![](/screenshots/8fd8580e-6ad6-4392-a863-8e6c23893d53.png)
zero-credit.ru
Open in
urlscan Pro
185.182.110.76
Public Scan
Effective URL: https://zero-credit.ru/
Submission: On August 13 via automatic, source certstream-suspicious — Scanned from US
Summary
TLS certificate: Issued by R11 on August 13th 2024. Valid for: 3 months.
This is the only time zero-credit.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 185.182.110.76 185.182.110.76 | 197695 (AS-REG) (AS-REG) | |
22 | 178.21.8.220 178.21.8.220 | 197695 (AS-REG) (AS-REG) | |
3 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 | 2a03:90c0:999... 2a03:90c0:9996::9996 | 199524 (GCORE) (GCORE) | |
31 | 4 |
ASN197695 (AS-REG, RU)
PTR: chat.cetis.ru
widget.replain.cc | |
storage.replain.cc | |
app.replain.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
replain.cc
widget.replain.cc — Cisco Umbrella Rank: 497131 storage.replain.cc app.replain.cc — Cisco Umbrella Rank: 497753 |
798 KB |
8 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 6787 |
4 KB |
2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2503 |
71 KB |
2 |
zero-credit.ru
1 redirects
www.zero-credit.ru zero-credit.ru |
3 KB |
1 |
tildacdn.com
static.tildacdn.com — Cisco Umbrella Rank: 58972 |
5 KB |
31 | 5 |
Domain | Requested by | |
---|---|---|
14 | widget.replain.cc |
zero-credit.ru
widget.replain.cc |
8 | mc.yandex.com |
2 redirects
zero-credit.ru
mc.yandex.ru |
4 | app.replain.cc |
widget.replain.cc
|
4 | storage.replain.cc |
zero-credit.ru
|
2 | mc.yandex.ru |
1 redirects
zero-credit.ru
|
1 | static.tildacdn.com |
zero-credit.ru
|
1 | zero-credit.ru | |
1 | www.zero-credit.ru | 1 redirects |
31 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
solutions.reg.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
zero-credit.ru R11 |
2024-08-13 - 2024-11-11 |
3 months | crt.sh |
widget.replain.cc R10 |
2024-06-18 - 2024-09-16 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-05-23 - 2024-11-02 |
5 months | crt.sh |
*.tildacdn.com GlobeSSL DV CA |
2024-02-07 - 2025-02-20 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://zero-credit.ru/
Frame ID: 5323E20307357DBE9FB05A308B2FB192
Requests: 17 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: BE0774DD269CFFBD9F7CB9245C23B72D
Requests: 1 HTTP requests in this frame
Frame:
https://widget.replain.cc/dist/js/widget.9eb6b126.js
Frame ID: 3AACC00469A5B6B14A51E47520895F6D
Requests: 11 HTTP requests in this frame
Screenshot
![](/screenshots/8fd8580e-6ad6-4392-a863-8e6c23893d53.png)
Page Title
Кредитный НольPage URL History Show full URLs
-
https://www.zero-credit.ru/
HTTP 301
http://zero-credit.ru/ HTTP 307
https://zero-credit.ru/ Page URL
Detected technologies
Detected patterns
- tilda(?:cdn|\.ws|-blocks)
![](/vendor/wappa/icons/Vue.js.png)
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
![](/vendor/wappa/icons/Yandex.Metrika.png)
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: REG.solutions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.zero-credit.ru/
HTTP 301
http://zero-credit.ru/ HTTP 307
https://zero-credit.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10460.gvlUGrmRNeYESJoCc74rYZosApeIhwCWxOqGmJgFP8ZG6X2_xhdCBgL6DHfyanHI.x0TyTs7LwnzFl9bAQPrNaWJRqd4%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10460.u0biaKtgqlFn4VVUKrEwnUd5pudA2Wmfa6XQgpCl3fGQHCWxpLSMK_K-22GVrM4g1no7Z9btdYk5eG6lzNU4UxtXLz_Nb3NSe5mt5MnkLtcidQoazAIfSBAo7YMdW-g6ih_qRMrtORuuB3_9mQbKPAqG2Xkc53WQr2oiCHh15neTN6YtHefA72AMV3OrYdVHKyAjnrydUaXhu58mEFLCmTsl-9eyCGCwsZKpqdQwIbA%2C.zMDu18ho8Q78xdTjKrum8ZAIpVI%2C
- https://mc.yandex.com/watch/95267997?wmode=7&page-url=https%3A%2F%2Fzero-credit.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1648207296056%3Ahid%3A636037801%3Az%3A-600%3Ai%3A20240812203811%3Aet%3A1723531092%3Ac%3A1%3Arn%3A945720257%3Arqn%3A1%3Au%3A1723531092422271287%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A8915%3Awv%3A2%3Ads%3A0%2C483%2C301%2C2%2C3623%2C0%2C%2C2235%2C0%2C%2C%2C%2C8608%3Aco%3A0%3Acpf%3A1%3Ans%3A1723531082874%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723531093%3At%3A%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%9D%D0%BE%D0%BB%D1%8C&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
- https://mc.yandex.com/watch/95267997/1?wmode=7&page-url=https%3A%2F%2Fzero-credit.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1648207296056%3Ahid%3A636037801%3Az%3A-600%3Ai%3A20240812203811%3Aet%3A1723531092%3Ac%3A1%3Arn%3A945720257%3Arqn%3A1%3Au%3A1723531092422271287%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A8915%3Awv%3A2%3Ads%3A0%2C483%2C301%2C2%2C3623%2C0%2C%2C2235%2C0%2C%2C%2C%2C8608%3Aco%3A0%3Acpf%3A1%3Ans%3A1723531082874%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723531093%3At%3A%D0%9A%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%9D%D0%BE%D0%BB%D1%8C&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
zero-credit.ru/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsite.94ff2ddf.js
widget.replain.cc/dist/js/ |
635 KB 226 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsite.eeb6a703.css
widget.replain.cc/dist/css/ |
95 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
widget.replain.cc/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-ru-json.a9514e54.js
widget.replain.cc/dist/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MabryPro-Regular.c0d1fa4a.woff2
widget.replain.cc/dist/fonts/ |
53 KB 54 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16976109668543e9ff77206777.png
storage.replain.cc/uploads/20231018/ |
162 KB 163 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_RegSolutions.svg
static.tildacdn.com/tild3363-3434-4531-b839-653065656338/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MabryPro-Bold.b6950e64.woff2
widget.replain.cc/dist/fonts/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 672 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 616 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame BE07 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/95267997/ Redirect Chain
|
464 B 772 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.9eb6b126.js
widget.replain.cc/dist/js/ Frame 3AAC |
323 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.bbae7d05.css
widget.replain.cc/dist/css/ Frame 3AAC |
45 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1697611146417d2d4dd512bed2.png
storage.replain.cc/uploads/20231018/ |
94 KB 94 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
auth
app.replain.cc/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
auth
app.replain.cc/ Frame 3AAC |
320 B 713 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.c5bc0cbc.mp3
widget.replain.cc/dist/media/ Frame 3AAC |
24 KB 24 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16976111719629ca612b2cf3c7.ico
storage.replain.cc/uploads/20231018/ |
22 KB 23 KB |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-ru-json.a9514e54.js
widget.replain.cc/dist/js/ Frame 3AAC |
6 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
banners
app.replain.cc/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
banners
app.replain.cc/ Frame 3AAC |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16976109668543e9ff77206777.png
storage.replain.cc/uploads/20231018/ Frame 3AAC |
162 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.svg
widget.replain.cc/dist/img/modules/messengers/ Frame 3AAC |
1 KB 897 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.svg
widget.replain.cc/dist/img/modules/messengers/ Frame 3AAC |
1 KB 924 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.svg
widget.replain.cc/dist/img/modules/messengers/ Frame 3AAC |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp.svg
widget.replain.cc/dist/img/modules/messengers/ Frame 3AAC |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
95267997
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
95267997
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| replainSettings object| replainContent function| ym boolean| replainInitialized object| webpackChunkwidget object| Ya object| yaCounter95267997 object| ReplainWidget function| ReplainAPI19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yandex.ru/ | Name: i Value: 4I/OnOecw3J7L6cVZjrQvuUg7StqZSxp0re9rPqu27I9MGDdbvZ1lfVPLsbsYuRfhfP0xAkOypkFq9J9NQaRZIrX0ZU= |
|
.yandex.ru/ | Name: yandexuid Value: 6965864681723531091 |
|
.yandex.ru/ | Name: yashr Value: 6541493761723531091 |
|
.zero-credit.ru/ | Name: _ym_uid Value: 1723531092422271287 |
|
.zero-credit.ru/ | Name: _ym_d Value: 1723531092 |
|
.yandex.com/ | Name: yashr Value: 1882830481723531092 |
|
.zero-credit.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 1455257133fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2159522203fake |
|
.yandex.com/ | Name: yandexuid Value: 6965864681723531091 |
|
.yandex.com/ | Name: yuidss Value: 6965864681723531091 |
|
.yandex.com/ | Name: i Value: 4I/OnOecw3J7L6cVZjrQvuUg7StqZSxp0re9rPqu27I9MGDdbvZ1lfVPLsbsYuRfhfP0xAkOypkFq9J9NQaRZIrX0ZU= |
|
.yandex.com/ | Name: yp Value: 1723617492.yu.9140205121723531092 |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
mc.yandex.com/ | Name: yabs-sid Value: 1201218511723531092 |
|
.yandex.com/ | Name: ymex Value: 1726123092.oyu.9140205121723531092#1755067092.yrts.1723531092 |
|
.yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.yandex.com/ | Name: bh Value: KgI/MGDV/uu1Bg== |
|
.zero-credit.ru/ | Name: _ym_visorc Value: w |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff nosniff |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.replain.cc
mc.yandex.com
mc.yandex.ru
static.tildacdn.com
storage.replain.cc
widget.replain.cc
www.zero-credit.ru
zero-credit.ru
178.21.8.220
185.182.110.76
2a02:6b8::1:119
2a03:90c0:9996::9996
1d4d6059e571630f675dcc18965a0e125f9653d8e42c55fa81a2df869dcebf60
1e9a2aaeb12beaafba6cd71d1600a9b10eb203412ca892c85957d074393b0d57
3ded36ae36390713fcc89a60c7b13a62391db7a19bd6b1fad1b5bcc16b6bdc27
3fef1503b1d2224fa281fcba3d4e49f2bfc83e738ad5aecd23fce4f1a21fc26b
40cc40239c212f107bdfc9113c17f830b73137aebf9d258f68afa45fb574e161
4e1b041d48f406de1a1621e7a10eec68355620287ac3c49c229983f8ec671814
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60e4dbab265348f6e8d155d6a650cf0c60d07286d8e7c78efc2e689e28476f7e
6a8948fa659da1771daf0e89bbca73792e42b73dd7685f2b36e5f0a104d0eabf
7bcaa2f6e9af317996108465c05c09168f0ce6affb1c34d7a19baccbddc05739
8c5cafb400111375b3e635e173a3f2bc57c6ac041072440c5e2bec935e698ce0
920060d1419d620ad3d73d9c934d347ac89e2915387bdfa7b5f02faf73d86267
a39c64761f778107930ca7ea303718e866e58a0bb89aead9c0205ed4db6fb7df
a5e443140d6155be02e158887a6d21f34b186fdb7593dd4bd2c931ff79a0e2ce
a6b1cf6d5b46683fe4b23dd308c893106d91fc413b0f329f7b089f919481dde1
aeafba572c1283ab06c76293f14c749d86ee348ed6af9d0bd04b80b004e22691
d263648f3d03590d652601acfd73394bf852ca7dcb18fb31667489140a8917d4
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
d7f378d54481e210102bdb343fad22f0791045abc22b0c132a20a40e1900d46f
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
e132488e97612c368c694a4c9e29db2097ceca178df3f95c989af1e1255f1417
e689ff60dc861c6c4ca3c01db35686426541c3d67987295006f4abdf19280f62
f2889789abb71b86c72f82aacf4ee145f0f57b497a6efdfb4b411e7688f79a0e