urlscan.io logo urlscan.io
SecurityTrails logo

www.kwitt.de Open in urlscan Pro
159.69.104.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://geld-empfangen.sparkasse.de/
Effective URL: https://www.kwitt.de/
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 25 HTTP transactions. The main IP is 159.69.104.58, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.kwitt.de.
TLS certificate: Issued by R3 on April 4th 2022. Valid for: 3 months.
This is the only time www.kwitt.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 212.34.68.186 12316 (FITSNET F...)
14 159.69.104.58 24940 (HETZNER-AS)
3 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.66.132 54113 (FASTLY)
1 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 15.237.153.37 16509 (AMAZON-02)
1 13.38.204.92 16509 (AMAZON-02)
25 8
2    212.34.68.186 (Nuremberg, Germany)

ASN12316 (FITSNET FITS Internet Backbone, DE)
PTR: geld-empfangen.sparkasse.de
geld-empfangen.sparkasse.de
geld-empfangen-giropay.kwitt.de
14    159.69.104.58 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedivirt1267.your-server.de
www.kwitt.de
3    2a02:26f0:11a::6867:4851 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
cdn.tagcommander.com
1    2a02:26f0:10e::6860:5bb9 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    15.237.153.37 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-153-37.eu-west-3.compute.amazonaws.com
engage.commander1.com
1    13.38.204.92 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-204-92.eu-west-3.compute.amazonaws.com
privacy.trustcommander.net
Apex Domain
Subdomains		 Transfer
15 kwitt.de
geld-empfangen-giropay.kwitt.de
www.kwitt.de
356 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1007
p.typekit.net — Cisco Umbrella Rank: 1232
49 KB
2 commander1.com
engage.commander1.com — Cisco Umbrella Rank: 78535
1 KB
2 tagcommander.com
cdn.tagcommander.com — Cisco Umbrella Rank: 14252
27 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
18 KB
1 trustcommander.net
privacy.trustcommander.net — Cisco Umbrella Rank: 29921
529 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
40 KB
1 sparkasse.de
geld-empfangen.sparkasse.de
261 B
25 8
Domain Requested by
14 www.kwitt.de www.kwitt.de
3 use.typekit.net www.kwitt.de
use.typekit.net
2 engage.commander1.com 1 redirects www.kwitt.de
2 cdn.tagcommander.com www.kwitt.de
cdn.tagcommander.com
2 cdnjs.cloudflare.com www.kwitt.de
1 privacy.trustcommander.net cdn.tagcommander.com
1 www.googletagmanager.com cdn.tagcommander.com
1 p.typekit.net use.typekit.net
1 geld-empfangen-giropay.kwitt.de 1 redirects
1 geld-empfangen.sparkasse.de 1 redirects
25 10

This site contains links to these domains. Also see Links.

Domain
www.vr.de
sparkasse.de
www.giropay.de
www.sparkasse.de
www.google.de
www.facebook.com
site.adform.com
Subject Issuer Validity Valid
kwitt.de
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.tagcommander.com
Thawte RSA CA 2018		 2022-03-09 -
2023-04-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.trustcommander.net
Thawte RSA CA 2018		 2022-03-09 -
2023-04-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.kwitt.de/
Frame ID: 0D6A7C7833A3212BAC897C8596FF0608
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kwitt

Page URL History Show full URLs

  1. https://geld-empfangen.sparkasse.de/ HTTP 301
    https://geld-empfangen-giropay.kwitt.de/ HTTP 302
    https://www.kwitt.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • hammer(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.tagcommander\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

491 kB
Transfer

684 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://geld-empfangen.sparkasse.de/ HTTP 301
    https://geld-empfangen-giropay.kwitt.de/ HTTP 302
    https://www.kwitt.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://engage.commander1.com/reach?tc_s=2792 HTTP 307
  • https://engage.commander1.com/reach?tc_firsttime=1&tc_s=2792

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kwitt.de/
Redirect Chain
  • https://geld-empfangen.sparkasse.de/
  • https://geld-empfangen-giropay.kwitt.de/
  • https://www.kwitt.de/
48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
e803a08eefd0c7c8ad8677e5c51d85c21e8194b0c153c3da7af9fc9d254124ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 May 2022 08:17:27 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
204
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 05 May 2022 08:17:26 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.kwitt.de
Server
Apache
zxw4akv.css
use.typekit.net/ 		2 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/zxw4akv.css
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
be0c1d696e82e8c175c999b38fbfb4881817dbb389c7d90634f68bbbd339da05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 05 May 2022 08:17:27 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
638
main.css
www.kwitt.de/css/ 		66 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/css/main.css?v20210504
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
17bfe08ca734570ce8f82fff3c6d2ccfcaa3b0ca42885a3266b42eb2c466e4cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:51 GMT
server
Apache
accept-ranges
bytes
etag
"1094d-5c1f33f9a774d"
content-length
67917
content-type
text/css
vr.svg
www.kwitt.de/images/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kwitt.de/images/logos/vr.svg
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
fe29db2f67f683ab8556de1ab880eba55a0f63931eb8fdd917cc141ed42dd515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:54 GMT
server
Apache
accept-ranges
bytes
etag
"5d4-5c1f33fbbcab6"
content-length
1492
content-type
image/svg+xml
sk.svg
www.kwitt.de/images/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kwitt.de/images/logos/sk.svg
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
375ecfe47ac7a7a97388b72378f62f5706e092c75fd154915b4abb6471fa39ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:54 GMT
server
Apache
accept-ranges
bytes
etag
"933-5c1f33fbe89da"
content-length
2355
content-type
image/svg+xml
transition_logo.svg
www.kwitt.de/images/logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kwitt.de/images/logos/transition_logo.svg
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
0c224657461a51d98fa733f0d47f8bbcc008e63c5eab04671adfae108367bfe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:54 GMT
server
Apache
accept-ranges
bytes
etag
"2723-5c1f33fbc18d7"
content-length
10019
content-type
image/svg+xml
qr.png
www.kwitt.de/images/teaser/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kwitt.de/images/teaser/qr.png
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
239dee958159ba6eedf6e3d77564ae9cd9bf1f097b8f36d48f8c1ef7f5c0d312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:56 GMT
server
Apache
accept-ranges
bytes
etag
"18bd-5c1f33fe32908"
content-length
6333
content-type
image/png
hammer.js
cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/ 		72 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/hammer.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c777ac5c4c0cd9cce49404a6228b2e5f244ab0ee1b97a0a9c864ef9f33e7d8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kwitt.de/
Origin
https://www.kwitt.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2081079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14965
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e72-12040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLWFaOITQjHJDAPqfnwt4uoBv6r1NUY4LAXp%2FAlfKgsslsmCy0ct3qtksudc%2FtcG7TQnZ0TxuVUqNtTPCeU%2F2v9%2Fcp66TLRBxFyasSbHovRD%2FWBjj%2FE%2Bm6IP2rKTwi7ZEIDmXO2vscloKYKGwxgIArxO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70680a30f9a19140-FRA
expires
Tue, 25 Apr 2023 08:17:27 GMT
bowser.min.js
cdnjs.cloudflare.com/ajax/libs/bowser/1.6.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bowser/1.6.1/bowser.min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df36faa8c0da70e17455582d9546a49749d3b4053b285f85f706d90be77e3ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20237425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2264
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d90-1a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnsBlwB%2BT5ySV77igPMRR3Ji0vkkcSJLE4IzXvPrVmRCZ7lt1t7bkGIUldS%2Brx28OtxHND828yzDEDnSrqRx3LytVfBv7aEnY6ReJKU4i8xaInJonkIhT%2BGh%2F3vuz5eVDQCBLmOGllYL%2BIqBO%2FQ0MnrR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70680a314c179975-FRA
expires
Tue, 25 Apr 2023 08:17:27 GMT
jquery-3.5.1.min.js
www.kwitt.de/assets/js/vendor/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/jquery-3.5.1.min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:02 GMT
server
Apache
accept-ranges
bytes
etag
"15d84-5c1f3403debd9"
content-length
89476
content-type
application/javascript
underscore-min.js
www.kwitt.de/assets/js/vendor/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/underscore-min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:02 GMT
server
Apache
accept-ranges
bytes
etag
"4041-5c1f3403b2cb6"
content-length
16449
content-type
application/javascript
backbone-min.js
www.kwitt.de/assets/js/vendor/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/backbone-min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
d1ab688fac5538952804cf15a793c5cb0c0b2c4f9a365dacbe2e10f54599f9d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:01 GMT
server
Apache
accept-ranges
bytes
etag
"5b3b-5c1f34031e5aa"
content-length
23355
content-type
application/javascript
slick.min.js
www.kwitt.de/assets/js/vendor/ 		52 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/slick.min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:02 GMT
server
Apache
accept-ranges
bytes
etag
"cfbc-5c1f34042701f"
content-length
53180
content-type
application/javascript
clipboard.min.js
www.kwitt.de/assets/js/vendor/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/clipboard.min.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:02 GMT
server
Apache
accept-ranges
bytes
etag
"282e-5c1f34037e0f1"
content-length
10286
content-type
application/javascript
jquery.scrolldepth.js
www.kwitt.de/assets/js/vendor/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/vendor/jquery.scrolldepth.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
e84f26e039fa6e675a4f55491555e2df0c688340d6e3c5ffa16f52ec8f1e4e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:02 GMT
server
Apache
accept-ranges
bytes
etag
"24dc-5c1f34043e721"
content-length
9436
content-type
application/javascript
main.js
www.kwitt.de/assets/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kwitt.de/assets/js/main.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
67810212c8e50557711b6cf9a7d6dc3b31de5ca0b99c52e1562956ffe8de888f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:42:52 GMT
server
Apache
accept-ranges
bytes
etag
"5097-5c1f33fa9e880"
content-length
20631
content-type
application/javascript
tc_kwittRel.js
cdn.tagcommander.com/2792/uat/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/2792/uat/tc_kwittRel.js
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b683e1f6f828fcffa4fd13e181f2aa20f6808ce547a6f4c8d8e372d44de2b7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
content-encoding
gzip
x-cdn
FASTLY
age
0
via
1.1 varnish
x-cache
HIT
access-control-max-age
31536000
content-length
14737
x-amz-id-2
VlP/0kYJRkGK6D2LnlotP4cUHq/y5r6NZAQuh4jpApnUGczwrf2Z92pqifPm1FPo9gIj394qbJ0=
x-served-by
cache-hhn4079-HHN
last-modified
Fri, 04 Dec 2020 19:00:00 GMT
server
AmazonS3
x-timer
S1651738648.502127,VS0,VE59
etag
"7ff8c52c82eeb6d0a7e3f4ec18492ee5"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
x-amz-request-id
AJBBZKZ5CQ1N69KZ
access-control-allow-origin
*
cache-control
max-age=86400,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=zxw4akv&ht=tk&f=6844.6846&a=84586962&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zxw4akv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e::6860:5bb9 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Sat, 16 Oct 2021 05:50:56 GMT
server
nginx
etag
"616a6840-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
icon_close_active.svg
www.kwitt.de/assets/img/decoration/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kwitt.de/assets/img/decoration/icons/icon_close_active.svg
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/css/main.css?v20210504
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
159.69.104.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedivirt1267.your-server.de
Software
Apache /
Resource Hash
2573d10f6b44a2f046a5fe829a27c88bcb63a016b6accbecbe485fde464b98e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/css/main.css?v20210504
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
last-modified
Mon, 10 May 2021 05:43:09 GMT
server
Apache
accept-ranges
bytes
etag
"4b8-5c1f340a30ef8"
content-length
1208
content-type
image/svg+xml
l
use.typekit.net/af/95c20a/0000000000000000000170a0/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/95c20a/0000000000000000000170a0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zxw4akv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e65228fd53d195ff2a6a8baebd8c44af63a8d7de0bacb3b411effb46591d074a

Request headers

Referer
https://use.typekit.net/zxw4akv.css
Origin
https://www.kwitt.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
server
nginx
etag
"0235bfe611d569e0b23d1aff897d423b47f098f9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24232
l
use.typekit.net/af/1b1b1e/00000000000000000001709e/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1b1b1e/00000000000000000001709e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zxw4akv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9bacad71ca24f6147c4b72a6c0f351b07ba93b70f992082b812681fb3b46d9b6

Request headers

Referer
https://use.typekit.net/zxw4akv.css
Origin
https://www.kwitt.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
server
nginx
etag
"f507d4945327bf77fa226b6fef0f1c6a6af3bf09"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24180
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-64223732-14
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/2792/uat/tc_kwittRel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b3a7643109120be12542350b95d8c5a85e252cc13575d9997fe302345997f8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40738
x-xss-protection
0
last-modified
Thu, 05 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 08:17:27 GMT
privacy_v2_49.js
cdn.tagcommander.com/privacy/2792/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/privacy/2792/privacy_v2_49.js
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/2792/uat/tc_kwittRel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22b4b602752eb97e08b4fb758e0ea3c701dc2568f7978414647a7f6f214f20f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 08:17:27 GMT
content-encoding
gzip
x-cdn
FASTLY
age
0
via
1.1 varnish
x-cache
HIT
access-control-max-age
31536000
content-length
12362
x-amz-id-2
avS1NamCb408kyzZViUkFl1FErru1n8rWIaU4q7bgTvVdHQk1u0IIVlEcsrHJRMfi4uEnU53dKI=
x-served-by
cache-hhn4079-HHN
last-modified
Wed, 08 Sep 2021 08:25:57 GMT
server
AmazonS3
x-timer
S1651738648.693653,VS0,VE59
etag
"4a364a0016bb7ccef88f720d140c6e92"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
x-amz-request-id
JSJYW54S06F9W4FH
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
reach
engage.commander1.com/
Redirect Chain
  • https://engage.commander1.com/reach?tc_s=2792
  • https://engage.commander1.com/reach?tc_firsttime=1&tc_s=2792
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engage.commander1.com/reach?tc_firsttime=1&tc_s=2792
Requested by
Host: www.kwitt.de
URL: https://www.kwitt.de/
Protocol
HTTP/1.1
Server
15.237.153.37 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-153-37.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kwitt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
private
Date
Thu, 05 May 2022 08:17:27 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control
private, max-age=486000, pre-check=486000
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
expires
Wed, 03 Aug 2022 08:17:27 GMT

Redirect headers

location
https://engage.commander1.com/reach?tc_firsttime=1&tc_s=2792
Date
Thu, 05 May 2022 08:17:27 GMT
Connection
keep-alive
Content-Length
95
vary
Accept
Content-Type
text/plain; charset=utf-8
/
privacy.trustcommander.net/privacy-consent/ 		43 B
529 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://privacy.trustcommander.net/privacy-consent/
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/privacy/2792/privacy_v2_49.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.38.204.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-38-204-92.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.kwitt.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
private
Date
Thu, 05 May 2022 08:17:27 GMT
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
https://www.kwitt.de
Cache-Control
private, max-age=486000, pre-check=486000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type
Content-Length
43
Expires
Wed, 03 Aug 2022 08:17:27 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| Hammer object| bowser function| $ function| jQuery function| _ object| Backbone function| gtag function| tc_events_39 number| tc_privacy_used function| tc_privacy_display_39 number| tc_privacy_cpt function| tc_privacy_wait_body_39 function| tC object| tC_2792_39 object| tc_array_events function| tC2792_39 object| tc_vars object| result object| dataLayer function| tc_closePrivacyButton function| onTrackingEvent function| onPageView function| onAdformEvent function| getWidth function| showLightbox function| addBackground object| tagCategories object| eventTarget string| tcVendorsConsent string| tcCategoriesConsent function| tc_closePrivacyCenter object| google_tag_manager

3 Cookies

Domain/Path Name / Value
.kwitt.de/ Name: TCPID
Value: 12254817278605046076
.commander1.com/ Name: TCID
Value: 202205051017274554053191
.commander1.com/ Name: WID
Value: ddf60f68-9c7e-4e5b-8b14-291a293affe1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tagcommander.com
cdnjs.cloudflare.com
engage.commander1.com
geld-empfangen-giropay.kwitt.de
geld-empfangen.sparkasse.de
p.typekit.net
privacy.trustcommander.net
use.typekit.net
www.googletagmanager.com
www.kwitt.de
13.38.204.92
15.237.153.37
151.101.66.132
159.69.104.58
212.34.68.186
2606:4700::6811:180e
2a00:1450:4001:802::2008
2a02:26f0:10e::6860:5bb9
2a02:26f0:11a::6867:4851
0b3a7643109120be12542350b95d8c5a85e252cc13575d9997fe302345997f8b
0c224657461a51d98fa733f0d47f8bbcc008e63c5eab04671adfae108367bfe0
0df36faa8c0da70e17455582d9546a49749d3b4053b285f85f706d90be77e3ec
17bfe08ca734570ce8f82fff3c6d2ccfcaa3b0ca42885a3266b42eb2c466e4cf
18c777ac5c4c0cd9cce49404a6228b2e5f244ab0ee1b97a0a9c864ef9f33e7d8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22b4b602752eb97e08b4fb758e0ea3c701dc2568f7978414647a7f6f214f20f5
239dee958159ba6eedf6e3d77564ae9cd9bf1f097b8f36d48f8c1ef7f5c0d312
2573d10f6b44a2f046a5fe829a27c88bcb63a016b6accbecbe485fde464b98e7
375ecfe47ac7a7a97388b72378f62f5706e092c75fd154915b4abb6471fa39ae
4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d
67810212c8e50557711b6cf9a7d6dc3b31de5ca0b99c52e1562956ffe8de888f
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd
9bacad71ca24f6147c4b72a6c0f351b07ba93b70f992082b812681fb3b46d9b6
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b683e1f6f828fcffa4fd13e181f2aa20f6808ce547a6f4c8d8e372d44de2b7d8
be0c1d696e82e8c175c999b38fbfb4881817dbb389c7d90634f68bbbd339da05
d1ab688fac5538952804cf15a793c5cb0c0b2c4f9a365dacbe2e10f54599f9d4
e65228fd53d195ff2a6a8baebd8c44af63a8d7de0bacb3b411effb46591d074a
e803a08eefd0c7c8ad8677e5c51d85c21e8194b0c153c3da7af9fc9d254124ec
e84f26e039fa6e675a4f55491555e2df0c688340d6e3c5ffa16f52ec8f1e4e84
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe29db2f67f683ab8556de1ab880eba55a0f63931eb8fdd917cc141ed42dd515