urlscan.io logo urlscan.io
SecurityTrails logo

www.beetle-clicks.biz Open in urlscan Pro
2606:4700:3035::ac43:9876  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://router.adhoc4.net/click/k5/v9q17KKObhN6/?sub_id=k6M4OBgJPjTOvbe8K&var1=eakfp&var2=k6M4OBgJPjTOvbe8K&var3=agn_82
Effective URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Submission: On February 14 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::ac43:9876, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.beetle-clicks.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.
This is the only time www.beetle-clicks.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.157.74.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
router.adhoc4.net
1    2606:4700:3035::6815:5036 (United States)

ASN13335 (CLOUDFLARENET, US)
www.friendlyduck.com
10    2606:4700:3035::ac43:9876 (United States)

ASN13335 (CLOUDFLARENET, US)
www.beetle-clicks.biz
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
10 beetle-clicks.biz
www.beetle-clicks.biz
212 KB
2 gstatic.com
fonts.gstatic.com
27 KB
2 doubleclick.net
stats.g.doubleclick.net
17 KB
1 google.de
www.google.de
505 B
1 google.com
www.google.com
175 B
1 googleapis.com
fonts.googleapis.com
744 B
1 friendlyduck.com
www.friendlyduck.com
1 KB
1 adhoc4.net
router.adhoc4.net
397 B
12 8
Domain Requested by
10 www.beetle-clicks.biz 3 redirects www.beetle-clicks.biz
2 fonts.gstatic.com fonts.googleapis.com
2 stats.g.doubleclick.net 1 redirects www.beetle-clicks.biz
1 www.google.de www.beetle-clicks.biz
1 www.google.com 1 redirects
1 fonts.googleapis.com www.beetle-clicks.biz
1 www.friendlyduck.com 1 redirects
1 router.adhoc4.net 1 redirects
12 8

This site contains links to these domains. Also see Links.

Domain
www.usenet.nl
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Frame ID: D9D1E2E65DE557F1767CAE9FC8E649E3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://router.adhoc4.net/click/k5/v9q17KKObhN6/?sub_id=k6M4OBgJPjTOvbe8K&var1=eakfp&var2=k6M4OBgJPjTO... HTTP 303
    http://www.friendlyduck.com/AF_TA/rel/index.cfm?RST=UNF&TAD=439280&fn=Your.Video&SubID=1NY7z14m6MMnQ1Be1... HTTP 302
    http://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYl... HTTP 301
    https://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYl... HTTP 302
    http://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280 HTTP 301
    https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

12
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

255 kB
Transfer

848 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://router.adhoc4.net/click/k5/v9q17KKObhN6/?sub_id=k6M4OBgJPjTOvbe8K&var1=eakfp&var2=k6M4OBgJPjTOvbe8K&var3=agn_82 HTTP 303
    http://www.friendlyduck.com/AF_TA/rel/index.cfm?RST=UNF&TAD=439280&fn=Your.Video&SubID=1NY7z14m6MMnQ1Be12nRN4WaIb_v9q17KKObhN6 HTTP 302
    http://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYlSCgyNEdMSSsnK147PUg%2BKE4gR0dGUTU7VSs1SQpNSCktQ1IqUjI4LkRVSDEtPl8qO0hJSzwsI1tePUwoVTFDKlxbTjk%2BWEwlKDlATFYwQkEgVTBHQyo0KkYhCk1NKkknRDlJNkc5PlUkOE46Tks5W046SytDR0AlSVsxVjcoLiEiLV8xTiZCSVg7PD9TQC81Pl46KkJVXzsKQiNAMy5FUFIjVU9UMSFaOlksOjo%2FRV9eLT4hRzo8QT5PTypBWSBYXDFCOCRQIkAgIAo%3D&FN=Your%2EVideo HTTP 301
    https://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYlSCgyNEdMSSsnK147PUg%2BKE4gR0dGUTU7VSs1SQpNSCktQ1IqUjI4LkRVSDEtPl8qO0hJSzwsI1tePUwoVTFDKlxbTjk%2BWEwlKDlATFYwQkEgVTBHQyo0KkYhCk1NKkknRDlJNkc5PlUkOE46Tks5W046SytDR0AlSVsxVjcoLiEiLV8xTiZCSVg7PD9TQC81Pl46KkJVXzsKQiNAMy5FUFIjVU9UMSFaOlksOjo%2FRV9eLT4hRzo8QT5PTypBWSBYXDFCOCRQIkAgIAo%3D&FN=Your%2EVideo HTTP 302
    http://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280 HTTP 301
    https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=678567390&utmhn=www.beetle-clicks.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=www.beetle-clicks.biz&utmhid=1006119518&utmr=-&utmp=%2FLP_TA%2Findex.cfm%3FT%3D439280&utmht=1613275428181&utmac=UA-20720146-3&utmcc=__utma%3D263359882.935377930.1613275428.1613275428.1613275428.1%3B%2B__utmz%3D263359882.1613275428.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=2093782263&utmredir=3&utmu=qBQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390&slf_rd=1&random=4272436651

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.cfm
www.beetle-clicks.biz/LP_TA/
Redirect Chain
  • https://router.adhoc4.net/click/k5/v9q17KKObhN6/?sub_id=k6M4OBgJPjTOvbe8K&var1=eakfp&var2=k6M4OBgJPjTOvbe8K&var3=agn_82
  • http://www.friendlyduck.com/AF_TA/rel/index.cfm?RST=UNF&TAD=439280&fn=Your.Video&SubID=1NY7z14m6MMnQ1Be12nRN4WaIb_v9q17KKObhN6
  • http://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYlSCgyNEdMSSsnK147PUg%2BKE4gR0dGUTU7VSs1SQpNSCktQ1IqUjI4LkRVSDEtPl8qO0hJSzwsI1tePUwoVTFDKlxbTj...
  • https://www.beetle-clicks.biz/LP_TA/index.cfm?CTP=AF%5FTA%2CTSYqLzdTL1MtUFglIFEoJy4sT1QuM1ohWiNKR1E%2BKzYlSCgyNEdMSSsnK147PUg%2BKE4gR0dGUTU7VSs1SQpNSCktQ1IqUjI4LkRVSDEtPl8qO0hJSzwsI1tePUwoVTFDKlxbT...
  • http://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
  • https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
148708ea6c87bdea92eb942a6d14d3a6012ac319de85f32e74f1f6f35894d410
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.beetle-clicks.biz
:scheme
https
:path
/LP_TA/index.cfm?T=439280
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d5939bc56f33b64791498f3d6062226231613275427; SNUUID=9EB57409-ECE2-40EC-495DF663DF491D5C; LPTA=0EXXInqXwWeZpdw1SvzAbQ%3D%3D%2CE2B19FCCD6CD6FA71AFB7AA800AA396B61DDF791E5693C314BC8F80B8706C757C0B1497793469F977DB6DC888DC26EA439BD99918450E88355FEB3286E826F9EC194BFB1DF47726437D2783D7398993722D6A0D9F7C7584DD984EDA29E756F3A368E0270B573548AFB2B93E5C472AF350D35DDCF3853D9D47636BC91CAC199E50BFC53EA7C8F20096B721296C69FCFCB233FF9FD44D2D1537544A97BD59C31FBE81C8E1275222FBFFB9C95F308BDB789F3418233938D271CF3C69625470C1E9B4C479AF5FFC90227F4245AD214955E309816D7A10EB651E2D673D78C9D83910163EB7BDB94AD87E0925AA5201F543AAF6026C0EC44D056639C373C77BF15C17A5E321FBDA36D92476FD382606FF840581666B67963FCE003CDF9EEA210DBC5FA909E29121C17CC0A43C9EBBD1D41BA3A0B99F4CE0D463666848ACF4DCD1A042AAA063568D3978D0260E6A6F00AE081DF4BCEFEE1A3AE87E98F865AF288544945C2F83CC1669B023F6CD03FBADD63579646FA833784694E8D477ABBD06A64E646
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
LPTA=;domain=.beetle-clicks.biz;expires=Fri, 14-Feb-2020 04:03:48 GMT;path=/
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-server
unf-shop-ma-1
cf-cache-status
DYNAMIC
cf-request-id
08404e8c4d0000d6c55821d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FSUW%2BBgFpjeSD0Kg09cw7%2FmGxmbdR%2B5ny2UQipNQhrSWkrRzcHTVO%2F7cjVN76FnytSSlsPvtL%2Bl9POqibCUTmO1aLwWBDyHDFuigWmaP13Tb80q2UkNhSWXUFeDfjAVls%2FI%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6213e6c07a30d6c5-FRA
content-encoding
br

Redirect headers

Date
Sun, 14 Feb 2021 04:03:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 14 Feb 2021 05:03:47 GMT
Location
https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
cf-request-id
08404e8c3f00004ab63e288000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dYRSfmkuEy5wEDPzKKgTKk%2Bk5bCxuv89%2BEtRWOIkmhwnXFQ6cIcxrWJMQ5jYBtZCBmUkuck%2Bp8iSEVheksTkeCJ%2BdnycaQZV0Tt%2FnWxrP0s%2BNhoYWx41YEx3NAMZYh9BSKs%3D"}],"max_age":604800,"group":"cf-nel"}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6213e6c068924ab6-FRA
css
fonts.googleapis.com/ 		7 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0bd71b25fb5700ca65bc0974b117bc001d0998d3ad1298ec80d169ccebddf75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 14 Feb 2021 03:39:07 GMT
server
ESF
date
Sun, 14 Feb 2021 04:03:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Feb 2021 04:03:48 GMT
style.min.css
www.beetle-clicks.biz/LP_TA/Resources/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/LP_TA/Resources/css/style.min.css
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c911844f38658b78ef1b3f497ffadf833345a742b39325f274b370d62ad33e1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3627
x-powered-by
ASP.NET
cf-request-id
08404e8ce70000d6c590986000000001
last-modified
Tue, 13 Oct 2020 07:18:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"12b0981431a1d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8uEQWH087u1IMMyaKY571CT3E3XsPC2wcQkWu358kLGiHVYhxDd0D%2FUz%2F%2B%2BsWyTmG9P2cFlxqQtWkjKy0WdZcdgbaWfj6%2BbStr9Uo7XLvm7Rap%2BCzTuL2UbJmKEuxynMXvo%3D"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
x-server
unf-shop-ma-5
cf-ray
6213e6c17acad6c5-FRA
jquery-1.8.2.min.js
www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/jquery-1.8.2.min.js
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3627
x-powered-by
ASP.NET
cf-request-id
08404e8ce70000d6c57d928000000001
last-modified
Tue, 13 Oct 2020 07:19:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"08a61f31a1d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rGOSqTN1tCVX7oFPZLO7PO9AxDT3fMgNcIG19VZmTCiqLGU%2F3BbjdU5l2maL0sOBxbYyqrkwdXZHZ3ZafrdFx%2F1CL4vavgfD5WeJ7eWX9Zed0OJI96ZdMLyyeJpKDFbOfU8%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
x-server
unf-shop-ma-6
cf-ray
6213e6c17acbd6c5-FRA
script.js
www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/ 		1 KB
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/script.js
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ed3866b7194ce11ff916dcd7f01b8b25c0325ed5e4816555b214fe081666692c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3627
x-powered-by
ASP.NET
cf-request-id
08404e8ce80000d6c58536d000000001
last-modified
Thu, 10 Sep 2020 08:25:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e0a363fa4b87d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lrk%2Bsm3U%2BGUHga3CuN2UGGMNUJlz2n1mOH2pCTtoImPZik1c74KFP4xRCtFASCcaYQy3ajpDOVN14GdnbroYBQdKdVCpAowSApY2LQKQCj0OdOd9YkIagmYO2GznZBIRop0%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
x-server
unf-shop-ma-0
cf-ray
6213e6c17acdd6c5-FRA
jquery-ui.min.js
www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/ 		232 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/RESOURCE/memberarea/skin/lya/js/jquery-ui.min.js
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3627
x-powered-by
ASP.NET
cf-request-id
08404e8ce80000d6c58b2ea000000001
last-modified
Tue, 13 Oct 2020 07:17:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"809418d830a1d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zo9D5ZlbRMLE8UD35gvw%2Fc0dRq0zEDgpJGfC3VZbrcjvqvHz0kmt6jDGHUcFR6B9Vq8bPPcjh2QyhAicqfHiGMWoPrW32A2MDVYV%2FzefP%2FXloylaDHx0%2Bg%2FwfcF2nCZGPUE%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
x-server
unf-shop-ma-4
cf-ray
6213e6c17aced6c5-FRA
unf-base.min.js
www.beetle-clicks.biz/RESOURCE/shop/skin/v3/js/ 		274 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.beetle-clicks.biz/RESOURCE/shop/skin/v3/js/unf-base.min.js
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7611f8c83f6e923d161f54b23eb9d77627903617d17e253010c00196465f9472
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
cf-request-id
08404e8ce90000d6c54c125000000001
last-modified
Fri, 29 May 2020 10:03:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0456967a035d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0t5vNC%2Fba7EQPlzwSvb%2BQB6ldgBLMLlo3GwA%2FY7WVdbH2hWuWlHhqkkgCDz9VoTTy86liF%2FinJeP2qUZ307543aOQDKO%2FMq9nzomsSoQHoKy%2FlUEtDRpnBKIzpNq%2FgJmogg%3D"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
x-server
unf-shop-ma-2
cf-ray
6213e6c17ad1d6c5-FRA
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2073
date
Sun, 14 Feb 2021 03:29:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 14 Feb 2021 05:29:15 GMT
index.png
www.beetle-clicks.biz/unf/RESOURCE/shop/skin/v3/img/Customization/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.beetle-clicks.biz/unf/RESOURCE/shop/skin/v3/img/Customization/index.png
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/Resources/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9876 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
91f3ad0cdebf050a84f35fd8deaa5f085463e69991ffe1e59513f57c49ecc1ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.beetle-clicks.biz/LP_TA/Resources/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 14 Feb 2021 04:03:48 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3627
x-powered-by
ASP.NET
content-length
4825
cf-request-id
08404e8d250000d6c5d9b31000000001
last-modified
Tue, 13 Oct 2020 07:19:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"e1deec2031a1d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vD1AEWGPa%2FRSYdmUXinFT95Zdi%2FDNdYtddd3RO3UmcB%2Bl2kYVvG6T0rTKPkh4GsPO7KKF%2BDX%2BRhtlN22QbSlwxc1KzpaRcYlomhDH8Z7qWTRwWAmHh3vigDHv%2BK1%2BMPDKpo%3D"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
x-server
unf-shop-ma-6
accept-ranges
bytes
cf-ray
6213e6c1db0cd6c5-FRA
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.beetle-clicks.biz
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 16:23:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:01 GMT
server
sffe
age
474020
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Tue, 08 Feb 2022 16:23:28 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.beetle-clicks.biz
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 16:21:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:11 GMT
server
sffe
age
474132
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14096
x-xss-protection
0
expires
Tue, 08 Feb 2022 16:21:36 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=678567390&utmhn=www.beetle-clicks.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390&slf_rd=1&random=4272436651
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390&slf_rd=1&random=4272436651
Requested by
Host: www.beetle-clicks.biz
URL: https://www.beetle-clicks.biz/LP_TA/index.cfm?T=439280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Feb 2021 04:03:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Feb 2021 04:03:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20720146-3&cid=935377930.1613275428&jid=2093782263&_v=5.7.2dc&z=678567390&slf_rd=1&random=4272436651
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _gaq function| $ function| jQuery function| toggleRow function| toggleRowWithoutImage function| DP_jQuery_1613275428123 object| _gat object| gaGlobal function| popup boolean| isMobile boolean| isTablet boolean| isDesktop boolean| isLarge function| windowInfo string| handleClick object| regexEmail function| detectBrowser undefined| msViewportStyle function| accordionHighlight object| cookieconsent object| IBAN object| Modernizr

7 Cookies

Domain/Path Name / Value
.www.beetle-clicks.biz/ Name: __utmz
Value: 263359882.1613275428.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.www.beetle-clicks.biz/ Name: __utmt
Value: 1
www.beetle-clicks.biz/ Name: SNUUID
Value: 9EB57409-ECE2-40EC-495DF663DF491D5C
.www.beetle-clicks.biz/ Name: __utmc
Value: 263359882
.www.beetle-clicks.biz/ Name: __utmb
Value: 263359882.1.10.1613275428
.www.beetle-clicks.biz/ Name: __utma
Value: 263359882.935377930.1613275428.1613275428.1613275428.1
.beetle-clicks.biz/ Name: __cfduid
Value: d5939bc56f33b64791498f3d6062226231613275427

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
router.adhoc4.net
stats.g.doubleclick.net
www.beetle-clicks.biz
www.friendlyduck.com
www.google.com
www.google.de
2606:4700:3035::6815:5036
2606:4700:3035::ac43:9876
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9c
35.157.74.22
148708ea6c87bdea92eb942a6d14d3a6012ac319de85f32e74f1f6f35894d410
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
7611f8c83f6e923d161f54b23eb9d77627903617d17e253010c00196465f9472
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
91f3ad0cdebf050a84f35fd8deaa5f085463e69991ffe1e59513f57c49ecc1ea
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c0bd71b25fb5700ca65bc0974b117bc001d0998d3ad1298ec80d169ccebddf75
c911844f38658b78ef1b3f497ffadf833345a742b39325f274b370d62ad33e1e
ed3866b7194ce11ff916dcd7f01b8b25c0325ed5e4816555b214fe081666692c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc