id.qedi.co.uk
Open in
urlscan Pro
45.60.15.204
Public Scan
Submitted URL: https://gotechnology.talentlms.com/
Effective URL: https://id.qedi.co.uk/Account/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dua_talentlms%26redirect...
Submission: On January 24 via manual from AU — Scanned from AU
Effective URL: https://id.qedi.co.uk/Account/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dua_talentlms%26redirect...
Submission: On January 24 via manual from AU — Scanned from AU
Summary
This website contacted 3 IPs
in 2 countries
across 4 domains to perform 17 HTTP transactions.
The main IP is 45.60.15.204, located in
United States and
belongs to INCAPSULA, US.
The main domain is id.qedi.co.uk.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on January 8th 2024. Valid for: 6 months.
This is the only time id.qedi.co.uk was scanned on urlscan.io!
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on January 8th 2024. Valid for: 6 months.
This is the only time id.qedi.co.uk was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 3.217.205.239 3.217.205.239 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 15 | 45.60.15.204 45.60.15.204 | 19551 (INCAPSULA) (INCAPSULA) | |
| 1 | 117.18.232.200 117.18.232.200 | 15133 (EDGECAST) (EDGECAST) | |
| 2 | 20.213.196.212 20.213.196.212 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 17 | 3 |
2
3.217.205.239
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-205-239.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-205-239.compute-1.amazonaws.com
| gotechnology.talentlms.com |
2
20.213.196.212
(Sydney, Australia)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| dc.services.visualstudio.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
qedi.co.uk
1 redirects
id.qedi.co.uk |
299 KB |
| 2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 729 |
204 B |
| 2 |
talentlms.com
2 redirects
gotechnology.talentlms.com |
2 KB |
| 1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383 |
22 KB |
| 17 | 4 |
| Domain | Requested by | |
|---|---|---|
| 15 | id.qedi.co.uk |
1 redirects
id.qedi.co.uk
|
| 2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
| 2 | gotechnology.talentlms.com | 2 redirects |
| 1 | az416426.vo.msecnd.net |
id.qedi.co.uk
|
| 17 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2024-01-08 - 2024-07-06 |
6 months | crt.sh |
| *.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2023-05-05 - 2024-04-28 |
a year | crt.sh |
| prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-01-09 - 2025-01-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://id.qedi.co.uk/Account/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dua_talentlms%26redirect_uri%3Dhttps%253A%252F%252Fgotechnology.talentlms.com%252Fsimplesaml%252Fmodule.php%252Fopenidconnect%252Fresume.php%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26state%3D_a9c4b0f977ec10b3a41876118f82745dca42e0a97b
Frame ID: 09D7C7024C5523B96E54220F28BA4B02
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Sign in to Go TechnologyPage URL History Show full URLs
-
https://gotechnology.talentlms.com/
HTTP 302
https://gotechnology.talentlms.com/index/ssologin/service:oidc HTTP 302
https://id.qedi.co.uk/connect/authorize?client_id=ua_talentlms&redirect_uri=https%3A%2F%2Fgotechno... HTTP 302
https://id.qedi.co.uk/Account/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dua_... Page URL
Detected technologies
AngularJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \bangular.{0,32}\.js
Glyphicons
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)
Imperva
(Security)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /_Incapsula_Resource
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gotechnology.talentlms.com/
HTTP 302
https://gotechnology.talentlms.com/index/ssologin/service:oidc HTTP 302
https://id.qedi.co.uk/connect/authorize?client_id=ua_talentlms&redirect_uri=https%3A%2F%2Fgotechnology.talentlms.com%2Fsimplesaml%2Fmodule.php%2Fopenidconnect%2Fresume.php&response_type=code&scope=openid+profile+email&state=_a9c4b0f977ec10b3a41876118f82745dca42e0a97b HTTP 302
https://id.qedi.co.uk/Account/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dua_talentlms%26redirect_uri%3Dhttps%253A%252F%252Fgotechnology.talentlms.com%252Fsimplesaml%252Fmodule.php%252Fopenidconnect%252Fresume.php%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%26state%3D_a9c4b0f977ec10b3a41876118f82745dca42e0a97b Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
SignIn
id.qedi.co.uk/Account/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PTSans.css
id.qedi.co.uk/lib/google/styles/ |
2 KB 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
glyphicons.css
id.qedi.co.uk/lib/glyphicons/styles/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
id.qedi.co.uk/lib/_libman/jquery/dist/ |
84 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.validate.min.js
id.qedi.co.uk/lib/_libman/jquery-validate/dist/ |
23 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.validate.unobtrusive.js
id.qedi.co.uk/lib/_libman/jquery-validation-unobtrusive/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular.min.js
id.qedi.co.uk/lib/_libman/angular/ |
172 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
signIn.min.js
id.qedi.co.uk/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
site.min.css
id.qedi.co.uk/css/ |
206 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wood_logo_grey.png
id.qedi.co.uk/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_Incapsula_Resource
id.qedi.co.uk/ |
143 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ptsans79B_mh0O6tLQ.woff2
id.qedi.co.uk/lib/google/fonts/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ptsans79D0KExQ.woff2
id.qedi.co.uk/lib/google/fonts/ |
44 KB 45 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_Incapsula_Resource
id.qedi.co.uk/ |
1 B 165 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 204 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| appInsights function| $ function| jQuery object| angular object| module object| data object| app function| signIn function| addAntiForgeryToken object| AI object| Microsoft function| __extends function| _endsWith10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| gotechnology.talentlms.com/ | Name: PHPSESSID Value: elb~hbh64lv6c98kf6ipk8pecqf8vq |
|
| gotechnology.talentlms.com/ | Name: login_token Value: 53864259a27d6e13f78a31fc090c0ee6 |
|
| .talentlms.com/ | Name: SimpleSAMLSessionID Value: 8de6d32b58569bfeb710efab07c7d9b3 |
|
| .qedi.co.uk/ | Name: visid_incap_2878635 Value: 1pxniGMCR/2eRNCCYonlLC1lsGUAAAAAQUIPAAAAAACxPWrLhGUMUtr+5MAmUUvd |
|
| .qedi.co.uk/ | Name: nlbi_2878635 Value: RvoibvOdWHJczPpDjnAEagAAAACl1tUvS6r3eliK5UZD2jTi |
|
| .qedi.co.uk/ | Name: incap_ses_971_2878635 Value: tZLaRDAKi2PtZIQxabF5DS1lsGUAAAAA4rKaXzk0BQ1gP7e7kgM/tw== |
|
| id.qedi.co.uk/ | Name: .AspNetCore.Antiforgery.9fXoN5jHCXs Value: CfDJ8PC-k-Tu1TFLtT1voPLsG6sxs6Vo0UN8kmJ5YAukfBzJd4OIsoeefvcL5GRSKPDTJ2aWtZiT3aAAt0X3AyKYGRhyBczW7fuBNRIeJhV1epK8tHSVf3yIqH-tJSXlSLwI68lcYFaagncRmWWsiCHYZhw |
|
| id.qedi.co.uk/ | Name: ___utmvc Value: dHMjzozMoaq2C4A+Mr0sgmQgt75PpFk3jlq84teJYAa4rfomR0iqjAImQV4nCI3Gh+OzN4XTAylaiMdzkzK0bJwA3Yc4h/rz4Ehh3FBQvMp/O/auTz/EBkaXdKlD8WTLwsMQd19OsT3RmOLzBl9HbzirqQ/Wyhaj9RZk5YUwudPRxFE6bYXR4U2hNEDwo667vHI8pp/zfdiijz6yaSA1tgKlS2IZlrvpryh6dKVVWZSJJiwRtCI8Vqn9NZc4yJR0JTXlOzA3Ay20E+LM8sx73aKG1K4XH86G3dzaEwJ2Taw/PaJbffiLW179GM1O17iIBZDJJU9VVouTQKW0Jrun2vWzOVjr4iA6NqYDV8/akO22ZXQEzICVBYrG/tolcgG6rq0s5BMgCHizmsh2MCyRNTHaIaygWAOotnGZbXbSCljLLsecntPOWm5II0pODoOun7gVV/cAymHqM189KwRZ3ZogrzAqtmLN+vj5SXGOUSQk0MLrjipGc+8ZYsyPSis5iKpYgGZsZ52YxuQIysw2U7VQ6hYNkGxW+K8f11ePZPyPQHARjr8Rr6/WDkGCdYVsHClHsuw/Wc7nJNL7XNiVmdnlTpXI2s2i9NhCeT5VdqaLwONfGeMJ3Frg3c4KSInx6ZgndivKzLX9O8wP+UOiDJws8/8wDBKQl+iWgoGsS/hU1nOmLwH8EfNjhjWK69zv4fAEOwSpgXyS/9YkYoJ5u8aFfyQQ9IslkDx4GKVCHD6vCbiclaICmcPDTeVmytr0vKDcE/mAUQS/3Cx8LXRn52ogP4B72W7VOZ6AL5Q6JlXyHuWb+BmRGnqrdNdxaBlzXfk2Y5/lPtA6NClvscI+tv31b6QgPevD6rbohw8kBtubfIBT1cb8Q8RIpJTJYDsA4XjYmuStLoYNZ7yq95+c1y5rkIjxWDDZmcI8udeKJkz1U1zEK+njVFY+x/1MhvnZEVrxHv1M562QwenVIwTskzjmE1rFxq+g4dEoLJbrQQab23dTDmYIWMDxyyg70wlgNtTl7sNblJKhX4TEgmJVc+ejLiFBgEwjr/vAbaM/LL1uZK4w8NssVAlTzcLY1n21QA0YFu2SL/NIneZECjSW2OWxkD6fYLiwQ7+GKCEF/FTq8FroDdgbHoLUtGY8VJCgdxtJiXlAHJpEWSxi/PdUvj4a/2fgNoxybvcVGm175xr3E2MEAeo0+IEuoxs6AbjtRFG7fGVH3M+az1e4JOmQ6Om47/Tj24qHJipJm+9BWOdrabEfIaOMF9uR0kSckX0iHcMoqt/9R0X6GxgfRKP5FCIfOlfzBi05/2GMLmhV4dgxe2QwPdcfy2+tkYJz4cPPOCuA2r2JgIFq/0DiwGbCaSGdJTYj6mkCzVsy41IAixxrSvQJAT39wULHNWPuKt943ydr/yiEiat1KBdZ/tnoVRocHF9JmFXy8XlXc7OYm0RGE5EtNcBw7PmuZsa5TESI7+6ObGvlQ6ZdBgK+8fEV02DQ+dCXzyG/XtIpu+ABe+vkM2H8rptMX5B6tfODawJ4OJvdzuIXc+ZVQF74Ej+6If/T+QYV70c/J3vHy0bmdg9nWN1IyDDfTvI1JQXHROa1fzz0p9jyabR7vBB1QDSTfy5wF0AxB8DXLEZ9VGqo6RGecXCVeFS6JS1/asIuLx4ABvlq5EZY3eAy+GvCETvji70ds0ucnsZe7PZw6mynWMuNUKNGMx1D2hJzQ5nfNrQ3/6p0WuWjGF3k1fMAy+eqUBYD+5nZlHvX+K10uqo1+QrFMpsw2optjT0EOZ7+wH69dgEM7GFrdQ5jlMWLhcrZpc3AGn6eUd0yCvTal+uvWsV2repAXZZVagbhBMrhgQJ0phble9jbemAmuyu6IQJt7L4CIOOQod14+YQja0GU7cM5A8g2rocwx6RtCJ7fQMjMzDDKDuxFtAGvlEQA8iMXY3vldWT451jL9ZKhKvBba3aEHNVar8T34PIpnzaCOoWNiFJlLXyUTSFLf6K0zKGMOOpUKGmHZ62hM7PlxgG/+73q49GnAJPwxbIH7YN0YmHeQ6uOgO0K0mC9hVwO962oGaDIddCaqUuKYMkUD3MKZxbvffaBtxewbilZst3a0Ma6VueU4Ex18ktZb8ocwA/rFirxfv/bZGbJzcUqCb6sGokoRVd93RgHlpxcmR4futTlP2tEDOmGOjTEfNFdtPKivH6wttlFhU9Z2S3vYIEuThkAB0DtouDXGYzqLggUi+qRT6ij+EaLWnSqqSv/hFqgu1wNIwitb47hgwyY2aeeJvrfoMTLKQGCaYF/oCrPumKQQ8IXdRYtFWs5nflwcGsO1Pbhd56JZy1v9gjinp+n+6R9yycSppzpPoOsrjugMlaTVKsDJX2crs6G/3M+6aYdaxY2weP/PtfK+AEtfqxyDQnokAg1rVChxsZnyfyLw79nbeRieVt6e5bFz7V6oqq+hTOWhsHFB31TzJjC5aK2rQot7tlESUsDqR0J4uuuLwhDQEsUWxghRjQcGSCstEYt6VDwSCsVxRVzrhBELHYAdxTu56vV6m5bgOPbV5RA0hE6HcE8SApk8i7T74WbI7CYuaxyGFcuthGwTF3ty9WIYitaYG/yaHNWTC6dSnnHGI7CZ8y7R3hyfmLwxUVSO/cFLfNi0MqQgyqZDbJX/uz6ehyYE9Cit7v0JTyWgSvXrolJXldqJp4bPhhpndcEO8uVAlKXNgxqWi2tZPw5oSyeAXvC2dstUiRi8Nu4q++SYVM3tWFQ1btcg5U8pmxcFd6yh3W4t8aMyvSm/VDPlAZFc5305cczwsBpMy4M1FpiXbm+SxXaLGRpZ2VzdD0xOTI4Njkscz03ZDhhYTU4Mjc5N2M2MzliNzg4YmE4ODg3MjdhNmI5ZThiYTQ2NDkzYTM5MTdkYTJhNzg3OTg5MDc5NzI5MzhkNjk4NjdjOGY3NWEwNmY3NQ== |
|
| id.qedi.co.uk/ | Name: ai_user Value: auLfx|2024-01-24T01:17:35.184Z |
|
| id.qedi.co.uk/ | Name: ai_session Value: F8s6E|1706059055487.3|1706059055487.3 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=86400 |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
dc.services.visualstudio.com
gotechnology.talentlms.com
id.qedi.co.uk
117.18.232.200
20.213.196.212
3.217.205.239
45.60.15.204
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
291cb5e21f6998f2151c5335f6c10c9223aaccbdf96d7ac966dad1a4e4088624
32d9617b64d3841779c398e6c53ab268b1736b692c018dcfd8bda21fb9f52f74
3afac91f57f0d530bd339e91ca85e5ad758e9e464e60f71cd372245dc969e6ee
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
64d2a56ca0bd78dce855d295058c3c03bcb73dc979537da9581eabe8fac903e2
6753d8c5aa38078b00beac531a50783ed73475b3562c105af923409b22948e11
abb9ef8fea3f47d6956fe803c8e3a9f5b2ee5b5fefefc7c3b083f04b0f6fa759
cb21df013da10ee02f80d231ab6cbd2ed09ab9fa204fd7c71f71e888924f08e8
d36a8c1d7cd85f41db59f6b0daf313507def3b79acf775668f516ad0b51ebe16
d7cc7756e8bd9b77f541a1d3d642b161ec7850ae6444491d0a42cf3bf9cec0cd
db7862d0083ae74b5c94005d18274c3528f1be2932b72438e2f606a3d1f23ab5
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855