up-mail.clicketcloud.com
Open in
urlscan Pro
46.30.203.2
Public Scan
Effective URL: http://up-mail.clicketcloud.com/?278016
Submission: On June 03 via automatic, source phishtank — Scanned from DE
Summary
This is the only time up-mail.clicketcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 13.58.57.95 13.58.57.95 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:803::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400c:c0b::9d | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 212.127.94.2 212.127.94.2 | 15851 (WASK-COM ...) (WASK-COM WROCMAN-COM non-educational part of WASK network) | |
10 | 46.30.203.2 46.30.203.2 | 39444 (OWENTIS-AS) (OWENTIS-AS) | |
2 | 2a02:26f0:350... 2a02:26f0:3500:3::b818:4d08 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:480... 2a02:26f0:480:e::210:f104 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 2a02:26f0:350... 2a02:26f0:3500:3::b818:4d13 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
34 | 10 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-57-95.us-east-2.compute.amazonaws.com
uqr.to |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15851 (WASK-COM WROCMAN-COM non-educational part of WASK network, Wroclaw,Poland, PL)
PTR: misha.static.ip.WRO.Korbank.PL
webb-link-ap.node.cloudlets.zone |
ASN39444 (OWENTIS-AS, FR)
PTR: ns1.clicketcloud.com
up-mail.clicketcloud.com |
ASN20940 (AKAMAI-ASN1, NL)
s1.trrsf.com | |
p1.trrsf.com |
ASN20940 (AKAMAI-ASN1, NL)
www.terra.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
clicketcloud.com
up-mail.clicketcloud.com |
473 KB |
9 |
trrsf.com
s1.trrsf.com — Cisco Umbrella Rank: 371937 p1.trrsf.com — Cisco Umbrella Rank: 400871 |
68 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866 |
21 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 111 |
413 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70 |
124 KB |
2 |
uqr.to
1 redirects
uqr.to — Cisco Umbrella Rank: 341376 |
2 KB |
1 |
terra.com.br
www.terra.com.br — Cisco Umbrella Rank: 98230 |
3 KB |
1 |
cloudlets.zone
webb-link-ap.node.cloudlets.zone Failed |
470 B |
0 |
google.de
Failed
www.google.de Failed |
|
0 |
google.com
Failed
www.google.com Failed |
|
34 | 10 |
Domain | Requested by | |
---|---|---|
10 | up-mail.clicketcloud.com |
uqr.to
up-mail.clicketcloud.com |
8 | s1.trrsf.com |
up-mail.clicketcloud.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
|
2 | www.googletagmanager.com |
uqr.to
www.googletagmanager.com |
2 | uqr.to | 1 redirects |
1 | p1.trrsf.com |
up-mail.clicketcloud.com
|
1 | www.terra.com.br |
up-mail.clicketcloud.com
|
1 | webb-link-ap.node.cloudlets.zone |
uqr.to
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
0 | www.google.de Failed | |
0 | www.google.com Failed | |
34 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uqr.to R3 |
2023-05-28 - 2023-08-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
terra.com.br DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-17 - 2023-11-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://up-mail.clicketcloud.com/?278016
Frame ID: 1A58C00810EF927CE7409F9A8D4F33EE
Requests: 28 HTTP requests in this frame
Frame:
http://up-mail.clicketcloud.com/index_files/normal_2.html
Frame ID: 6D8690900D14267C38004B6138548E68
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Terra MailPage URL History Show full URLs
-
http://uqr.to/1jin6
HTTP 301
https://uqr.to/1jin6 Page URL
-
https://webb-link-ap.node.cloudlets.zone/inf.php
HTTP 302
http://up-mail.clicketcloud.com/?278016 Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://uqr.to/1jin6
HTTP 301
https://uqr.to/1jin6 Page URL
-
https://webb-link-ap.node.cloudlets.zone/inf.php
HTTP 302
http://up-mail.clicketcloud.com/?278016 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://uqr.to/1jin6 HTTP 301
- https://uqr.to/1jin6
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1jin6
uqr.to/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
133 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
205 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 248 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
inf.php
webb-link-ap.node.cloudlets.zone/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 343 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
up-mail.clicketcloud.com/ Redirect Chain
|
176 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
up-mail.clicketcloud.com/index_files/ |
24 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
context2.css
up-mail.clicketcloud.com/index_files/ |
24 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navbar.css
up-mail.clicketcloud.com/index_files/ |
67 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normal_2.html
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
618x226-E-mail-Gigante.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
72 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
72 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86 |
122 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu-white.svg
s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/ |
471 B 567 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
klavika
p1.trrsf.com/image/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico-general.png
s1.trrsf.com/atm/3/core/_img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/ |
10 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/ |
18 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/ |
10 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webb-link-ap.node.cloudlets.zone
- URL
- https://webb-link-ap.node.cloudlets.zone/inf.php
- Domain
- www.google.com
- URL
- https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1265385389.1685829054&jid=194694850&_u=YCDAgEABAAAAAEAAI~&z=1680986289
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1265385389.1685829054&jid=194694850&_u=YCDAgEABAAAAAEAAI~&z=1680986289
- Domain
- www.google.com
- URL
- https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1265385389.1685829054&jid=2084566076&_u=YCDAgEABAAAAAEAAI~&z=552274861
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1265385389.1685829054&jid=2084566076&_u=YCDAgEABAAAAAEAAI~&z=552274861
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uqr.to/ | Name: stat_session2590242 Value: 8c016f81-2f0c-43ca-81b1-ca7b9d54494c |
|
uqr.to/ | Name: device_view Value: full |
|
.uqr.to/ | Name: _ga_0DWYM481N5 Value: GS1.1.1685829053.1.0.1685829053.0.0.0 |
|
.uqr.to/ | Name: _ga Value: GA1.2.1265385389.1685829054 |
|
.uqr.to/ | Name: _gid Value: GA1.2.101924047.1685829054 |
|
.uqr.to/ | Name: _dc_gtm_UA-18982026-1 Value: 1 |
|
.uqr.to/ | Name: _dc_gtm_UA-18982026-3 Value: 1 |
|
webb-link-ap.node.cloudlets.zone/ | Name: SRVGROUP Value: common |
|
up-mail.clicketcloud.com/ | Name: SRVGROUP Value: common |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
p1.trrsf.com
region1.google-analytics.com
s1.trrsf.com
stats.g.doubleclick.net
up-mail.clicketcloud.com
uqr.to
webb-link-ap.node.cloudlets.zone
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.terra.com.br
webb-link-ap.node.cloudlets.zone
www.google.com
www.google.de
13.58.57.95
2001:4860:4802:32::36
212.127.94.2
2a00:1450:4001:803::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c0b::9d
2a02:26f0:3500:3::b818:4d08
2a02:26f0:3500:3::b818:4d13
2a02:26f0:480:e::210:f104
46.30.203.2
03065369b591168cdaea0fc4ad604fe29b6e83d0ca24c5759f19446df5272560
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
3f4d2730874a002870d579a00b961e2eb1be10869fcaa3f8c26bceaa97d9da1e
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
a579f472163ee6dd5e1e2ba59388b9d1afb19283ff1ee9c41356d985dd09d435
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462
dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f047d1f77bd359ce127ff16d4b9060fd692b7870ac1f77dc6b430d364bd53593
faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b