dtfnsa.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=luaJcz0_1PCKeY6OUDKh2__666pKKoRwWtGdiFPy...
Submission: On November 17 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com |
ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com | |
onesignal.com | |
img.onesignal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1205 img.onesignal.com — Cisco Umbrella Rank: 7119 |
193 KB |
5 |
dtfnsa.com
dtfnsa.com |
103 KB |
3 |
google.com
2 redirects
lh3.google.com — Cisco Umbrella Rank: 616 accounts.google.com — Cisco Umbrella Rank: 80 |
1 KB |
2 |
t0r4.com
2 redirects
tracking.t0r4.com — Cisco Umbrella Rank: 749970 |
1 KB |
1 |
alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 350271 |
3 KB |
1 |
zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 495168 |
429 B |
1 |
zzotrack.com
1 redirects
zzotrack.com — Cisco Umbrella Rank: 638894 |
1 KB |
1 |
luvmenow.com
1 redirects
m.luvmenow.com |
681 B |
1 |
makeyourwet.com
1 redirects
makeyourwet.com |
1 KB |
1 |
makeyourwish.net
1 redirects
makeyourwish.net |
988 B |
1 |
cutt.ly
1 redirects
cutt.ly — Cisco Umbrella Rank: 84337 |
382 B |
14 | 11 |
Domain | Requested by | |
---|---|---|
5 | dtfnsa.com |
dtfnsa.com
|
3 | onesignal.com |
cdn.onesignal.com
|
2 | accounts.google.com |
1 redirects
dtfnsa.com
|
2 | cdn.onesignal.com |
dtfnsa.com
cdn.onesignal.com |
2 | tracking.t0r4.com | 2 redirects |
1 | img.onesignal.com | |
1 | lh3.google.com | 1 redirects |
1 | alexatracker.com |
zeniocloud.com
|
1 | zeniocloud.com |
dtfnsa.com
|
1 | zzotrack.com | 1 redirects |
1 | m.luvmenow.com | 1 redirects |
1 | makeyourwet.com | 1 redirects |
1 | makeyourwish.net | 1 redirects |
1 | cutt.ly | 1 redirects |
14 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-09-21 - 2023-09-21 |
a year | crt.sh |
zeniocloud.com R3 |
2022-11-15 - 2023-02-13 |
3 months | crt.sh |
*.alexatracker.com GTS CA 1P5 |
2022-10-06 - 2023-01-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=luaJcz0_1PCKeY6OUDKh2__666pKKoRwWtGdiFPyW94uLI7T0uGr3EWZNDiTkBNF096jm5krmbCLloS4K7o5-jxgQ5vRpuOZsGg2jj6Lj2y-nVansRipm8UK1mOz3BEGbcWmzLJBD1mxUUAV9744GOAomeIsmGin563SwICxU8OyD0gu0Rij6kclwuMjNrpwUF0LRg09RHPsDu92XhDoo8AwF7Uu7DuSyfhSgNFGWl4aI7LhITZK1jfsE73vOwBBUKfcl5Z8h2m9G0zdOKLryvtGJR3YxeCj7RkIMOmIaywrSFeP9b7cztrBWDhIIGtSY-tOzOQD3cuIWu7J7LP2mmz6SufheRJh_vV42PUvs_ySruV0goz3LhtNnqUFybwoSpSZTQqBDXMc_eH-sRpJJ_8ftlY92i26rM1yDoANIrlVyiHQ6KioDWpBVV905AiB26vOBVDhbBFevFbEOoXp-g&lptoken=16ae684d68ba15034677&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=1072&clickid=637608424b5b440001fdb3d6
Frame ID: 03449411C77EEE68CDB33351440DF3C4
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Dies ist KEINE Datingseite!Page URL History Show full URLs
-
https://cutt.ly/XMUZR5R
HTTP 301
https://makeyourwish.net/8twB64qz?tag=Soniya12 HTTP 302
https://makeyourwet.com/yrbPvQjh?s1=3t2ctnc75v03e&tag=20032&s2=frd HTTP 302
https://m.luvmenow.com/click?offer_id=4531&pid=31423&ref_id=3t2ctnc75v03f&sub1=28575&sub2=2a01%3A4a... HTTP 302
https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=31423&sub3=a_63760842ac00210001fba669 HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=1072 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=... HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=luaJcz0_1PCKeY6OUDKh... Page URL
Detected technologies
OneSignal (Marketing automation) ExpandDetected patterns
- cdn\.onesignal\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cutt.ly/XMUZR5R
HTTP 301
https://makeyourwish.net/8twB64qz?tag=Soniya12 HTTP 302
https://makeyourwet.com/yrbPvQjh?s1=3t2ctnc75v03e&tag=20032&s2=frd HTTP 302
https://m.luvmenow.com/click?offer_id=4531&pid=31423&ref_id=3t2ctnc75v03f&sub1=28575&sub2=2a01%3A4a0%3A5a%3A%3A4&sub3=3t2ctnc75v03f&sub4=3t2ctnc75v03e&sub5=frd&sub6=&sub7=&sub8=20032 HTTP 302
https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=31423&sub3=a_63760842ac00210001fba669 HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=1072 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=1072&clickid=637608424b5b440001fdb3d6 HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=luaJcz0_1PCKeY6OUDKh2__666pKKoRwWtGdiFPyW94uLI7T0uGr3EWZNDiTkBNF096jm5krmbCLloS4K7o5-jxgQ5vRpuOZsGg2jj6Lj2y-nVansRipm8UK1mOz3BEGbcWmzLJBD1mxUUAV9744GOAomeIsmGin563SwICxU8OyD0gu0Rij6kclwuMjNrpwUF0LRg09RHPsDu92XhDoo8AwF7Uu7DuSyfhSgNFGWl4aI7LhITZK1jfsE73vOwBBUKfcl5Z8h2m9G0zdOKLryvtGJR3YxeCj7RkIMOmIaywrSFeP9b7cztrBWDhIIGtSY-tOzOQD3cuIWu7J7LP2mmz6SufheRJh_vV42PUvs_ySruV0goz3LhtNnqUFybwoSpSZTQqBDXMc_eH-sRpJJ_8ftlY92i26rM1yDoANIrlVyiHQ6KioDWpBVV905AiB26vOBVDhbBFevFbEOoXp-g&lptoken=16ae684d68ba15034677&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=1072&clickid=637608424b5b440001fdb3d6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
- https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S1510221841%3A1668679748385311&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvm-KWapiwJn3BXbzj9svHtK834zw81HN4rzwt2iHWL2CnCj39xiyWdhk3jxMSQehpRBRVxwg
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dtfnsa.com/de/f2397h/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style4blue.css
dtfnsa.com/de/f2397h/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.js
dtfnsa.com/de/f2397h/files/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
showHide.js
dtfnsa.com/de/f2397h/files/ |
519 B 800 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
17.gif
dtfnsa.com/de/f2397h/files/ |
62 KB 63 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gAIA.js
zeniocloud.com/ |
595 B 429 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
283 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gAIA.js
alexatracker.com/jscode/ |
8 KB 3 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OneSignalSDKStyles.css
onesignal.com/sdks/ |
82 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ |
184 B 607 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ |
110 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| _0xc31e function| _0xe72c object| Cgml15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
cutt.ly/ | Name: PHPSESSID Value: 09omlms6a4lg5h5jjmdg7ipcd0 |
|
makeyourwish.net/ | Name: _subid Value: 3t2ctnc75v03e |
|
makeyourwish.net/ | Name: _token Value: uuid_3t2ctnc75v03e_3t2ctnc75v03e63760842093673.40967624 |
|
makeyourwish.net/ | Name: 9bf24 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwNDU2NFwiOjE2Njg2Nzk3NDZ9LFwiY2FtcGFpZ25zXCI6e1wiMjAwMzJcIjoxNjY4Njc5NzQ2fSxcInRpbWVcIjoxNjY4Njc5NzQ2fSJ9.jwrqE928S2OFQLUFIJDRN0xYYRqOcdAzaBBxz7m8yoI |
|
makeyourwet.com/ | Name: _subid Value: 3t2ctnc75v03f |
|
makeyourwet.com/ | Name: _token Value: uuid_3t2ctnc75v03f_3t2ctnc75v03f6376084261bdf6.30459482 |
|
makeyourwet.com/ | Name: 9bf24 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MDk1MFwiOjE2Njg2Nzk3NDZ9LFwiY2FtcGFpZ25zXCI6e1wiMjg1NzVcIjoxNjY4Njc5NzQ2fSxcInRpbWVcIjoxNjY4Njc5NzQ2fSJ9.yAUeDg9wAsNFgs5HfdD6DWWg2fn-EZxTEzrMFK5bsFs |
|
m.luvmenow.com/ | Name: afclick Value: 63760842ac00210001fba669 |
|
m.luvmenow.com/ | Name: afoffers Value: {"4531":1668679746} |
|
tracking.t0r4.com/ | Name: afclick Value: 637608424b5b440001fdb3d6 |
|
tracking.t0r4.com/ | Name: afoffers Value: {"1212":1668679746} |
|
.zzotrack.com/ | Name: ff5c1bc0-53f1-4573-8083-234256664f4d-v4 Value: 80G_qcQxaE4R2Z3PJ7UUw0166NLg5h22WqRBQ0x6btU |
|
.zzotrack.com/ | Name: cep-v4 Value: 4cRlhEwVNM9XXw9i_Dwd2YIKZoSbFPBj3DcY5ExkdQ47jeScjiyL5aAzqTB2JuP7zsopT9iiIDHY5qQFbYZ9XPL0Wp85RRcJdEUuV4IEoM72wtxGxe9hvpB_ZjKf0dF4eEUzxALL_oWDYsyLjL5CRLZd5dBBu4IULgQvNHvIobQfH-XmBfsabgGXaQqD9ovviOD-VSC214IqQon_VFJHdb5v3QDmtp63umCorWtyesvK3j3Hw3UdHhZzA0nBIsCTHuaKUnksQQDlP7_6qsZDW1uIbpj83n5w3j71AqkJJU-M_VgvxuyvBrW2mpzFjdicDMMJdmfhaO1-xovw4KBtUUjxt9iMFS2k95eccOXsv5LmXttNbnntRTiOxz5xVbn53wgZjQkVd53njijD_the3U3R5CFwzTf5gOGNytDHZZqL6LFFDWBju_BI60VY8P_uhc7s0oUh6EIhrFEXxJq5MQ |
|
dtfnsa.com/ | Name: wl Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A13%3A%7Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A470%3A%5C%22luaJcz0_1PCKeY6OUDKh2__666pKKoRwWtGdiFPyW94uLI7T0uGr3EWZNDiTkBNF096jm5krmbCLloS4K7o5-jxgQ5vRpuOZsGg2jj6Lj2y-nVansRipm8UK1mOz3BEGbcWmzLJBD1mxUUAV9744GOAomeIsmGin563SwICxU8OyD0gu0Rij6kclwuMjNrpwUF0LRg09RHPsDu92XhDoo8AwF7Uu7DuSyfhSgNFGWl4aI7LhITZK1jfsE73vOwBBUKfcl5Z8h2m9G0zdOKLryvtGJR3YxeCj7RkIMOmIaywrSFeP9b7cztrBWDhIIGtSY-tOzOQD3cuIWu7J7LP2mmz6SufheRJh_vV42PUvs_ySruV0goz3LhtNnqUFybwoSpSZTQqBDXMc_eH-sRpJJ_8ftlY92i26rM1yDoANIrlVyiHQ6KioDWpBVV905AiB26vOBVDhbBFevFbEOoXp-g%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%22637608424b5b440001fdb3d6%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A3%3A%5C%22geo%5C%22%3Bs%3A2%3A%5C%22DE%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%2216ae684d68ba15034677%5C%22%3Bs%3A8%3A%5C%22offer_id%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A3%3A%5C%22pid%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3Bs%3A4%3A%5C%22reff%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A4%3A%5C%22sub1%5C%22%3Bs%3A3%3A%5C%22740%5C%22%3Bs%3A4%3A%5C%22sub2%5C%22%3Bs%3A4%3A%5C%221072%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3B%7D%22%7D%7D |
|
alexatracker.com/ | Name: trbarid Value: e469bdc01a011f1d054546fe683d1558ae158ec7c8372f9b6c259a2342c46260a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A5080810879632934980%3B%7D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
alexatracker.com
cdn.onesignal.com
cutt.ly
dtfnsa.com
img.onesignal.com
lh3.google.com
m.luvmenow.com
makeyourwet.com
makeyourwish.net
onesignal.com
tracking.t0r4.com
zeniocloud.com
zzotrack.com
167.114.67.56
18.184.38.55
2606:4700:10::ac43:8ee
2606:4700:3031::6815:13f1
2606:4700:3031::ac43:9781
2606:4700:3031::ac43:a5ac
2606:4700:3032::6815:5563
2606:4700:3034::6815:116d
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:806::200d
2a00:1450:4001:806::200e
2a06:98c1:3120::3
38d1eea0a84e6f49eb3524da54df91075ac81596db827a2d7a8633fad87d7079
4a48197b9aea38ac94e58239eab59ea0fe3784179e006114a98e1a5b03f851e0
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec
abef4cae8f0378d9af2c51614a5fd4fc73e6bd37cd59b873b159f561025568e2
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766