urlscan.io logo urlscan.io
SecurityTrails logo

brick-universe.cf Open in urlscan Pro
2606:4700:3036::ac43:a74f  Public Scan

Go To Rescan Add Verdict Report
URL: https://brick-universe.cf/
Submission: On February 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3036::ac43:a74f, located in United States and belongs to CLOUDFLARENET, US. The main domain is brick-universe.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2020. Valid for: a year.
This is the only time brick-universe.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2.18.233.40 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 63.35.200.21 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 174.129.26.222 14618 (AMAZON-AES)
19 8
6    2606:4700:3036::ac43:a74f (United States)

ASN13335 (CLOUDFLARENET, US)
brick-universe.cf
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2.18.233.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    174.129.26.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-26-222.compute-1.amazonaws.com
nextroll.com
Domain Requested by
6 brick-universe.cf cdnjs.cloudflare.com
brick-universe.cf
5 fonts.gstatic.com fonts.googleapis.com
4 s.adroll.com 1 redirects brick-universe.cf
s.adroll.com
2 fonts.googleapis.com brick-universe.cf
1 nextroll.com brick-universe.cf
1 d.adroll.com brick-universe.cf
1 d.adroll.mgr.consensu.org 1 redirects
1 cdnjs.cloudflare.com brick-universe.cf
19 8

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
help.brick-universe.cf
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-04 -
2021-11-03		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
nextroll.com
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://brick-universe.cf/
Frame ID: 7A0E00522FD910846EEED91B9489F7E5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

19
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

642 kB
Transfer

1117 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://s.adroll.com/j/exp/AWXDKDCOJNCB3IHOADPFXQ/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 5
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/AWXDKDCOJNCB3IHOADPFXQ?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/AWXDKDCOJNCB3IHOADPFXQ/?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brick-universe.cf/ 		164 KB
164 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brick-universe.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9a57e184e681eab412fb6784181cb7e9a4f8591132240555b9e7b87bb1e789a9

Request headers

:method
GET
:authority
brick-universe.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 21:52:58 GMT
set-cookie
__cfduid=d0220a51240f513bd420a24f5444b586b1614376377; expires=Sun, 28-Mar-21 21:52:57 GMT; path=/; domain=.brick-universe.cf; HttpOnly; SameSite=Lax; Secure
x-powered-by
Express
cf-cache-status
DYNAMIC
cf-request-id
0881edb6440000177aaa083000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cm3NDR5TxysQtjuonYQZqAQHAo5beu0Y2eMc1LdCLmrZrxmQ3CuIG2zUbxQ7hSWfXkwORlfha4OiWICUfYQfB6al7beNWCRexeDRM3ZTihdyQTovBwkXYZYpiJIc3Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
627ce56a0af7177a-FRA
css2
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39d372879ca4b9ae07ecefed2b563dd152bb15e68965615b165c4e39a2dfaf91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 20:58:02 GMT
server
ESF
date
Fri, 26 Feb 2021 21:52:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Feb 2021 21:52:58 GMT
css2
fonts.googleapis.com/ 		10 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
960593b414639f9d296e278caba851fff6e137f6c05812c2882f8989a85e4442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 21:52:58 GMT
server
ESF
date
Fri, 26 Feb 2021 21:52:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Feb 2021 21:52:58 GMT
roundtrip.js
s.adroll.com/j/AWXDKDCOJNCB3IHOADPFXQ/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/AWXDKDCOJNCB3IHOADPFXQ/roundtrip.js
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
160ade31f0ee1d5bc5c596f73884eca6c933d44f4aafdf8c7665610c9758b881

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
af.F_eG2wFUPBAh9_tEp2A8qGkNTFyXw
Content-Encoding
gzip
ETag
"abe437c4eec98730cc5e064b06838433"
x-amz-request-id
ASB7GHG1RSN3YTMX
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13813
x-amz-id-2
qIq4SBTFQbyKkZPm3/JOsQZZJ00lfB1A1R8pah8VhkrhpVmGrLoQzFSdZlJvbOlD9d29oes5ObM=
Last-Modified
Fri, 26 Feb 2021 16:40:18 GMT
Server
AmazonS3
Date
Fri, 26 Feb 2021 21:52:58 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 21:52:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1986682
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17532
cf-request-id
0881edb7fa00000ea78124b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-10c4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V4%2Bu0EpqairgpgNZ3PPoSMUq7FYBZx9ZxIxjlBLbxtOsyeFJ9JTbmcmoSBkgGRQZ5B71cS4uowfHVQ2shuQtM0uS%2BEvVDXWyrJLGjDCcAIVjeRy%2BAYuyvxghdWm1cCG%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
627ce56cce270ea7-FRA
expires
Wed, 16 Feb 2022 21:52:58 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/AWXDKDCOJNCB3IHOADPFXQ/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
A6E4D842C4F3666B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified
Tue, 19 Jan 2021 16:25:36 GMT
Server
AmazonS3
Date
Fri, 26 Feb 2021 21:52:58 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 26 Feb 2021 21:52:58 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
/
d.adroll.com/consent/check/AWXDKDCOJNCB3IHOADPFXQ/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/AWXDKDCOJNCB3IHOADPFXQ?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2
  • https://d.adroll.com/consent/check/AWXDKDCOJNCB3IHOADPFXQ/?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2
385 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/AWXDKDCOJNCB3IHOADPFXQ/?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c3db376399c73cf8d46cf4dc8380ecc0dfef081421d2304507678d323cb2e96c

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 21:52:58 GMT
server
nginx/1.18.0
content-length
385
content-type
application/javascript

Redirect headers

location
https://d.adroll.com/consent/check/AWXDKDCOJNCB3IHOADPFXQ/?_s=27907646a37d9e3e94e7928bd4b5f183&_b=2
date
Fri, 26 Feb 2021 21:52:58 GMT
server
nginx/1.18.0
content-length
105
/
brick-universe.cf/socket.io/ 		51 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brick-universe.cf/socket.io/?EIO=3&transport=polling&t=NVWLA1O
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f556d9b08cfc6ee8778c6e831a3f88037e31b4e6e9f17328001597d9f16f3479

Request headers

Accept
*/*
Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0881edb85b0000177addbea000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Fri, 26 Feb 2021 21:52:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A%2FKzj50DRbNU4RJ4OOFgled65JYUGhqu4MmT21HEEqLfdIne8pAvICTZUpP757H3aqlF6JiCbUm3LOZxjVWPqWUssEMvLNBN2D5fgmBMxwDYbA65nggDNzpgaoRf7g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
cf-ray
627ce56d5e93177a-FRA
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://brick-universe.cf
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
64460
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
consent_tcfv2.js
s.adroll.com/j/ 		397 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/AWXDKDCOJNCB3IHOADPFXQ/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding
gzip
ETag
"1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id
A69171E1B091337A
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
55575
x-amz-id-2
yoIlukz3YEvOBK1HxwlkbNJJLFooR6oknblZSheWVr9zxlfX0UE6Ma9blKUgz71LTXOgFW39Yjs=
Last-Modified
Mon, 07 Dec 2020 23:59:35 GMT
Server
AmazonS3
Date
Fri, 26 Feb 2021 21:52:58 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://brick-universe.cf
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
278953
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:23:45 GMT
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9940d8d099df242dca63812bd833fe9f4cb0240d318c9709ea62cadba7b1ee7a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
5f9d88cf285ca2d1e7885c5f
brick-universe.cf/CDN/ 		315 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brick-universe.cf/CDN/5f9d88cf285ca2d1e7885c5f
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ccebaa16067f973e7019c4972ff28aa3f01da8a12bafc3b21630bd2a1651a05d

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0881edb8ce0000177a8a1eb000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eEJf9CTHIMx4LNH8KFu3zN801e2%2BWoiBh7ygLsC6%2FzHkOwbwPOU1hjmi7%2BGVkxAchkGo4GIFAdxanzcTrfX5wEJDcoR22G0qFQCFuG3ViVGmvS1gLckrLW8yuUcq6Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
date
Fri, 26 Feb 2021 21:52:58 GMT
cf-ray
627ce56e1f31177a-FRA
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://brick-universe.cf
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:17:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
41727
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:17:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://brick-universe.cf
Referer
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
41632
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v36/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://brick-universe.cf
Referer
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 12:26:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:32:04 GMT
server
sffe
age
206775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Thu, 24 Feb 2022 12:26:43 GMT
favicon-32x32.png
nextroll.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nextroll.com/favicon-32x32.png
Requested by
Host: brick-universe.cf
URL: https://brick-universe.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.26.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-26-222.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:52:58 GMT
Via
1.1 vegur
Last-Modified
Thu, 25 Feb 2021 20:35:58 GMT
Server
Apache
Etag
"64f-5bc2f19546780"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1615
/
brick-universe.cf/socket.io/ 		51 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brick-universe.cf/socket.io/?EIO=3&transport=polling&t=NVWLAKa
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f556d9b08cfc6ee8778c6e831a3f88037e31b4e6e9f17328001597d9f16f3479

Request headers

Accept
*/*
Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0881edbd280000177aec8db000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Fri, 26 Feb 2021 21:52:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dn25GncebTxaZlzHBRgzy6klTT4GpZEigSsd1btaE2CrsudMEbvXiYYCMmtiP2xMJwwv%2BGpn18OxHH46X%2FJ4o3LFgRMQEVBLZpBT%2FbpK%2B%2FXmeXMtnzyyOoYAXT7wlQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
cf-ray
627ce5750df1177a-FRA
/
brick-universe.cf/socket.io/ 		51 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brick-universe.cf/socket.io/?EIO=3&transport=polling&t=NVWLB0I
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f556d9b08cfc6ee8778c6e831a3f88037e31b4e6e9f17328001597d9f16f3479

Request headers

Accept
*/*
Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0881edc8150000177ab88ce000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Fri, 26 Feb 2021 21:53:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k7OtMGv2XlZXVpIBuaOniBoWDhAdTo9S9eHeUsr%2FcAt6EVCaUAfaweneBnkH2y8J2mdnSnJo2ZXOruKdXFqUz%2BdWtoKDvSHjK3OXemjJLbuGiiY%2BL1rVD3mjE4mTeA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
cf-ray
627ce5868e01177a-FRA
/
brick-universe.cf/socket.io/ 		51 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brick-universe.cf/socket.io/?EIO=3&transport=polling&t=NVWLCfm
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a74f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f556d9b08cfc6ee8778c6e831a3f88037e31b4e6e9f17328001597d9f16f3479

Request headers

Accept
*/*
Referer
https://brick-universe.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0881ede2730000177af6338000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Fri, 26 Feb 2021 21:53:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z%2B9mPxs%2BJZvqhZ57wBWYe6%2BG3ZfPvTABQDu05ErOrEY3X8lWKavYhK2ycUT2dvm7sL6HxxZ%2FcuzSLdshvpp7tc2wuQMp0U%2BbIhafxmR8dYgg46rtrzluPBN6Jauh0Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
cf-ray
627ce5b0bdac177a-FRA

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| __adroll__ string| adroll_sid object| dataLayer object| __adroll function| __cmp function| adroll_tpc_callback function| io string| currentSearch function| openPopup function| closePopup function| load2FA function| check2FA function| addEvidence function| banUser function| toggle2FA function| get2FA function| addZero function| openModel function| closeModel function| openMobileMenu function| closeMobileMenu function| getBase64 function| createCommunity function| createThread function| formatDate function| loadLink function| loadLinkNoURL function| openTab function| spinWheel function| submitLogin function| verify2FA function| logout function| search function| headerSearch function| markATag function| displayError object| evidence object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

1 Cookies

Domain/Path Name / Value
.brick-universe.cf/ Name: __cfduid
Value: d0220a51240f513bd420a24f5444b586b1614376377

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brick-universe.cf
cdnjs.cloudflare.com
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
nextroll.com
s.adroll.com
174.129.26.222
2.18.233.40
2606:4700:3036::ac43:a74f
2606:4700::6810:125e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
63.35.200.21
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
160ade31f0ee1d5bc5c596f73884eca6c933d44f4aafdf8c7665610c9758b881
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
39d372879ca4b9ae07ecefed2b563dd152bb15e68965615b165c4e39a2dfaf91
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa
960593b414639f9d296e278caba851fff6e137f6c05812c2882f8989a85e4442
9940d8d099df242dca63812bd833fe9f4cb0240d318c9709ea62cadba7b1ee7a
9a57e184e681eab412fb6784181cb7e9a4f8591132240555b9e7b87bb1e789a9
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
c3db376399c73cf8d46cf4dc8380ecc0dfef081421d2304507678d323cb2e96c
ccebaa16067f973e7019c4972ff28aa3f01da8a12bafc3b21630bd2a1651a05d
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
f556d9b08cfc6ee8778c6e831a3f88037e31b4e6e9f17328001597d9f16f3479
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52