fs.nyt.net
Open in
urlscan Pro
54.174.6.239
Public Scan
Effective URL: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=...
Submission: On February 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 2nd 2021. Valid for: a year.
This is the only time fs.nyt.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 13.110.61.202 13.110.61.202 | 14340 (SALESFORCE) (SALESFORCE) | |
1 3 | 20.190.160.71 20.190.160.71 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 54.174.6.239 54.174.6.239 | 14618 (AMAZON-AES) (AMAZON-AES) | |
7 | 3 |
ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg1-c5-iad4.na167-ia4.my.salesforce.com
nytads.my.salesforce.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-6-239.compute-1.amazonaws.com
fs.nyt.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
nyt.net
fs.nyt.net |
696 KB |
3 |
microsoftonline.com
1 redirects
login.microsoftonline.com — Cisco Umbrella Rank: 28 |
62 KB |
3 |
salesforce.com
2 redirects
nytads.my.salesforce.com |
7 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
4 | fs.nyt.net |
fs.nyt.net
|
3 | login.microsoftonline.com |
1 redirects
login.microsoftonline.com
|
3 | nytads.my.salesforce.com | 2 redirects |
7 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
forgotpw.nyt.net |
sites.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-09 - 2022-07-08 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2021-11-24 - 2022-11-24 |
a year | crt.sh |
fs.nyt.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-02 - 2022-12-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
Frame ID: 954E159E4E8C80851FF78E8F8CF8788D
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
AnmeldenPage URL History Show full URLs
-
https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxT...
HTTP 302
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMz... HTTP 302
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAA... Page URL
- https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com Page URL
-
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com&sso_reload=true
HTTP 302
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: NYT Access FAQ
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%3D%3D
HTTP 302
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D&login_hint=caroline.bales%40nytimes.com&ec=302&sdtd=1 HTTP 302
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D Page URL
- https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com Page URL
-
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com&sso_reload=true
HTTP 302
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%3D%3D HTTP 302
- https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D&login_hint=caroline.bales%40nytimes.com&ec=302&sdtd=1 HTTP 302
- https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
authn-request.jsp
nytads.my.salesforce.com/saml/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
saml2
login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/ |
154 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ |
264 B 1 KB |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
fs.nyt.net/adfs/ls/ Redirect Chain
|
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
fs.nyt.net/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
fs.nyt.net/adfs/portal/logo/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.png
fs.nyt.net/adfs/portal/illustration/ |
649 KB 650 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| userNameInput object| loginMessage object| selectscrn12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nytads.my.salesforce.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
nytads.my.salesforce.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
.salesforce.com/ | Name: BrowserId Value: iK05B46JEeyXvsX04TR3-Q |
|
.salesforce.com/ | Name: BrowserId_sec Value: iK05B46JEeyXvsX04TR3-Q |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AQMAVTi9XDzOlUuiSjd5oEBTgbMSz7887yxFqM65YRjGbd8DAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrBUpDLiVlkOO8KmThFqIGo34UOasLSWAK5bmItEyxV5LcMNXkYMqodBJ-VU0j396AxCm3fKrVQKsckcSQUX5Rnwvire12kJiD2zeAeTqboqQgAA |
|
.login.microsoftonline.com/ | Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrZfF2k4m0aXSLFzgPD6fWbDgk9dwXedszfDLcNnNDo12ofRd1bCbj_5xqOC6iLYw7onpCg1BhEL5-p7kgOiJkiljqVLa4CMlFEnYkb9Zk0z0WquUBG2tEWW6UT_hBpLS84fjAW1nBEw4dm43Y0CZl6OG7H_XNQR6FtUm6oKKpoGzakgmXXr2m0kMflURjE1nlon8KmyaJca0tUNeYZDtBjlb9rwQXGpiNs0D-y_b_INGSSdafxHDHZcD84DwcBgsZMQLHBpZlYDk19uQfz8_eKgAcxukoTMe8duoC1YrNL4ei2iDEV_fn8nd2E7sG6WTBKdZayHAQYbI4yJY7fRZ1OB2GUr7raRkXaJ-J6upnCyltSFBU23Q3rfsHtsRcmJ9-E2r9gFhjWbWukRVQyoB2wNsG28-CzeC_LUjFGdCOE6a1y1AwOkYZr8hFNV6omWkE_q1uCCi1hOHNRH2g3OgDu514GS-KMzj2YqyWhbcl_FI6y53g3h5srPspI92s2JK1IAA |
|
login.microsoftonline.com/ | Name: fpc Value: Ajy5WNsxHaxHnkJsKOU6GOnIcsEtAQAAAN3hndkOAAAA |
|
.login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr-qL2GyaCMHQReRerkHVrdPhqYUhrgbKwFUOoSbhoLPAeX7_Qf6dUDVnNG_EjuN-wJ9t9wQzO8VvQ5C9MLFId9MnIEbM31cbcV6WwQ2ce8hJVnf7Md0Y3LMJH5HhChYOCNBAgUL7Ju6vgXHz14PdkyNJckQ_-hf_E4yaF_Ttmf9kgAA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fs.nyt.net
login.microsoftonline.com
nytads.my.salesforce.com
13.110.61.202
20.190.160.71
54.174.6.239
1119a89ea7d28e555faa253a51c03ea2deeea81beb2cf9bac4b70facd5d40d8c
47c8b22935bc876849dbb14cbe8e2e5166bed47df9e72dfd5a4050e80efc46e8
78852b532ab8f9b8ff3fd725da58ad8930ab28cacb740d1b15a1d1b055b4c3ad
8bba91809d4fa2e56dc2281813b2fe9d7aca7c8f8c29baaed8c2024b006b52bc
b2a117306596fd42fb9369cabd35ce511075f92be9fcfac147e911a4c5c01485