landing.getz.ir
Open in
urlscan Pro
185.173.105.126
Public Scan
Submission: On August 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 16th 2023. Valid for: 3 months.
This is the only time landing.getz.ir was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 185.173.105.126 185.173.105.126 | 59441 (HOSTIRAN-...) (HOSTIRAN-NETWORK) | |
1 | 45.94.254.25 45.94.254.25 | 48551 (SINDAD) (SINDAD) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
15 | 185.143.234.120 185.143.234.120 | 205585 (ARVANCLOU...) (ARVANCLOUD-CDN-) | |
1 | 45.94.254.24 45.94.254.24 | 48551 (SINDAD) (SINDAD) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 46.245.80.243 46.245.80.243 | 43754 (ASIATECH) (ASIATECH) | |
4 | 45.94.255.25 45.94.255.25 | 48551 (SINDAD) (SINDAD) | |
32 | 9 |
ASN59441 (HOSTIRAN-NETWORK, IR)
PTR: 185-173-105-126.static.hostiran.name
landing.getz.ir |
ASN48551 (SINDAD, IR)
PTR: host.sindad.org
s1.mediaad.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN205585 (ARVANCLOUD-CDN-, IR)
cdn.yektanet.com | |
audience.yektanet.com | |
ua.yektanet.com | |
cdn.hamkadeh.com |
ASN48551 (SINDAD, IR)
PTR: host.sindad.org
ma-cdn.pegah.tech |
ASN48551 (SINDAD, IR)
PTR: host.sindad.cloud
api.mediaad.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
yektanet.com
cdn.yektanet.com — Cisco Umbrella Rank: 43166 audience.yektanet.com — Cisco Umbrella Rank: 50133 ua.yektanet.com — Cisco Umbrella Rank: 48078 |
54 KB |
6 |
mediaad.org
s1.mediaad.org — Cisco Umbrella Rank: 98806 mediacdn.mediaad.org — Cisco Umbrella Rank: 61001 api.mediaad.org — Cisco Umbrella Rank: 89732 |
8 KB |
6 |
getz.ir
landing.getz.ir |
181 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069 |
299 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
131 KB |
1 |
hamkadeh.com
cdn.hamkadeh.com |
|
1 |
pegah.tech
ma-cdn.pegah.tech — Cisco Umbrella Rank: 98435 |
708 B |
32 | 7 |
Domain | Requested by | |
---|---|---|
6 | ua.yektanet.com |
cdn.yektanet.com
ua.yektanet.com |
6 | landing.getz.ir |
landing.getz.ir
|
4 | api.mediaad.org |
s1.mediaad.org
|
4 | audience.yektanet.com |
cdn.yektanet.com
|
4 | cdn.yektanet.com |
landing.getz.ir
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | www.googletagmanager.com |
landing.getz.ir
www.googletagmanager.com |
1 | cdn.hamkadeh.com |
landing.getz.ir
|
1 | mediacdn.mediaad.org |
s1.mediaad.org
|
1 | ma-cdn.pegah.tech |
s1.mediaad.org
|
1 | s1.mediaad.org |
landing.getz.ir
|
32 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
landing.getz.ir R3 |
2023-07-16 - 2023-10-14 |
3 months | crt.sh |
*.mediaad.org R3 |
2023-08-05 - 2023-11-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
yektanet.com R3 |
2023-07-23 - 2023-10-21 |
3 months | crt.sh |
*.pegah.tech R3 |
2023-07-23 - 2023-10-21 |
3 months | crt.sh |
hamkadeh.com R3 |
2023-06-24 - 2023-09-22 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://landing.getz.ir/tEoRx?utm_source=yektanet
Frame ID: BF3B3D1595321D402037CFCDE7016C9F
Requests: 33 HTTP requests in this frame
Frame:
https://ua.yektanet.com/cookie/iframe/
Frame ID: 926FB2DFED8E12F00D7E18F28A7AB792
Requests: 2 HTTP requests in this frame
Frame:
https://mediacdn.mediaad.org/static/fingerprint.html
Frame ID: DA5C1A323DB464F02C23629A0F97C772
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
مشاوره رایگان فیلر جذبی لب 8703Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
RxJS (JavaScript Frameworks) Expand
Detected patterns
- rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
tEoRx
landing.getz.ir/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retargeting.js
s1.mediaad.org/serve/1182/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
108 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/AFbNlZ4p/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/0CY69Z2d/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/bSvQomVT/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rg.complete.js
cdn.yektanet.com/rg_woebegone/scripts_v3/N5Hoalpj/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tEoRx
landing.getz.ir/api/public/landing/get-template-path/ |
69 B 148 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
266 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 443 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ua.yektanet.com/cookie/iframe/ Frame 926F |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 693 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 693 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertiser.json
ma-cdn.pegah.tech/v1/retargeting/1182/ |
344 B 708 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 443 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 693 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 245 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.60491dc5.js
landing.getz.ir/templates/sormee/static/js/ |
385 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.7e38c6f4.css
landing.getz.ir/templates/sormee/static/css/ |
266 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 694 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tEoRx.json
landing.getz.ir/templates/json/ |
3 KB 932 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint.html
mediacdn.mediaad.org/static/ Frame DA5C |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set
ua.yektanet.com/cookie/ Frame 926F |
78 B 806 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1687936516.mp4
cdn.hamkadeh.com/up-files/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IRANSansWeb(FaNum).woff
landing.getz.ir/templates/sormee/fonts/ |
34 KB 34 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tag
api.mediaad.org/v1/events/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
loaded
api.mediaad.org/v2/events/page/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tag
api.mediaad.org/v1/events/ |
0 479 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
loaded
api.mediaad.org/v2/events/page/ |
0 498 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| dataLayer string| yektanetAnalyticsObject function| yektanet object| google_tag_manager object| google_tag_data object| ynWebpackJsonp boolean| yektanet_ua-script-46R4nvVN_is_loaded boolean| mediaadRetargetingScriptLoaded boolean| yektanet_ua-script-Nz8dnYIB_is_loaded boolean| yektanet_ua-script-DEIWBdn2_is_loaded function| onYouTubeIframeAPIReady object| gaGlobal boolean| yektanet_ua-script-g0wPzXVD_is_loaded number| uidEvent13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
landing.getz.ir/ | Name: XSRF-TOKEN Value: eyJpdiI6IlRoTXJjNVBQeHZjY0NYV1ROOUw2bEE9PSIsInZhbHVlIjoicUdXYnlXdDcycHltMVNnK3d3M2FvUHJudDZZdlFTT0dJYkNZbzR5eFZkMStkZWlmNnY2ODgxSHdIQWw2QS9Td0lsVDZRejFROEdsaUk3bVM5TEgyT2RWZTMyWFN3dkh6R2YxOS9WUWk5cTJNK2Q3ZitsZEhPWUVtdkQzUU53WkkiLCJtYWMiOiIyZDA1MTlmMTY5NTlmNDNjNDg4MWUzNWFjMWZlMDIxOGZmZGI0M2ZmMGM0YzEyN2M0NGFjY2RmMTdmN2MxOWI0IiwidGFnIjoiIn0%3D |
|
landing.getz.ir/ | Name: laravel_session Value: eyJpdiI6IlF6dUtUMTUrQTVsSTZEaDBObm1DaXc9PSIsInZhbHVlIjoicS9pcGtTTmMvU3o2bnZwQmFGcVM1S0pQN295VEhHVllEVkNqaFF5QjlFRktCTHBvM2RxL2NzVk1LTWhJUExubk9GZTZ2QUo4T3dON3hwK1UrcWhrMnRhODdTaTJ6SGxFTTc2bW85c0o2Vm1UUWtYVitTNXA1cUlkcVJNZEpMZHkiLCJtYWMiOiI4ZDI1MjIzYTc0YmEzNTk5M2M3Yzg5NGZjZGY2MDRkODA5ODI1NmJjMjExZTkzNjMxZmIxZGIwYTVjOGQzMmZiIiwidGFnIjoiIn0%3D |
|
.getz.ir/ | Name: analytics_campaign Value: {%22source%22:%22yektanet%22} |
|
landing.getz.ir/ | Name: analytics_token Value: 6ddd7c46-3796-20c7-40cc-fc62ad20e4cd |
|
landing.getz.ir/ | Name: analytics_session_token Value: f9c42f66-e90a-c032-0344-0bc421c99b24 |
|
landing.getz.ir/ | Name: yektanet_session_last_activity Value: 8/14/2023 |
|
landing.getz.ir/ | Name: _yngt_iframe Value: 1 |
|
.getz.ir/ | Name: _ga Value: GA1.1.1157809142.1692002077 |
|
.getz.ir/ | Name: _ga_Q5SMPMSQ6Y Value: GS1.1.1692002076.1.0.1692002076.0.0.0 |
|
.yektanet.com/ | Name: gearbox_ad_token Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4 |
|
.yektanet.com/ | Name: analytics_global_token Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4 |
|
landing.getz.ir/ | Name: _yngt Value: 4f2fafb6-60372-24a29-9632c-c58456f50dde4 |
|
.mediaad.org/ | Name: USER_ID Value: 164cd007-b613-49eb-9a44-23fcae6b62b4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.mediaad.org
audience.yektanet.com
cdn.hamkadeh.com
cdn.yektanet.com
landing.getz.ir
ma-cdn.pegah.tech
mediacdn.mediaad.org
region1.google-analytics.com
s1.mediaad.org
ua.yektanet.com
www.googletagmanager.com
185.143.234.120
185.173.105.126
2001:4860:4802:34::36
2a00:1450:4001:811::2008
45.94.254.24
45.94.254.25
45.94.255.25
46.245.80.243
0461ea13631a27215fb77c57508c5256acbf71cc30c6927130cfe7a9f982b9bd
12b87ee50b4e929a6f0d3c0398d9295b4e8f894e739632e57b85dfbb137abd66
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21bb822f2b040d85cf8a23ee555ea2c221f87b84cc4b914d60900827a9b85863
221d718114b0a90a3d98e98cbec57767f49248706d0706e8cc68bd15dce686a5
50c2218733433bddb18d9c4482c1966c0e77d69f6ff1a2d1e36dae702f108d87
54409e8f34abfac6abf176d3c9f3312bebb0bd7d169223ad26e37f880b498712
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
89ca384026cac1aa23f75f9de8ce8cdc687c4b691e5770c89aade0786aae938e
9f6b53482900bb469250df47fd1743d7f5f680bcdb0ead9e330e4a0c77b5ad09
c273adbc8856a31cec992751de2c6ee32c0f4c29e4bedf36b73eda56ae2bcff1
c49c3a7b3b6a6238cf5009c0f7f1646fd259e71c1f599537d76c0dcdab59d061
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dd7b5a55755a0edd1b3021193106a945ce5abd4972ae2f784d1b6a9b4b793a28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4621c2b1d6175b831c5092f11ab9ca5220c091bc781a29346d74042729c200b
e6944b2ec0791af3be7e39d02275c2bab02f2cfe015fe7ccdbc1399ba2f5672d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ec57785b4211874ff7b7693fb8fded44c51701b400604618edcbffa727d50b25
ede8de5e8b6f7697cfe8f7bb650e459ce47acc10d84cd5512f6c258bf0347f62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f0003c15339958f3fae19e2302eccd9fad6e6e0ba19a53a6ce2c29d0e394e
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa