g.i.ua
Open in
urlscan Pro
104.18.3.81
Public Scan
Submission: On November 24 via manual from DE — Scanned from DE
Summary
This is the only time g.i.ua was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 104.18.3.81 104.18.3.81 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 104.18.2.81 104.18.2.81 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 4 | 51.83.200.186 51.83.200.186 | 16276 (OVH) (OVH) | |
1 | 146.59.30.100 146.59.30.100 | 16276 (OVH) (OVH) | |
1 | 146.59.30.96 146.59.30.96 | 16276 (OVH) (OVH) | |
1 1 | 193.239.68.97 193.239.68.97 | 39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS) | |
1 | 193.239.71.100 193.239.71.100 | 39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS) | |
2 | 2a00:1450:400... 2a00:1450:400c:c06::9c | 15169 (GOOGLE) (GOOGLE) | |
21 | 8 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
i.ua
1 redirects
g.i.ua i3.i.ua i.i.ua — Cisco Umbrella Rank: 833523 r.i.ua — Cisco Umbrella Rank: 268864 |
56 KB |
6 |
gemius.pl
1 redirects
kpmediagaua.hit.gemius.pl ls.hit.gemius.pl — Cisco Umbrella Rank: 15299 |
28 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
17 KB |
2 |
bigmir.net
1 redirects
c.bigmir.net — Cisco Umbrella Rank: 292723 i.bigmir.net — Cisco Umbrella Rank: 625507 |
590 B |
21 | 4 |
Domain | Requested by | |
---|---|---|
8 | i3.i.ua |
g.i.ua
|
4 | kpmediagaua.hit.gemius.pl |
1 redirects
g.i.ua
kpmediagaua.hit.gemius.pl |
4 | g.i.ua |
1 redirects
g.i.ua
|
2 | stats.g.doubleclick.net | |
2 | ls.hit.gemius.pl |
kpmediagaua.hit.gemius.pl
ls.hit.gemius.pl |
1 | i.bigmir.net | |
1 | c.bigmir.net | 1 redirects |
1 | r.i.ua |
g.i.ua
|
1 | i.i.ua |
g.i.ua
|
21 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.i.ua |
irpinservice.com |
help.i.ua |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2023-09-14 - 2024-09-25 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
http://g.i.ua/?userID=6897361&userID=6897361&_url=https://irpinservice.com/uk/pralna_mashyna_ne_zlyvaye_vodu/
Frame ID: 571C30E2D4B3A3FBE82EBA890E356F4C
Requests: 19 HTTP requests in this frame
Frame:
http://g.i.ua/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: B26D1494943B69B6C793A08BB1FE0D09
Requests: 2 HTTP requests in this frame
Frame:
http://ls.hit.gemius.pl/lsget.html
Frame ID: 6086DDC78966B4F94873F780E3B7A8C4
Requests: 1 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: 74F6F2DFE318ECB9B0FDF133610277D7
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
I.UADetected technologies
Gemius (Analytics) ExpandDetected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Google Analytics (Analytics) Expand
Detected patterns
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Перейти на сайт
Search URL Search Domain Scan URL
Title: Обратная связь
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- http://g.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- http://g.i.ua/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
- http://c.bigmir.net/?s134156&t6&n0.11626701963679764&c1&d24&r1600&f HTTP 302
- http://i.bigmir.net/cnt/06.gif
- http://stats.g.doubleclick.net/dc.js HTTP 307
- https://stats.g.doubleclick.net/dc.js
- https://kpmediagaua.hit.gemius.pl/_1700838893844/rexdot.js?l=100&sendf=24&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%3A%2F%2Firpinservice.com%2Fuk%2Fpralna_mashyna_ne_zlyvaye_vodu%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LUUn_S6CSavmL6BcM2KB4EgnnU7ripSNMTbim._hIpz.y744tNpLqc0YK7BgIc6v8WG_lsmvjNikq_WibjlxDvnpEJms/OtDjJmnF9L6g2/&fpdata=F5.RDAxkVCGc_KWJrS9AhrDWhxHK.CHPS2xnrVCXgaP.57<ime=161&fr=1&ref=&inner=_ver%3D346&lsadd=&exid=6560bded28a41a8c&brts=1700838893&fpcap= HTTP 301
- https://kpmediagaua.hit.gemius.pl/__/_1700838893844/rexdot.js?l=100&sendf=24&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%3A%2F%2Firpinservice.com%2Fuk%2Fpralna_mashyna_ne_zlyvaye_vodu%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LUUn_S6CSavmL6BcM2KB4EgnnU7ripSNMTbim._hIpz.y744tNpLqc0YK7BgIc6v8WG_lsmvjNikq_WibjlxDvnpEJms/OtDjJmnF9L6g2/&fpdata=F5.RDAxkVCGc_KWJrS9AhrDWhxHK.CHPS2xnrVCXgaP.57<ime=161&fr=1&ref=&inner=_ver%3D346&lsadd=&exid=6560bded28a41a8c&brts=1700838893&fpcap=
- http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=918231907&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=1989794729&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%3A%2F%2Firpinservice.com%2Fuk%2Fpralna_mashyna_ne_zlyvaye_vodu%2F&utmht=1700838893917&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1650612826.1700838894.1700838894.1700838894.1%3B%2B__utmz%3D11729771.1700838894.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1906117331&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=918231907&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=1989794729&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%3A%2F%2Firpinservice.com%2Fuk%2Fpralna_mashyna_ne_zlyvaye_vodu%2F&utmht=1700838893917&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1650612826.1700838894.1700838894.1700838894.1%3B%2B__utmz%3D11729771.1700838894.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1906117331&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
g.i.ua/ |
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.y130200.css
i3.i.ua/css/i2/blue/sprite/ |
41 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.y169000.js
i3.i.ua/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JSHttpRequest.y169000.js
i3.i.ua/js/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
md5.y169000.js
i3.i.ua/js/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.y169000.js
i3.i.ua/js/i/ |
25 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.y169000.js
i3.i.ua/js/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autoload.y169000.js
i3.i.ua/js/i/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
i3.i.ua/v2/logo/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3_1_2.png
i.i.ua/r/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xgemius.js
kpmediagaua.hit.gemius.pl/ |
68 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
r.i.ua/ |
43 B 828 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
118 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
443 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
g.i.ua/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame B26D Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
82b29aaaec320378
g.i.ua/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B26D |
0 746 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
kpmediagaua.hit.gemius.pl/ |
273 B 636 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lsget.html
ls.hit.gemius.pl/ Frame 6086 |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame 74F6 |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
06.gif
i.bigmir.net/cnt/ Redirect Chain
|
43 B 326 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
kpmediagaua.hit.gemius.pl/__/_1700838893844/ Redirect Chain
|
452 B 827 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 198 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
150 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 number| lmJsVersion string| lmJsPath number| JS_LANG_ID boolean| I_VER2 boolean| I_SSL string| JS_ERROR_NOTIFY function| browseIt object| b function| trim function| stripTags function| checkAll function| checkDate function| frPr object| toggleDisplay_hiddenObj function| toggleDisplay function| dce function| dct function| dge function| getItemIndex function| arrayPos function| peUtilClearContainer function| strCmp function| striCmp function| DBG function| nalert function| formatStToSafeGET function| inputLimit function| getPosition function| getPosition2 function| getOffsetRect function| mouseCoords function| getWindowInfo function| itemSpelling function| addToBody function| util_htmlspecialchars function| sprintf function| utilSetCookie function| utilGetCookie function| hrefSSG object| UtilLite number| nalertCount boolean| UTIL_LOADED boolean| UTIL_READY function| Subsys_JsHttpRequest_Js number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 string| ref function| i_showFloat function| i_showFloat2 function| i_showFloat3 function| i_lForm2 function| i_lForm undefined| i_blinkMail undefined| i_blinkMailTimer undefined| i_blinkMailStep function| i_blinkM undefined| i_reqMail string| i_chkEmlUrl function| i_checkNewMail function| i_checkNewMailResponse number| i_checkInterval undefined| i_reqSCode function| i_updateSCode function| i_removeDefVal function| i_keypress function| i_showSections function| i_showPeopleOnline function| i_showPeopleOnline2 function| i_poSetLoading function| i_poSetLoading2 function| i_poHideBadObjects function| i_poReady function| i_closePeopleOnline function| i_closePeopleOnline2 function| i_getBottomPos function| i_s function| bannerInternalFooterJS function| i_checkOpenstat function| i_closeDisclaimer object| poToggledObjects object| lmModules object| lmQueue boolean| lmTimerHndl object| lmNotifyController boolean| lmLoading boolean| lmNotified function| lmIsModuleStatus function| lmSetModuleStatus function| lmCallAfterModulesStatus function| lmCallAfterModulesReady function| lmCallAfterModulesLoaded function| lmCheckModulesStatus string| LM_S_READY string| LM_S_LOADED string| LM_S_LOADING object| Autoload function| ILoadScript string| pp_gemius_identifier function| gemius_pending object| _gaq string| iS object| iD string| iR string| iT string| iH number| iI string| bmQ object| bmD object| bmS string| bmF function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| _gat object| gaGlobal10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
g.i.ua/ | Name: b Value: b |
|
.i.ua/ | Name: __gfp_64b Value: F5.RDAxkVCGc_KWJrS9AhrDWhxHK.CHPS2xnrVCXgaP.57|1700838893 |
|
.hit.gemius.pl/ | Name: Gtest Value: Klx75MGGQMGGxhIZ15VWQflUssGMXP8c25nSGo2MMvH7XBG. |
|
.i.ua/ | Name: __utma Value: 11729771.1650612826.1700838894.1700838894.1700838894.1 |
|
.i.ua/ | Name: __utmc Value: 11729771 |
|
.i.ua/ | Name: __utmz Value: 11729771.1700838894.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.i.ua/ | Name: __utmt Value: 1 |
|
.i.ua/ | Name: __utmb Value: 11729771.1.10.1700838894 |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlxkhRXGQMGGxhIZ15VWQflUssGMXP8c25nSGo2MMvH7FRxSG7RrGS6GuLltFlM1YH8PlexaG0F6Sssa |
|
.hit.gemius.pl/ | Name: Gdynp Value: F92MCrFiP00We10J3AihPKMb1TLu9Z.BIFam5dC0Drv.07 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.bigmir.net
g.i.ua
i.bigmir.net
i.i.ua
i3.i.ua
kpmediagaua.hit.gemius.pl
ls.hit.gemius.pl
r.i.ua
stats.g.doubleclick.net
104.18.2.81
104.18.3.81
146.59.30.100
146.59.30.96
193.239.68.97
193.239.71.100
2a00:1450:400c:c06::9c
51.83.200.186
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36
1c3ab2e0d6d5cbeb6b4cd1b38a0c7de1bc2f46528fc777de20d17292cb04cb64
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38b70b139bc628cbcad9a4341ad86179ab9cd63f3bc029b2ded1747c8bd0dd8f
3acde6ea47287711d6135843bc3c6e4f381e3cf6d12bba8f1651e2b606910854
4020918e6193953b208d4b8b5c3bafe8e6614642d9ff2c4778d72d5ff9bb2ca9
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1
48874ded463795664b7459b06b15c3fd690d24bbe32bb845dd50cf31dabaf4b7
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5
9d28d0543ae61bc742a40d0221f9d7f29e1c315d77c852878ef4b6bf9ccc5892
a189a7383f634521afe0a153fa9bc4c47af7153a774bc475a542453bd764a8ff
c41ccb016b62881dba0565c109efe14fd72ad30697886830206eea0273ab9231
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea778b2d8bf3f875b73d5be1c2e96d4d172471f39c195e87c9ef36f8757b5cf4
ede864a89615466bbad148299d5b16f4dba1e050985477a8c330700794ae2193
fafed598919aac361eb350d9681b1b4fb6bf501742a7a37fdaa0ff118dc9f419