Redirect Chain

https://loginidb.com/
https://topbinaryoptions.ca/

21 KB
6 KB

197ms
169ms

Document
text/html

2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165fad7ef79f73a53edb1e598dc5c4c86f68b3964e863c5a14cdb6726a78bf1a

Request headers

:method: GET
:authority: topbinaryoptions.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 28 Aug 2020 08:17:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2329277402bdc635ce45c5825041e5051598602656; expires=Sun, 27-Sep-20 08:17:36 GMT; path=/; domain=.topbinaryoptions.ca; HttpOnly; SameSite=Lax; Secure
x-pingback: https://topbinaryoptions.ca/xmlrpc.php
link: <https://topbinaryoptions.ca/wp-json/>; rel="https://api.w.org/" <https://topbinaryoptions.ca/>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 04d5bdd2470000bebfdf99a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c9c98ca0f8fbebf-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Fri, 28 Aug 2020 08:17:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Pingback: https://topbinaryoptions.ca/xmlrpc.php
X-Redirect-By: WordPress
Location: https://topbinaryoptions.ca/

GET
H2 200 style.min.css
topbinaryoptions.ca/wp-includes/css/dist/block-library/ 52 KB
7 KB 108ms
105ms Stylesheet
text/css 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 19:54:43 GMT
server: cloudflare
etag: W/"5efcea03-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb2839bebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf99e200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
topbinaryoptions.ca/wp-content/themes/kokoro/ 37 KB
8 KB 105ms
102ms Stylesheet
text/css 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/style.css?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73054ec0c3869c9d1c02c752ce6c6e3668d27a8804e8e7b35a33cb473a03f82d

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: W/"5efc43e0-9423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb283bbebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf99f200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
topbinaryoptions.ca/wp-content/themes/kokoro-rose/ 2 KB
945 B 115ms
113ms Stylesheet
text/css 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro-rose/style.css?ver=1.0.1
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb6f5eae44e1c3dc281d5b45b032046be311de1ac06c900ba7d367216aefe9e

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2019 14:48:12 GMT
server: cloudflare
etag: W/"5d0f912c-937"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb283cbebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf9a0200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
675 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C600%2C700%7CDancing+Script%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

890b448069f931f0d295f644fb3eedb419109be3bbaf155aba67bea48986c626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 08:17:36 GMT
server: ESF
date: Fri, 28 Aug 2020 08:17:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Aug 2020 08:17:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
991 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C500%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d99231826326444510e286d2e5afc8b80852c07cd88e57c3d6feaf4a4df07fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 08:17:36 GMT
server: ESF
date: Fri, 28 Aug 2020 08:17:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Aug 2020 08:17:36 GMT

GET
H2 200 font-awesome.min.css
topbinaryoptions.ca/wp-content/themes/kokoro/css/ 30 KB
7 KB 110ms
108ms Stylesheet
text/css 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/css/font-awesome.min.css?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: W/"5efc43e0-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb283dbebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf9a1200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
topbinaryoptions.ca/wp-includes/js/jquery/ 95 KB
32 KB 164ms
163ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: cloudflare
etag: W/"5cdeeaa5-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb283ebebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf9a2200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
topbinaryoptions.ca/wp-includes/js/jquery/ 10 KB
4 KB 102ms
101ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
etag: W/"573eaa90-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cb283fbebf-FRA
cf-request-id: 04d5bdd2f90000bebfdf9a3200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bop.png
topbinaryoptions.ca/wp-content/uploads/2019/06/ 458 KB
459 KB 14ms
13ms Image
image/png 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://topbinaryoptions.ca/wp-content/uploads/2019/06/bop.png
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8438bf098f487d54e9be2f6b65b000a217595d7b45d5947b677baaebbac1dea

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
cf-cache-status: HIT
age: 2845
status: 200
content-length: 469017
cf-request-id: 04d5bdd3b30000bebfdf9ab200000001
last-modified: Sun, 23 Jun 2019 15:14:04 GMT
server: cloudflare
etag: "5d0f973c-72819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5c9c98cc5916bebf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navigation.js Show response
topbinaryoptions.ca/wp-content/themes/kokoro/js/ 3 KB
1 KB 109ms
108ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/js/navigation.js?ver=20151215
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d043f796c75abe9f335364adee49eea3faade64e182952eae8999e207e3269

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: W/"5efc43e0-c7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cbd8bbbebf-FRA
cf-request-id: 04d5bdd36a0000bebfdf9a5200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skip-link-focus-fix.js Show response
topbinaryoptions.ca/wp-content/themes/kokoro/js/ 880 B
477 B 114ms
114ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: W/"5efc43e0-370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cc3904bebf-FRA
cf-request-id: 04d5bdd3a30000bebfdf9a8200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kokoro.js Show response
topbinaryoptions.ca/wp-content/themes/kokoro/js/ 521 B
347 B 103ms
102ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/js/kokoro.js?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c59307887ec3a740f4149fcfa7588f887126fcd4ce1720341f4471b2d5d1ef4

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: W/"5efc43e0-209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cc5913bebf-FRA
cf-request-id: 04d5bdd3b30000bebfdf9a9200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
topbinaryoptions.ca/wp-includes/js/ 1 KB
766 B 107ms
105ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 19:54:43 GMT
server: cloudflare
etag: W/"5efcea03-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cc5915bebf-FRA
cf-request-id: 04d5bdd3b30000bebfdf9aa200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
topbinaryoptions.ca/wp-includes/js/ 14 KB
4 KB 105ms
105ms Script
application/javascript 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://topbinaryoptions.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://topbinaryoptions.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Jul 2020 19:54:43 GMT
server: cloudflare
etag: W/"5efcea03-364d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
cf-ray: 5c9c98cc5917bebf-FRA
cf-request-id: 04d5bdd3b30000bebfdf9ac200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 searchsubmit.png
topbinaryoptions.ca/wp-content/themes/kokoro/img/ 1 KB
1 KB 13ms
13ms Image
image/png 2606:4700:3035::6818:71c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/img/searchsubmit.png
Requested by: Host: topbinaryoptions.ca
URL: https://topbinaryoptions.ca/wp-content/themes/kokoro/style.css?ver=5.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:71c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78

Request headers

Referer: https://topbinaryoptions.ca/wp-content/themes/kokoro/style.css?ver=5.4.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:17:36 GMT
cf-cache-status: HIT
age: 2841
status: 200
content-length: 1167
cf-request-id: 04d5bdd3b90000bebfdf9ad200000001
last-modified: Wed, 01 Jul 2020 08:05:52 GMT
server: cloudflare
etag: "5efc43e0-48f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5c9c98cc591dbebf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v16/ 26 KB
26 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v16/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C600%2C700%7CDancing+Script%3A400%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topbinaryoptions.ca
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C600%2C700%7CDancing+Script%3A400%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:06:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:06:34 GMT
server: sffe
age: 342637
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26876
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:06:59 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C500%2C600%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topbinaryoptions.ca
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C500%2C600%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 342820
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:56 GMT

GET
H2 200 If2RXTr6YS-zF4S-kcSWSVi_szLgiuEHiC4W.woff2
fonts.gstatic.com/s/dancingscript/v15/ 42 KB
42 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dancingscript/v15/If2RXTr6YS-zF4S-kcSWSVi_szLgiuEHiC4W.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C600%2C700%7CDancing+Script%3A400%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topbinaryoptions.ca
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400%2C600%2C700%7CDancing+Script%3A400%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:13:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:08:02 GMT
server: sffe
age: 342262
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:13:14 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C500%2C600%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://topbinaryoptions.ca
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C500%2C600%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:06:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:51 GMT
server: sffe
age: 342683
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:06:13 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| wp object| twemoji

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://topbinaryoptions.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
loginidb.com
topbinaryoptions.ca
2606:4700:3035::6818:71c4
2a00:1450:4001:806::200a
2a00:1450:4001:81a::2003
89.223.90.242
01d043f796c75abe9f335364adee49eea3faade64e182952eae8999e207e3269
165fad7ef79f73a53edb1e598dc5c4c86f68b3964e863c5a14cdb6726a78bf1a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
6c59307887ec3a740f4149fcfa7588f887126fcd4ce1720341f4471b2d5d1ef4
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
73054ec0c3869c9d1c02c752ce6c6e3668d27a8804e8e7b35a33cb473a03f82d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
890b448069f931f0d295f644fb3eedb419109be3bbaf155aba67bea48986c626
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bcb6f5eae44e1c3dc281d5b45b032046be311de1ac06c900ba7d367216aefe9e
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
d99231826326444510e286d2e5afc8b80852c07cd88e57c3d6feaf4a4df07fe3
dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78
f8438bf098f487d54e9be2f6b65b000a217595d7b45d5947b677baaebbac1dea