ad.doubleclick.net
Open in
urlscan Pro
142.250.186.102
Public Scan
Submission: On September 11 via manual from IN — Scanned from DE
Summary
This is the only time ad.doubleclick.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 142.250.186.102 142.250.186.102 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2006 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:80f::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 52.212.172.97 52.212.172.97 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2002 | 15169 (GOOGLE) (GOOGLE) | |
4 | 142.250.185.226 142.250.185.226 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:21f... 2600:9000:21f3:6c00:7:4bc6:d200:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.34.52.197 63.34.52.197 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:21f... 2600:9000:21f3:7e00:8:48e:53c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2600:1f18:1ac... 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0 | 14618 (AMAZON-AES) (AMAZON-AES) | |
22 | 11 |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-172-97.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net | |
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
track.activemetering.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-52-197.eu-west-1.compute.amazonaws.com
secure-gg.imrworldwide.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN16509 (AMAZON-02, US)
static.adsafeprotected.com |
ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174 |
77 KB |
6 |
adsafeprotected.com
1 redirects
fw.adsafeprotected.com — Cisco Umbrella Rank: 1021 static.adsafeprotected.com — Cisco Umbrella Rank: 791 dt.adsafeprotected.com — Cisco Umbrella Rank: 735 |
93 KB |
4 |
doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373 |
31 KB |
1 |
imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 3632 |
525 B |
1 |
activemetering.com
track.activemetering.com — Cisco Umbrella Rank: 4183 |
310 B |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234 |
44 KB |
1 |
2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350 |
112 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
6 | pagead2.googlesyndication.com |
ad.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
3 | tpc.googlesyndication.com |
ad.doubleclick.net
tpc.googlesyndication.com pagead2.googlesyndication.com |
3 | googleads4.g.doubleclick.net |
ad.doubleclick.net
|
2 | dt.adsafeprotected.com |
ad.doubleclick.net
|
2 | static.adsafeprotected.com |
ad.doubleclick.net
|
2 | fw.adsafeprotected.com |
1 redirects
ad.doubleclick.net
|
1 | secure-gg.imrworldwide.com |
ad.doubleclick.net
|
1 | track.activemetering.com |
ad.doubleclick.net
|
1 | www.googletagservices.com |
ad.doubleclick.net
|
1 | s0.2mdn.net |
ad.doubleclick.net
|
1 | ad.doubleclick.net | |
22 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fw.adsafeprotected.com Amazon |
2022-04-28 - 2023-05-27 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
track.activemetering.com Amazon |
2021-12-05 - 2023-01-01 |
a year | crt.sh |
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-04 - 2023-02-03 |
a year | crt.sh |
static.adsafeprotected.com Amazon |
2022-08-06 - 2023-09-04 |
a year | crt.sh |
dt.adsafeprotected.com Amazon |
2022-04-10 - 2023-05-08 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Frame ID: E7AFB40F3128518A61EFE56E8B9E23A5
Requests: 17 HTTP requests in this frame
Frame:
http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55C6EFD72B5BA976017999F9DAF26E0E
Requests: 3 HTTP requests in this frame
Frame:
https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 63C1B17FD5E2ECB86AA40D5DA3DAA344
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: B0984CBB1DCD6F8EB2FAE484D5151289
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
AdvertisementDetected technologies
DoubleClick Campaign Manager (DCM) (Advertising Networks) ExpandDetected patterns
- 2mdn\.net
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://fw.adsafeprotected.com/rfw/st/1087738/65101187/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_g28dY-_ROcGN7_UP8vGbmAI&cbFunctionName=goog_wrapCb_g28dY-_ROcGN7_UP8vGbmAI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN300005.3958515PMPRECISIONTHETRA%2FB28103820.344119899%3Bdc_ver%3D90.265%3Bsz%3D300x250%3Bu_sd%3D1.25%3Bgdpr_consent%3DCPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA%3Bgdpr%3D1%3Baddtl_consent%3D1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_jsinfo=,id:3a550bf9-9bed-5ec2-a206-eae76365a6a3,c:nSD16Y,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-585d8b8594-wxvvb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.250,am:sp,cc:0.0.1600.250,piv:0,obst:0,th:0,reas:l.h,mu:10000,br:c,an:n,oam:0,mtim:8,mot:0,app:0,maw:0,fm:th6fDSt+1*.1087738-65101187%7C11,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:40,oid:180f5418-3191-11ed-9dd8-02ccd9bbe15d,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
- https://static.adsafeprotected.com/4a.js
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr...
ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/ |
69 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3109322392608661746
s0.2mdn.net/simgad/ |
111 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.js
fw.adsafeprotected.com/rjss/st/1087738/65101187/ |
235 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ |
141 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ |
0 575 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
track.activemetering.com/pixel/v1/all/ |
43 B 310 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
secure-gg.imrworldwide.com/cgi-bin/ |
0 525 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 55C6 |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 55C6 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ |
0 63 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C6 |
0 459 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4a.js
static.adsafeprotected.com/ Redirect Chain
|
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sca.17.5.12.js
static.adsafeprotected.com/ Frame 63C1 |
80 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ |
0 63 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame B098 |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| clsn function| goog_wrapCb_g28dY-_ROcGN7_UP8vGbmAI function| bllsng28dY-_ROcGN7_UP8vGbmAI object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc function| ait function| ast object| google_image_requests object| GoogleTyFxhY function| omrhp object| GoogleGcLKhOms number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| __IntegralASAdPush function| __IntegralASEventLoadHandler_3a550bf99bed5ec2a206eae76365a6a3 object| GoogleA13IjpGc0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
secure-gg.imrworldwide.com
static.adsafeprotected.com
tpc.googlesyndication.com
track.activemetering.com
www.googletagservices.com
142.250.185.226
142.250.186.102
2600:1f18:1aca:4281:5958:8cf8:6c75:edf0
2600:9000:21f3:6c00:7:4bc6:d200:93a1
2600:9000:21f3:7e00:8:48e:53c0:93a1
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82f::2006
52.212.172.97
63.34.52.197
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
321332398b3bcfb5178259e6def50655013d5dbf35931746000db7ea00282e61
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59c4498f0309b3285a3aafd70c4b4894267d775f1352aad1d8de5a4b0c3df78c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69354c89d5cfb5399ecaaa9a19e9c1ca6b96181b80ce226214cefe666c2f2a36
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
82ed6503b643f3ba9f853642e5d5406c075ebf496b82f440d0fff821253a86d7
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855