www.newsobserver.com
Open in
urlscan Pro
23.37.52.89
Public Scan
Submission: On August 05 via api from CH
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 26th 2019. Valid for: a year.
This is the only time www.newsobserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 23.37.52.89 23.37.52.89 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 46.51.199.167 46.51.199.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2.18.234.163 2.18.234.163 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2600:9000:200... 2600:9000:200c:da00:15:d134:4e40:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
42 | 6 |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-52-89.deploy.static.akamaitechnologies.com
www.newsobserver.com | |
media2.newsobserver.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-199-167.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io |
ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ovp.iris.tv |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
newsobserver.com
www.newsobserver.com media2.newsobserver.com |
969 KB |
1 |
iris.tv
ovp.iris.tv |
119 KB |
1 |
googleapis.com
imasdk.googleapis.com |
86 KB |
1 |
ntv.io
s.ntv.io |
83 KB |
1 |
crwdcntrl.net
ad.crwdcntrl.net tags.crwdcntrl.net Failed |
389 B |
0 |
demdex.net
Failed
dpm.demdex.net Failed |
|
0 |
googleadservices.com
Failed
www.googleadservices.com Failed |
|
0 |
heraldsun.com
Failed
www.heraldsun.com Failed |
|
0 |
boltdns.net
Failed
cf-images.us-east-1.prod.boltdns.net Failed |
|
0 |
google.com
Failed
www.google.com Failed |
|
0 |
facebook.net
Failed
connect.facebook.net Failed |
|
0 |
adnxs.com
Failed
acdn.adnxs.com Failed |
|
0 |
adobedtm.com
Failed
assets.adobedtm.com Failed |
|
42 | 13 |
Domain | Requested by | |
---|---|---|
11 | www.newsobserver.com |
www.newsobserver.com
|
5 | media2.newsobserver.com |
www.newsobserver.com
media2.newsobserver.com |
1 | ovp.iris.tv |
www.newsobserver.com
|
1 | imasdk.googleapis.com |
www.newsobserver.com
|
1 | s.ntv.io |
www.newsobserver.com
|
1 | ad.crwdcntrl.net |
www.newsobserver.com
|
0 | dpm.demdex.net Failed |
media2.newsobserver.com
|
0 | tags.crwdcntrl.net Failed |
www.newsobserver.com
|
0 | www.googleadservices.com Failed |
www.newsobserver.com
|
0 | www.heraldsun.com Failed |
www.newsobserver.com
|
0 | cf-images.us-east-1.prod.boltdns.net Failed |
www.newsobserver.com
|
0 | www.google.com Failed |
www.newsobserver.com
|
0 | connect.facebook.net Failed |
www.newsobserver.com
|
0 | acdn.adnxs.com Failed |
www.newsobserver.com
|
0 | assets.adobedtm.com Failed |
www.newsobserver.com
|
42 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.mcclatchydc.com DigiCert SHA2 Secure Server CA |
2019-03-26 - 2020-02-19 |
a year | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2019-06-13 - 2021-06-28 |
2 years | crt.sh |
*.ntv.io DigiCert SHA2 Secure Server CA |
2018-06-12 - 2019-12-11 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
iris.tv Amazon |
2018-12-06 - 2020-01-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.newsobserver.com/news/local/article231177493.html
Frame ID: 70806C9834084573DCC33985E0237629
Requests: 42 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
article231177493.html
www.newsobserver.com/news/local/ |
192 KB 194 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
www.newsobserver.com/static/yozons-lib/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsobserver.js
media2.newsobserver.com/misites/nao/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
assets.adobedtm.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www.newsobserver.com/wps/source/scripts/libs/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main2018.806bd3eb3a534d422a4c.css
www.newsobserver.com/wps/build/webpack/css/ |
248 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.min.js
www.newsobserver.com/wps/source/scripts/libs/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi-header.bundle-a40cdfed79c77e400ad1.js
www.newsobserver.com/wps/build/webpack/ |
103 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid.js
www.newsobserver.com/wps/source/scripts/libs/ |
1 KB 934 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pb.js
acdn.adnxs.com/prebid/c/7543_nc-ky-pa/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
callback=extractPid
ad.crwdcntrl.net/5/c=7436/pe=y/ |
75 B 389 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.js
s.ntv.io/serve/ |
280 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sdk.js
connect.facebook.net/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
api.js
www.google.com/recaptcha/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2cb57ad8
www.newsobserver.com/akam/11/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
JUlq5IBr_400x400.jpg
www.newsobserver.com/latest-news/sp8l01/picture222548085/alternates/FREE_480/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998025001/a7c5cc18-880b-41b5-be4b-327a85ba978d/adcdc833-0e36-4b65-9d58-dbec8d0ea1a1/1280x720/match/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/b1e71599-c1a7-46af-b298-7f418abf8406/6b8787d9-438c-4aa0-be52-054427ce5f5e/1280x720/match/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Durhampossums
www.heraldsun.com/opinion/wr8a5i/picture233535197/alternates/LANDSCAPE_480/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Parked%20Scooters.jpg
www.newsobserver.com/latest-news/8kzor6/picture233529492/alternates/LANDSCAPE_480/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/f593fda7-ec7b-4c1b-94ed-d25b3388be1a/8469788a-b6ad-4c15-8bf7-25bd92db58db/1280x720/match/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/8ec87861-77ac-4f19-bb21-86e4ee16944a/fcf24088-aeda-4296-8a87-23632a14ca95/1280x720/match/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5502557045001/b06309dd-18cd-4622-a59e-e9ee77353350/091f84b6-914d-4680-b19a-ecb6c6628613/1280x720/match/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
apple-touch-icon-57-precomposed.png
www.newsobserver.com/wps/build/images/newsobserver/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
escenic_s_code.js
media2.newsobserver.com/mistats/products/ |
94 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
escenic.js
media2.newsobserver.com/mistats/products/ |
53 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
finalizestats.js
media2.newsobserver.com/mistats/ |
65 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi-footer.bundle-1601bef7c3eea92c5ecf.js
www.newsobserver.com/wps/build/webpack/ |
85 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ima3.js
imasdk.googleapis.com/js/sdkloader/ |
256 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris.adaptive.js
ovp.iris.tv/libs/adaptive/v2/ |
118 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brightcoveVideo.bundle-b18f94325133053659bc.js
www.newsobserver.com/wps/build/webpack/ |
776 KB 215 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
videoStory.bundle-52b649d41ef8fa8a4386.js
www.newsobserver.com/wps/build/webpack/ |
1 MB 308 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
conversion.js
www.googleadservices.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
md5.min.js
www.newsobserver.com/wps/source/scripts/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cc.js
tags.crwdcntrl.net/c/7447/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
footer.bundle-ba8eb192fecc244901e4.js
www.newsobserver.com/wps/build/webpack/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common.a1b94bb187eeca18507a.js
www.newsobserver.com/static/yozons-lib/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads.6eb41c2d697c840bfa75.js
www.newsobserver.com/static/yozons-lib/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common.js
media2.newsobserver.com/misites/all/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micb.js
media2.newsobserver.com/mistats/ |
103 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id
dpm.demdex.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assets.adobedtm.com
- URL
- https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
- Domain
- acdn.adnxs.com
- URL
- https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/en_US/sdk.js
- Domain
- www.google.com
- URL
- https://www.google.com/recaptcha/api.js
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/akam/11/2cb57ad8
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/latest-news/sp8l01/picture222548085/alternates/FREE_480/JUlq5IBr_400x400.jpg
- Domain
- cf-images.us-east-1.prod.boltdns.net
- URL
- https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998025001/a7c5cc18-880b-41b5-be4b-327a85ba978d/adcdc833-0e36-4b65-9d58-dbec8d0ea1a1/1280x720/match/image.jpg
- Domain
- cf-images.us-east-1.prod.boltdns.net
- URL
- https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/b1e71599-c1a7-46af-b298-7f418abf8406/6b8787d9-438c-4aa0-be52-054427ce5f5e/1280x720/match/image.jpg
- Domain
- www.heraldsun.com
- URL
- https://www.heraldsun.com/opinion/wr8a5i/picture233535197/alternates/LANDSCAPE_480/Durhampossums
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/latest-news/8kzor6/picture233529492/alternates/LANDSCAPE_480/Parked%20Scooters.jpg
- Domain
- cf-images.us-east-1.prod.boltdns.net
- URL
- https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/f593fda7-ec7b-4c1b-94ed-d25b3388be1a/8469788a-b6ad-4c15-8bf7-25bd92db58db/1280x720/match/image.jpg
- Domain
- cf-images.us-east-1.prod.boltdns.net
- URL
- https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998032001/8ec87861-77ac-4f19-bb21-86e4ee16944a/fcf24088-aeda-4296-8a87-23632a14ca95/1280x720/match/image.jpg
- Domain
- cf-images.us-east-1.prod.boltdns.net
- URL
- https://cf-images.us-east-1.prod.boltdns.net/v1/static/5502557045001/b06309dd-18cd-4622-a59e-e9ee77353350/091f84b6-914d-4680-b19a-ecb6c6628613/1280x720/match/image.jpg
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/wps/build/images/newsobserver/apple-touch-icon-57-precomposed.png
- Domain
- www.googleadservices.com
- URL
- https://www.googleadservices.com/pagead/conversion.js
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/wps/source/scripts/libs/md5.min.js
- Domain
- tags.crwdcntrl.net
- URL
- https://tags.crwdcntrl.net/c/7447/cc.js?ns=_cc7447
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/wps/build/webpack/footer.bundle-ba8eb192fecc244901e4.js
- Domain
- www.newsobserver.com
- URL
- https://www.newsobserver.com/static/yozons-lib/common.a1b94bb187eeca18507a.js
- Domain
- media2.newsobserver.com
- URL
- https://media2.newsobserver.com/misites/all/common.js
- Domain
- dpm.demdex.net
- URL
- https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1565038964291
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| gomez object| pageInfo object| googletag object| mistats object| adobe function| Visitor object| s_c_il number| s_c_in0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acdn.adnxs.com
ad.crwdcntrl.net
assets.adobedtm.com
cf-images.us-east-1.prod.boltdns.net
connect.facebook.net
dpm.demdex.net
imasdk.googleapis.com
media2.newsobserver.com
ovp.iris.tv
s.ntv.io
tags.crwdcntrl.net
www.google.com
www.googleadservices.com
www.heraldsun.com
www.newsobserver.com
acdn.adnxs.com
assets.adobedtm.com
cf-images.us-east-1.prod.boltdns.net
connect.facebook.net
dpm.demdex.net
media2.newsobserver.com
tags.crwdcntrl.net
www.google.com
www.googleadservices.com
www.heraldsun.com
www.newsobserver.com
2.18.234.163
23.37.52.89
2600:9000:200c:da00:15:d134:4e40:93a1
2a00:1450:4001:817::200a
46.51.199.167
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
18f9e6b96e326a7aa705c687fc8893c6b2df53acce477aefe2d0239d7b82fcb5
2ad6036893b9b548d5889f0d17ca25f2f031116243268143523f2558b6fb368c
2cc1925acb97b9f489bc84e5769bf7e973fa4ef79c67a0eb4e22282cf604294e
356bc3621f59109412509ad2b28e05a1c6dab7824460c9452856dd82dc27d68f
3d8693052eb6f2e83de77436c67ea948fcdc0a192ed8a25ad8f12bfaf61a160d
3f5b1c1e6f7179f1f47d06162c83139155bc3dbf0810ae907a07cb9950c4619e
5791a091410aa96b848a3dd08cf2a691e9ebce6c2d40354c67ba8eecf182e704
622d597a5e5ab7b1119b53a6dbb4b0b3705947cade85505895b14f7310f7b7d8
6e766377045213bba45ab9c084907663f44c91866fb7822097cccb5c5f929fcf
8670c5e23bd8faf309ad910c4fb12fda3267f89e0d7eda8b9d2b8d955cc8c040
9bba7e7799f19e97d88f0adac3eee88d4d8cad5681ea82fad46c770d0bb941c3
a5e767cb67dec9c8a3f8912281d976a681bb92e4c5ce215dff6e21e646bfe880
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
b3bfb55b49805cfe3a97d6efb010c9fc4ac4a9de87d0fcc26b6c360539addd3a
beec98d383e6249c59c306dca3810f332bb8804ef60db6c89f245a3c6fc396ca
c54c7415ed46552038ec9698fc844c4dc0ebe38a37be391a67ecedb53139d7e3
ca97a9e637a80974a3f61e7d747de727e7c10b7733e8545df1e2ed71a89cc40c
dae4d33d995616958774b76553c6e7ed2ad69f4aaefb156cf51167fd812d125d
fca9324ddb1346414ef44ca3c83a308dd4929c11f2f47efc000eb2e2177b8662