shopping.help-support.jp
Open in
urlscan Pro
183.181.96.27
Public Scan
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from JP
Summary
TLS certificate: Issued by R11 on July 8th 2024. Valid for: 3 months.
This is the only time shopping.help-support.jp was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 183.181.96.27 183.181.96.27 | 131965 (XSERVER X...) (XSERVER Xserver Inc.) | |
4 | 2404:6800:400... 2404:6800:400a:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 3 | 18.65.216.5 18.65.216.5 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.33.174.30 13.33.174.30 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:303... 2606:4700:3037::ac43:8ef5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2404:6800:400... 2404:6800:400a:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4008:c07::9b | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.217.25.163 172.217.25.163 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.76.142 142.250.76.142 | 15169 (GOOGLE) (GOOGLE) | |
34 | 10 |
ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12666.xserver.jp
shopping.help-support.jp |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-5.nrt57.r.cloudfront.net
b.hatena.ne.jp |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-30.nrt57.r.cloudfront.net
bookmark.hatenaapis.com |
ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f3.1e100.net
www.google.co.jp |
ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f14.1e100.net
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
help-support.jp
1 redirects
shopping.help-support.jp |
134 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110 |
317 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 102 |
21 KB |
3 |
hatenaapis.com
bookmark.hatenaapis.com — Cisco Umbrella Rank: 447659 |
1 KB |
3 |
hatena.ne.jp
3 redirects
b.hatena.ne.jp — Cisco Umbrella Rank: 134680 |
2 KB |
2 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1886 |
86 KB |
1 |
google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 16876 |
63 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 208 |
260 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 239 |
|
34 | 9 |
Domain | Requested by | |
---|---|---|
19 | shopping.help-support.jp |
1 redirects
shopping.help-support.jp
|
4 | www.googletagmanager.com |
shopping.help-support.jp
www.googletagmanager.com |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | bookmark.hatenaapis.com |
shopping.help-support.jp
|
3 | b.hatena.ne.jp | 3 redirects |
2 | use.fontawesome.com |
shopping.help-support.jp
use.fontawesome.com |
1 | www.google.co.jp |
shopping.help-support.jp
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
34 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
www.facebook.com |
b.hatena.ne.jp |
wordpress.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
shopping.help-support.jp R11 |
2024-07-08 - 2024-10-06 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
*.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.google.co.jp WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://shopping.help-support.jp/
Frame ID: 302C7EE492F0425EE6C27711F4D3D2E5
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
へるさぽ!ショッピングDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Tweet
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: WordPress コメントの投稿者
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://b.hatena.ne.jp/entry.count?callback=jQuery37108740365376666619_1720516909097&url=https%3A%2F%2Fshopping.help-support.jp%2F&_=1720516909098 HTTP 301
- https://bookmark.hatenaapis.com/count/entry?callback=jQuery37108740365376666619_1720516909097&url=https%3A%2F%2Fshopping.help-support.jp%2F&_=1720516909098
- https://b.hatena.ne.jp/entry.count?callback=jQuery37108740365376666619_1720516909099&url=https%3A%2F%2Fshopping.help-support.jp%2F2021%2F11%2F24%2Fhello-world%2F&_=1720516909100 HTTP 301
- https://bookmark.hatenaapis.com/count/entry?callback=jQuery37108740365376666619_1720516909099&url=https%3A%2F%2Fshopping.help-support.jp%2F2021%2F11%2F24%2Fhello-world%2F&_=1720516909100
- https://b.hatena.ne.jp/entry.count?callback=jQuery37108740365376666619_1720516909101&url=https%3A%2F%2Fshopping.help-support.jp%2F&_=1720516909102 HTTP 301
- https://bookmark.hatenaapis.com/count/entry?callback=jQuery37108740365376666619_1720516909101&url=https%3A%2F%2Fshopping.help-support.jp%2F&_=1720516909102
- https://shopping.help-support.jp/favicon.ico HTTP 302
- https://shopping.help-support.jp/wp-includes/images/w-logo-blue-white-bg.png
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shopping.help-support.jp/ |
26 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
shopping.help-support.jp/wp-includes/css/dist/block-library/ |
111 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/ |
251 B 435 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/ |
121 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advanced.css
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-style.css
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
shopping.help-support.jp/wp-includes/js/jquery/ |
86 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
shopping.help-support.jp/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skip-link-focus-fix.js
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/js/ |
685 B 880 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utility.js
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/js/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
196 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
66295025-46b0-466d-882a-d145995744a2
https://shopping.help-support.jp/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
191 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keni8-icons.ttf
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/fonts/ |
7 KB 5 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
admin-ajax.php
shopping.help-support.jp/wp-admin/ |
1 B 344 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
admin-ajax.php
shopping.help-support.jp/wp-admin/ |
1 B 344 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
admin-ajax.php
shopping.help-support.jp/wp-admin/ |
1 B 344 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entry
bookmark.hatenaapis.com/count/ Redirect Chain
|
43 B 369 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entry
bookmark.hatenaapis.com/count/ Redirect Chain
|
43 B 370 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entry
bookmark.hatenaapis.com/count/ Redirect Chain
|
43 B 372 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.8.1/css/ |
54 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-image.jpg
shopping.help-support.jp/wp-content/themes/keni80_wp_standard_all_202111211009/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
shopping.help-support.jp/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ |
73 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
230 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
271 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.co.jp/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w-logo-blue-white-bg.png
shopping.help-support.jp/wp-includes/images/ Redirect Chain
|
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| shf string| ajaxurl boolean| sns_cnt object| _wpemojiSettings object| dataLayer function| jQuery function| gtag object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.help-support.jp/ | Name: _gid Value: GA1.2.1626873367.1720516909 |
|
.help-support.jp/ | Name: _gat_gtag_UA_204667117_13 Value: 1 |
|
.help-support.jp/ | Name: _ga Value: GA1.1.1310413441.1720516909 |
|
.help-support.jp/ | Name: _ga_XZR931YBVE Value: GS1.1.1720516909.1.0.1720516909.60.0.0 |
|
.help-support.jp/ | Name: _ga_3JL0Q0NMW1 Value: GS1.1.1720516909.1.0.1720516909.0.0.0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
b.hatena.ne.jp
bookmark.hatenaapis.com
shopping.help-support.jp
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.co.jp
www.googletagmanager.com
13.33.174.30
142.250.76.142
172.217.25.163
18.65.216.5
183.181.96.27
2404:6800:4004:80f::200e
2404:6800:4008:c07::9b
2404:6800:400a:80e::2008
2404:6800:400a:80e::200e
2606:4700:3037::ac43:8ef5
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
17e8255ee774bcaa1b20f7ee60967b2103f7bacd1f320780842db50a618568ef
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ddc71bfc312039f74d50fe9a634b7483cd6cccd67e79524dc03009bb16399da
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
641d1ce45911bace0bd7c701d5e951d3640d3e84acadcffee647e1c513e6cbaa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6d2580fd1493244381b21990e98ead0228b03d56f3291966cdcce39a7acdd6c2
7da30a859472e7adb5bfe1cd3e6c8293e6fe811e979e67a07ad4fdc82ec762cd
8345cd6889bbcb30ee8eab4d110103a96799262184ca658a263561d15e05c9c9
85c0cf5553b11154f1c0f66f64e22949ac2b0bceba29d986ffabf1d892c026d2
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a9d8704c991e036509b1d987e3cf28b8023dd6d2c1962f771058b6415ccf9ac3
aa45ac431911322e288772acb03d8cb0e6de556aeb9f111851776bc5c756c9c5
ac4ca2f3b59c8826be2bd9ac8981a914b9f9b252237007fbd873472b62b21f2d
afd214424ce96b31ed6dcbf060b9c432f377a693a76a85df7b8ab8b5fa7836f4
b1e94aad51c408c1d62da12351fb287b0b2eb596c20fee0791810fa9b80c6887
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dda2e9c55f114aa54985a5743e4817318db1e6395c6ee33df4ca17461be9b564
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df51811d4f23609feed8137499e022e1055e0c4e1ac222a7318886ac596f9c29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60c4c1af15ee5f4db7e204a7af1fd6ce72fb5ee3df122c30eabe42343da8e3f
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c