portal.grandecom.net
Open in
urlscan Pro
129.158.39.150
Public Scan
Effective URL: https://portal.grandecom.net/faq/
Submission: On November 07 via manual from AR — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 18th 2023. Valid for: a year.
This is the only time portal.grandecom.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.126.37.160 104.126.37.160 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 129.158.39.150 129.158.39.150 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
8 | 129.213.75.60 129.213.75.60 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
1 | 23.57.22.242 23.57.22.242 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2.23.197.190 2.23.197.190 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 142.250.181.232 142.250.181.232 | 15169 (GOOGLE) (GOOGLE) | |
2 | 108.138.7.113 108.138.7.113 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 63.140.62.160 63.140.62.160 | 15224 (OMNITURE) (OMNITURE) | |
18 | 9 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-160.deploy.static.akamaitechnologies.com
www.bing.com |
ASN31898 (ORACLE-BMC-31898, US)
static.garnet.synacor.com | |
images.synacor.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-57-22-242.deploy.static.akamaitechnologies.com
tags.bkrtx.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
ssl.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-113.fra56.r.cloudfront.net
sb.scorecardresearch.com |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
synacorgrande.112.2o7.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
synacor.com
static.garnet.synacor.com images.synacor.com |
194 KB |
2 |
2o7.net
1 redirects
synacorgrande.112.2o7.net |
1 KB |
2 |
scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172 |
3 KB |
2 |
grandecom.net
portal.grandecom.net |
15 KB |
1 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 574 |
17 KB |
1 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921 |
303 B |
1 |
bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5990 |
16 KB |
1 |
bing.com
www.bing.com — Cisco Umbrella Rank: 66 |
2 KB |
0 |
googletagservices.com
Failed
www.googletagservices.com Failed |
|
18 | 9 |
Domain | Requested by | |
---|---|---|
7 | static.garnet.synacor.com |
portal.grandecom.net
static.garnet.synacor.com |
2 | synacorgrande.112.2o7.net | 1 redirects |
2 | sb.scorecardresearch.com |
static.garnet.synacor.com
|
2 | portal.grandecom.net |
www.bing.com
portal.grandecom.net |
1 | ssl.google-analytics.com |
static.garnet.synacor.com
|
1 | stags.bluekai.com |
tags.bkrtx.com
|
1 | tags.bkrtx.com |
static.garnet.synacor.com
|
1 | images.synacor.com |
portal.grandecom.net
|
1 | www.bing.com | |
0 | www.googletagservices.com Failed |
static.garnet.synacor.com
|
18 | 10 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
r.bing.com Microsoft Azure ECC TLS Issuing CA 05 |
2023-10-18 - 2024-06-27 |
8 months | crt.sh |
web.garnet.synacor.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-18 - 2024-10-01 |
a year | crt.sh |
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-18 - 2024-01-17 |
a year | crt.sh |
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-07 - 2024-02-08 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-15 - 2023-12-28 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://portal.grandecom.net/faq/
Frame ID: 8DE4DB53E049C531E639D031EF455CB4
Requests: 14 HTTP requests in this frame
Frame:
https://static.garnet.synacor.com/assets/en_US/components/ad/component/targeting/html/iframe.html?callback_host=https%3A%2F%2Fportal.grandecom.net%2Ffaq%2F
Frame ID: B69E82CABB0351C67A4BA90F4B19BF6C
Requests: 3 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/18046?ret=html&phint=puserid%3D98a3da59264524dc5103cb6e5056a1ac6f942ebf&phint=__bk_l%3Dhttps%3A%2F%2Fportal.grandecom.net%2Ffaq%2F&phint=__bk_pr%3Dhttps%3A%2F%2Fwww.bing.com%2F&phint=__bk_t%3DHome-MyGrande.net&limit=4&r=79256648
Frame ID: 0D1760C6A4A28F1C2B698B76D886C231
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Home-MyGrande.netPage URL History Show full URLs
- https://www.bing.com/ck/a?!&&p=a820149cac675fbdJmltdHM9MTY5OTMxNTIwMCZpZ3VpZD0xMzA4YTc2OC1kYzFiLT... Page URL
- https://portal.grandecom.net/faq/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
comScore (Analytics) Expand
Detected patterns
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Make this my Homepage
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Pay My Bill
Search URL Search Domain Scan URL
Title: Shopping
Search URL Search Domain Scan URL
Title: Portal Controls
Search URL Search Domain Scan URL
Title: Customer Care Center
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: Click Here
Search URL Search Domain Scan URL
Title: www.mygrande.net
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: click here.
Search URL Search Domain Scan URL
Title: Pay My Bill
Search URL Search Domain Scan URL
Title: Bundles
Search URL Search Domain Scan URL
Title: TV Services
Search URL Search Domain Scan URL
Title: Phone Services
Search URL Search Domain Scan URL
Title: Internet Services
Search URL Search Domain Scan URL
Title: Forgot Your Password
Search URL Search Domain Scan URL
Title: Speed Test
Search URL Search Domain Scan URL
Title: MyGrande.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.bing.com/ck/a?!&&p=a820149cac675fbdJmltdHM9MTY5OTMxNTIwMCZpZ3VpZD0xMzA4YTc2OC1kYzFiLTZlY2MtMzE1My1iNmNiZDgxYjYwNTImaW5zaWQ9NTI3OA&ptn=3&hsh=3&fclid=1308a768-dc1b-6ecc-3153-b6cbd81b6052&psq=what+is+grandecom.net&u=a1aHR0cHM6Ly9wb3J0YWwuZ3JhbmRlY29tLm5ldC9mYXEv&ntb=1 Page URL
- https://portal.grandecom.net/faq/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://synacorgrande.112.2o7.net/b/ss/synacorgrande/1/H.22.1/s87508951628533?AQB=1&ndh=1&t=7%2F10%2F2023%2013%3A42%3A0%202%20-60&ce=UTF-8&ns=synacor&pageName=faq&g=https%3A%2F%2Fportal.grandecom.net%2Ffaq%2F&r=https%3A%2F%2Fwww.bing.com%2F&cc=USD&ch=faq&server=web02.garnet.idm-ash1.sync.lan&events=event2&c1=New&v1=D%3Dc1&c2=logged-out&v2=D%3Dc2&c3=First%20Visit&v3=D%3Dc3&c4=1%3A30pm&v4=D%3Dc4&c5=tuesday&v5=D%3Dc5&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=1&v9=D%3Dc9&v10=D%3Dc10&c11=non-customized&v11=D%3Dc11&c12=not%20a%20premium%20owner&v12=D%3Dc12&c13=faq&v13=D%3Dc13&v14=D%3Dc14&v15=D%3Dc15&v16=D%3Dc16&v17=D%3Dc17&v18=D%3Dc18&v19=D%3Dc19&v20=D%3Dc20&v21=D%3Dc21&v22=D%3Dc22&v23=D%3Dc23&v24=D%3Dc24&v25=D%3Dc25&v26=D%3Dc26&v27=D%3Dc27&c28=https%3A%2F%2Fportal.grandecom.net%2F&v28=D%3Dc28&v29=D%3Dc29&v40=D%3Dc40&v41=D%3Dc41&v42=D%3Dc42&v43=D%3Dc43&v44=D%3Dc44&v45=D%3Dc45&c49=(undef)&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1 HTTP 302
- https://synacorgrande.112.2o7.net/b/ss/synacorgrande/1/H.22.1/s87508951628533?AQB=1&pccr=true&vidn=32A5184C3B0D3F9F-6000027F02134937&ndh=1&t=7%2F10%2F2023%2013%3A42%3A0%202%20-60&ce=UTF-8&ns=synacor&pageName=faq&g=https%3A%2F%2Fportal.grandecom.net%2Ffaq%2F&r=https%3A%2F%2Fwww.bing.com%2F&cc=USD&ch=faq&server=web02.garnet.idm-ash1.sync.lan&events=event2&c1=New&v1=D%3Dc1&c2=logged-out&v2=D%3Dc2&c3=First%20Visit&v3=D%3Dc3&c4=1%3A30pm&v4=D%3Dc4&c5=tuesday&v5=D%3Dc5&v6=D%3Dc6&v7=D%3Dc7&v8=D%3Dc8&c9=1&v9=D%3Dc9&v10=D%3Dc10&c11=non-customized&v11=D%3Dc11&c12=not%20a%20premium%20owner&v12=D%3Dc12&c13=faq&v13=D%3Dc13&v14=D%3Dc14&v15=D%3Dc15&v16=D%3Dc16&v17=D%3Dc17&v18=D%3Dc18&v19=D%3Dc19&v20=D%3Dc20&v21=D%3Dc21&v22=D%3Dc22&v23=D%3Dc23&v24=D%3Dc24&v25=D%3Dc25&v26=D%3Dc26&v27=D%3Dc27&c28=https%3A%2F%2Fportal.grandecom.net%2F&v28=D%3Dc28&v29=D%3Dc29&v40=D%3Dc40&v41=D%3Dc41&v42=D%3Dc42&v43=D%3Dc43&v44=D%3Dc44&v45=D%3Dc45&c49=(undef)&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
a
www.bing.com/ck/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
portal.grandecom.net/faq/ |
59 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
res.php
static.garnet.synacor.com/assets/ |
74 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
res.php
static.garnet.synacor.com/assets/ |
267 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
track.gif
portal.grandecom.net/images/track/ |
43 B 390 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77841.gif
images.synacor.com/clientimages/13304/ |
43 B 390 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adchoices_icon.png
static.garnet.synacor.com/assets/en_US/components/ad/component/gpt/unit/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body_bg.gif
static.garnet.synacor.com/assets/client_config/grandecom.net/assets/en_US/globals/images/ |
598 B 948 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grandecom_sprite.png
static.garnet.synacor.com/assets/client_config/grandecom.net/assets/en_US/globals/images/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
static.garnet.synacor.com/assets/en_US/components/ad/component/targeting/html/ Frame B69E |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
postmessage.min.js
static.garnet.synacor.com/assets/en_US/globals/javascripts/3rdparty/ Frame B69E |
1 KB 883 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bk-coretag.js
tags.bkrtx.com/js/ Frame B69E |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18046
stags.bluekai.com/site/ Frame 0D17 |
71 B 303 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s87508951628533
synacorgrande.112.2o7.net/b/ss/synacorgrande/1/H.22.1/ Redirect Chain
|
43 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
sb.scorecardresearch.com/ |
0 225 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gpt.js
www.googletagservices.com/tag/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagservices.com
- URL
- https://www.googletagservices.com/tag/js/gpt.js
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| Syn boolean| __LOGGED_IN__ number| page_index function| json function| json_init string| s_account object| s function| init_omniture string| s_code string| s_objectID function| __syn_showTabbedComponent object| divs function| syn_show_exp function| syn_check_exp function| Utils function| PortalEvents function| hide_overlay_elements function| show_overlay_elements function| hide_elements_by_tag function| show_elements_by_tag function| hide_disruptive_overlay_elements function| show_disruptive_overlay_elements function| SYNACOR_findObj function| find_pos_x function| find_pos_y function| SYNACOR_Snap function| SYNACOR_showHideLayers function| getXMLRequestObject function| get_cdata function| get_attribute function| hide_id function| base64encode function| trimStr function| add_event_listener function| remove_event_listener function| reg_repl_esc function| openWindow function| SYNACOR_swapImgRestore function| SYNACOR_swapImage function| waterimg function| addLoadEvent function| getTransport object| XD object| googletag object| TN8 object| SW_Config function| s_gi object| _gaq object| _comscore function| $ function| jQuery function| Class object| SynAjax_Request_Events function| SynAjax string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft function| s_c object| s_c_il number| s_c_in string| f0 object| dc number| f number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd object| s_i_synacor object| COMSCORE object| ns_p object| _gat13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
portal.grandecom.net/faq | Name: ccpaOptOut Value: 1YNN |
|
portal.grandecom.net/faq | Name: sctirnd Value: 2 |
|
.grandecom.net/ | Name: temporalchip Value: Og%3D%3D |
|
.grandecom.net/ | Name: session Value: 92fb8f6d6c992c1321a9344b6f82becd52d7983f-1699360918 |
|
.grandecom.net/ | Name: s_cc Value: true |
|
.grandecom.net/ | Name: s_vnum Value: 1701952920224%26vn%3D1 |
|
.grandecom.net/ | Name: s_invisit Value: true |
|
.grandecom.net/ | Name: dslv Value: 1699360920225 |
|
.grandecom.net/ | Name: dslv_s Value: First%20Visit |
|
.grandecom.net/ | Name: omni_gpn Value: faq |
|
.grandecom.net/ | Name: s_nr Value: 1699360920226 |
|
.grandecom.net/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.synacorgrande.112.2o7.net/ | Name: s_vi Value: [CS]v1|32A5184C3B0D3F9F-6000027F02134937[CE] |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
images.synacor.com
portal.grandecom.net
sb.scorecardresearch.com
ssl.google-analytics.com
stags.bluekai.com
static.garnet.synacor.com
synacorgrande.112.2o7.net
tags.bkrtx.com
www.bing.com
www.googletagservices.com
www.googletagservices.com
104.126.37.160
108.138.7.113
129.158.39.150
129.213.75.60
142.250.181.232
2.23.197.190
23.57.22.242
63.140.62.160
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18ea38838d13739fb2993093aca3fa72b851debdb82b335d22845e18549ac80e
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3efe2a018482f246ba6eb2d3daa0f1ce1acdad219721af09ffa7b38d38f3cd7b
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5e4809d1a790c67e097910fe1f095382cc00136efedcc53c5c1eaae5740f4e1f
6adc590175ebb2bbce0628b210a66b4d836dce168a279524362bc29feac49712
7c31fcf5e8d3a4b89812912b87dc36bab4e79275293ce46d322c7a8f2abd3ed5
7e8891ad7d7066ab553669227b110798d8fbfbf742beed7f9d61381fd5775e24
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
96fb8ae91bf1741c35001afb514c9050f82c05e0134d86ab58c619b89171619f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
d3d41d79e4517bcab950725539b718edbcff75e6bc04c72effaf1b5343430726
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbcbd48d56eb877357726cd45dd32065fa71a32c7ee84b5d10e2a4f91da5bd79