newyorkartnews.org
Open in
urlscan Pro
50.87.146.6
Public Scan
URL:
http://newyorkartnews.org/Artists/link.php?url=----://go.ultratracks.xyz%2Fsl%3Fid%3D5f5b69631a6e4b18792251ff%26pid%3D88
Submission: On October 27 via manual from IN
Submission: On October 27 via manual from IN
Summary
This website contacted 6 IPs
in 3 countries
across 9 domains to perform 16 HTTP transactions.
The main IP is 50.87.146.6, located in
Provo, United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is newyorkartnews.org.
This is the only time newyorkartnews.org was scanned on urlscan.io!
This is the only time newyorkartnews.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 50.87.146.6 50.87.146.6 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 10 | 2a00:1450:400... 2a00:1450:4001:81e::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 213.227.132.161 213.227.132.161 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
| 1 2 | 172.67.185.179 172.67.185.179 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 172.217.23.130 172.217.23.130 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:800::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:801::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 16 | 6 |
1
50.87.146.6
(Provo, United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-146-6.unifiedlayer.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-146-6.unifiedlayer.com
| newyorkartnews.org |
10
2a00:1450:4001:81e::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| googleads.g.doubleclick.net | |
| adservice.google.de | |
| adservice.google.com |
1
172.217.23.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
| partner.googleadservices.com |
1
2a00:1450:4001:800::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
2
2a00:1450:4001:801::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
178 KB |
| 3 |
doubleclick.net
googleads.g.doubleclick.net |
|
| 2 |
t500track58.com
1 redirects
en.bitcoin-now.t500track58.com |
1013 B |
| 1 |
googletagservices.com
www.googletagservices.com |
28 KB |
| 1 |
google.com
adservice.google.com |
168 B |
| 1 |
google.de
adservice.google.de |
246 B |
| 1 |
googleadservices.com
partner.googleadservices.com |
633 B |
| 1 |
ultratracks.xyz
1 redirects
go.ultratracks.xyz |
353 B |
| 1 |
newyorkartnews.org
newyorkartnews.org |
784 B |
| 16 | 9 |
| Domain | Requested by | |
|---|---|---|
| 5 | pagead2.googlesyndication.com |
newyorkartnews.org
pagead2.googlesyndication.com |
| 3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 2 | en.bitcoin-now.t500track58.com |
1 redirects
newyorkartnews.org
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | go.ultratracks.xyz | 1 redirects |
| 1 | newyorkartnews.org | |
| 16 | 10 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.g.doubleclick.net GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
http://newyorkartnews.org/Artists/link.php?url=----://go.ultratracks.xyz%2Fsl%3Fid%3D5f5b69631a6e4b18792251ff%26pid%3D88
Frame ID: 802C337942EB665E19DEA7F59D0656E1
Requests: 11 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: 09C068CA03A1C80D2F5CDE0639B93811
Requests: 1 HTTP requests in this frame
Frame:
http://en.bitcoin-now.t500track58.com/?session=6d0ee051a1374418a72ae9ed07343832&aff_id=8635&fpp=1&pixelsettings=en.bitcoin-now.t500track58.com%2Ffbp%3Fev%3D%7Bev%7D%26pixel%3D%7Bpixel%7D
Frame ID: 73496B6F2956C7773F1F600BC839F01B
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-7921662411&output=html&h=90&adk=3646354614&adf=795214251&w=728&lmt=1603791458&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=728x90_as&color_bg=%23ffffff&color_border=%23000066&color_link=%23000066&color_text=%23990000&color_url=%23990000&url=http%3A%2F%2Fnewyorkartnews.org%2FArtists%2Flink.php%3Furl%3D----%3A%2F%2Fgo.ultratracks.xyz%252Fsl%253Fid%253D5f5b69631a6e4b18792251ff%2526pid%253D88&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603791458562&bpp=16&bdt=42&idt=116&shv=r20201021&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3845836416468&frm=20&pv=2&ga_vid=276761435.1603791459&ga_sid=1603791459&ga_hid=95766895&ga_fc=0&iag=0&icsg=650&dssz=6&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068084&oid=3&pvsid=992862241892095&pem=42&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oZBPuMVeDT&p=http%3A//newyorkartnews.org&dtd=135
Frame ID: BC878FB664F0860C1D4ACC119855395D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-7921662411&output=html&adk=3808244291&adf=70607376&lmt=1603791459&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnewyorkartnews.org%2FArtists%2Flink.php%3Furl%3D----%3A%2F%2Fgo.ultratracks.xyz%252Fsl%253Fid%253D5f5b69631a6e4b18792251ff%2526pid%253D88&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603791459661&bpp=2&bdt=1141&idt=2&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcacca866d6924244-2230dc4058a60096%3AT%3D1603791458%3ART%3D1603791458%3AS%3DALNI_MYs7KxxIqxwRvzyDRuqb6iqinab2g&prev_fmts=728x90_as&nras=1&correlator=3845836416468&frm=20&pv=1&ga_vid=276761435.1603791459&ga_sid=1603791459&ga_hid=95766895&ga_fc=0&iag=0&icsg=10890&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068084&oid=3&pvsid=992862241892095&pem=42&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=7
Frame ID: BB0693C15425D377E78F4ACD0A8AB079
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: DE421F2618E6A79EFA141CB43F2DFCA9
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
DoubleClick Ad Exchange (AdX)
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\/pagead\/show_ads\.js/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://go.ultratracks.xyz/sl?id=5f5b69631a6e4b18792251ff&pid=88 HTTP 302
- http://en.bitcoin-now.t500track58.com/09t5?aff_sub=5f97ea62f397bf00019a1e2a HTTP 302
- http://en.bitcoin-now.t500track58.com/?session=6d0ee051a1374418a72ae9ed07343832&aff_id=8635&fpp=1&pixelsettings=en.bitcoin-now.t500track58.com%2Ffbp%3Fev%3D%7Bev%7D%26pixel%3D%7Bpixel%7D
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
link.php
newyorkartnews.org/Artists/ |
981 B 784 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
show_ads.js
pagead2.googlesyndication.com/pagead/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ |
230 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame 09C0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
/
en.bitcoin-now.t500track58.com/ Frame 7349 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
208 B 633 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 246 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame BC87 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
72 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
131 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ads
googleads.g.doubleclick.net/pagead/ Frame BB06 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame DE42 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 49 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
178 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| trustedTypes object| google_ad_client object| google_ad_width object| google_ad_height object| google_ad_format object| google_ad_type object| google_ad_channel object| google_color_border object| google_color_bg object| google_color_link object| google_color_text object| google_color_url object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_trust_token_operation_status number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_slot object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_line object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_core_dbp object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_lact object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_only_pyv_ads object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_scs object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_video_url_to_fetch object| google_webgl_support object| google_yt_pt object| google_yt_up object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_refresh_count object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| adsbygoogle function| google_spfd object| GoogleGcLKhOms object| google_image_requests4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .youtube.com/ | Name: YSC Value: hzN6EoBPluE |
|
| .youtube.com/ | Name: VISITOR_INFO1_LIVE Value: vJ0eVw1U6A0 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUms6zF4HTXBmem0engu7SC_lD_OungBTkS5P4oeuJEUeYd5gNhgvEyaSSIE |
|
| .newyorkartnews.org/ | Name: __gads Value: ID=cacca866d6924244-2230dc4058a60096:T=1603791458:RT=1603791458:S=ALNI_MYs7KxxIqxwRvzyDRuqb6iqinab2g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
en.bitcoin-now.t500track58.com
go.ultratracks.xyz
googleads.g.doubleclick.net
newyorkartnews.org
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.googletagservices.com
172.217.23.130
172.67.185.179
213.227.132.161
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:81e::2002
50.87.146.6
01808ad104ebf0c6db5fffa423b07d150a9f245699b3d86233db4d840a7099a8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
353359acf186f7fffc2100f5827d87259ab502aa61fe1e83e46f9cbd77589568
3d5b7c083a1df3b29e25eb9d66f226dedbbe7e85150ff4064f675b1863940c13
40ec12e3469b3816e39b5e941448f61697b1bd3228757859ca40ba4d7f2b32bc
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
a1e7d3da1cd8b0ea252edac0bfdad0f978db71fb8a79eb59cc145e5459ade5d3
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855