anketa.alfabank.ru
Open in
urlscan Pro
217.12.97.206
Public Scan
Effective URL: https://anketa.alfabank.ru/alfaform-refpil/step1?scenarioId=PIL_FULL__INN_ab7&platformId=alfapartners_cpa_118_PIL-PIL-70fie...
Submission: On March 23 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on January 15th 2019. Valid for: 2 years.
This is the only time anketa.alfabank.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 108.61.211.100 108.61.211.100 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
1 2 | 37.1.218.193 37.1.218.193 | 50673 (SERVERIUS-AS) (SERVERIUS-AS) | |
1 1 | 212.224.118.36 212.224.118.36 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
1 11 | 217.12.97.206 217.12.97.206 | 15632 (ALFA-BANK-AS) (ALFA-BANK-AS) | |
4 | 2a00:1450:400... 2a00:1450:4001:824::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 89.184.82.134 89.184.82.134 | 28907 (MIROHOST ...) (MIROHOST Web hosting) | |
3 | 217.12.98.163 217.12.98.163 | 15632 (ALFA-BANK-AS) (ALFA-BANK-AS) | |
1 | 54.171.133.33 54.171.133.33 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 149.202.122.195 149.202.122.195 | 16276 (OVH) (OVH) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 4 | 104.111.250.158 104.111.250.158 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 185.63.188.19 185.63.188.19 | 29182 (THEFIRST-AS) (THEFIRST-AS) | |
1 | 144.76.219.93 144.76.219.93 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 151.101.120.157 151.101.120.157 | 54113 (FASTLY) (FASTLY - Fastly) | |
3 | 217.69.136.176 217.69.136.176 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
2 | 87.240.129.71 87.240.129.71 | 47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com) | |
2 | 104.244.42.69 104.244.42.69 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 104.244.42.195 104.244.42.195 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 | 80.252.91.53 80.252.91.53 | 15830 (TELECITY-LON) (TELECITY-LON) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:818::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 81.19.77.13 81.19.77.13 | 24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS) | |
47 | 22 |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.211.100.vultr.com
alfaabank.ru |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde49-3.fornex.org
ad.admitad.com |
ASN15632 (ALFA-BANK-AS, RU)
PTR: host206.97.12.217.alfabank.ru
anketa.alfabank.ru |
ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: 89.184.82.134.mirohost.net
google-analytics-suite.bi.owox.com |
ASN15632 (ALFA-BANK-AS, RU)
PTR: host163.98.12.217.alfabank.ru
click.alfabank.ru |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-133-33.eu-west-1.compute.amazonaws.com
api.flocktory.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-250-158.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.93.219.76.144.clients.your-server.de
statad.ru |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com |
ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv71-129-240-87.vk.com
vk.com |
ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com |
ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: front.bnet.rambler.ru
sync.rambler.ru |
Domain | Requested by | |
---|---|---|
11 | anketa.alfabank.ru |
1 redirects
financelife.ru
anketa.alfabank.ru |
5 | mc.yandex.ru |
1 redirects
financelife.ru
anketa.alfabank.ru |
4 | secure-ds.serving-sys.com |
1 redirects
google-analytics-suite.bi.owox.com
anketa.alfabank.ru |
4 | www.google-analytics.com |
anketa.alfabank.ru
|
3 | top-fwz1.mail.ru |
bn.adblender.ru
top-fwz1.mail.ru |
3 | click.alfabank.ru |
financelife.ru
anketa.alfabank.ru |
2 | t.co |
anketa.alfabank.ru
|
2 | vk.com |
anketa.alfabank.ru
|
2 | www.facebook.com |
anketa.alfabank.ru
|
2 | connect.facebook.net |
financelife.ru
connect.facebook.net |
2 | google-analytics-suite.bi.owox.com |
anketa.alfabank.ru
google-analytics-suite.bi.owox.com |
2 | financelife.ru | 1 redirects |
1 | sync.rambler.ru |
srcdoc
|
1 | www.google.de |
anketa.alfabank.ru
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | bs.serving-sys.com |
secure-ds.serving-sys.com
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | static.ads-twitter.com |
bn.adblender.ru
|
1 | statad.ru |
anketa.alfabank.ru
|
1 | click.adkratos.ru |
financelife.ru
|
1 | bn.adblender.ru |
financelife.ru
|
1 | api.flocktory.com |
google-analytics-suite.bi.owox.com
|
1 | ad.admitad.com | 1 redirects |
1 | alfaabank.ru | 1 redirects |
47 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
alfabank.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
anketa.alfabank.ru Thawte RSA CA 2018 |
2019-01-15 - 2021-03-24 |
2 years | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.BI.OWOX.COM GeoTrust RSA CA 2018 |
2018-02-21 - 2019-04-10 |
a year | crt.sh |
click.alfabank.ru Thawte EV RSA CA 2018 |
2018-05-11 - 2020-06-09 |
2 years | crt.sh |
*.flocktory.com Go Daddy Secure Certificate Authority - G2 |
2018-05-15 - 2019-07-25 |
a year | crt.sh |
*.adblender.ru COMODO RSA Domain Validation Secure Server CA |
2018-12-24 - 2019-12-25 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-03-08 - 2019-06-06 |
3 months | crt.sh |
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA |
2018-12-03 - 2020-03-03 |
a year | crt.sh |
click.adkratos.ru Let's Encrypt Authority X3 |
2019-03-09 - 2019-06-07 |
3 months | crt.sh |
statad.ru Let's Encrypt Authority X3 |
2019-02-13 - 2019-05-14 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2018-08-16 - 2019-08-21 |
a year | crt.sh |
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2 |
2019-01-18 - 2021-01-18 |
2 years | crt.sh |
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2 |
2018-07-13 - 2019-07-14 |
a year | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2019-03-07 - 2020-03-07 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-01-28 - 2020-01-28 |
a year | crt.sh |
bs.yandex.ru Yandex CA |
2018-10-03 - 2019-10-03 |
a year | crt.sh |
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2 |
2018-03-08 - 2020-03-08 |
2 years | crt.sh |
www.google.de Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.rambler.ru RapidSSL RSA CA 2018 |
2018-07-19 - 2019-05-06 |
10 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://anketa.alfabank.ru/alfaform-refpil/step1?scenarioId=PIL_FULL__INN_ab7&platformId=alfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork&afclick=71886affd78b97d4458c6fa8c6ac1e55&sub1=206454&sub2=1&sub3=f7dc54e84e&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=PIL-PIL-70field-approve-14626-AlfaCredit&product=pil&PIL=&abtest=PIL_FULL__INN
Frame ID: 776B6BB72D1EE4241D5A9BC07ED68239
Requests: 52 HTTP requests in this frame
Frame:
https://sync.rambler.ru/set?partner_id=2965bc38-6a93-49e8-8069-4feed64a4ede&id=1a80824e-b930-49b0-8e7f-76ff1ffba73e
Frame ID: 4E676D22E1DA9DD7320F3E3F3159BCD6
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://alfaabank.ru/
HTTP 302
http://financelife.ru/company/alfabank.ru?r=n7o35tdi35phgqcw9bzf51c64kzf5cidnufhgbbax7k3hnix4uqx81... HTTP 302
http://financelife.ru/company/alfabank.ru Page URL
-
https://ad.admitad.com/g/0by6fwpjop49ea73e4bbf7dc54e84e/
HTTP 302
https://anketa.alfabank.ru/alfaform/?platformId=alfapartners_cpa_118_PIL-PIL-70field-approve-14626-Alfa... HTTP 302
https://anketa.alfabank.ru/alfaform-refpil/step1?scenarioId=PIL_FULL__INN_ab7&platformId=alfapartners_c... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- env /^Modernizr$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Оставить обратную связь
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://alfaabank.ru/
HTTP 302
http://financelife.ru/company/alfabank.ru?r=n7o35tdi35phgqcw9bzf51c64kzf5cidnufhgbbax7k3hnix4uqx811zxztfeq6pxnhi5qijsq1f5qbyxkhiznd99t HTTP 302
http://financelife.ru/company/alfabank.ru Page URL
-
https://ad.admitad.com/g/0by6fwpjop49ea73e4bbf7dc54e84e/
HTTP 302
https://anketa.alfabank.ru/alfaform/?platformId=alfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork&afclick=71886affd78b97d4458c6fa8c6ac1e55&sub1=206454&sub2=1&sub3=f7dc54e84e&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=PIL-PIL-70field-approve-14626-AlfaCredit&product=pil&PIL HTTP 302
https://anketa.alfabank.ru/alfaform-refpil/step1?scenarioId=PIL_FULL__INN_ab7&platformId=alfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork&afclick=71886affd78b97d4458c6fa8c6ac1e55&sub1=206454&sub2=1&sub3=f7dc54e84e&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=PIL-PIL-70field-approve-14626-AlfaCredit&product=pil&PIL=&abtest=PIL_FULL__INN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://alfaabank.ru/ HTTP 302
- http://financelife.ru/company/alfabank.ru?r=n7o35tdi35phgqcw9bzf51c64kzf5cidnufhgbbax7k3hnix4uqx811zxztfeq6pxnhi5qijsq1f5qbyxkhiznd99t HTTP 302
- http://financelife.ru/company/alfabank.ru
- https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/8609 HTTP 302
- https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-1247553-1&cid=400445666.1553303121&jid=676836089&gjid=914370223&_gid=416566486.1553303121&_u=6GDAgEAB~&z=480375813 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1247553-1&cid=400445666.1553303121&jid=676836089&_v=j73&z=480375813 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1247553-1&cid=400445666.1553303121&jid=676836089&_v=j73&z=480375813&slf_rd=1&random=2876991351
- https://mc.yandex.ru/watch/16914655?wmode=7&page-ref=http%3A%2F%2Ffinancelife.ru%2Fcompany%2Falfabank.ru&page-url=https%3A%2F%2Fanketa.alfabank.ru%2Falfaform-refpil%2Fstep1%3FscenarioId%3DPIL_FULL__INN_ab7%26platformId%3Dalfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork%26afclick%3D71886affd78b97d4458c6fa8c6ac1e55%26sub1%3D206454%26sub2%3D1%26sub3%3Df7dc54e84e%26utm_source%3Dalfapartners%26utm_medium%3Dcpa%26utm_campaign%3D118%26utm_content%3DPIL-PIL-70field-approve-14626-AlfaCredit%26product%3Dpil%26PIL%3D%26abtest%3DPIL_FULL__INN&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553303120082%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190323010521%3Aet%3A1553303122%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A592167527%3Ahid%3A475206035%3Ads%3A0%2C0%2C66%2C7%2C347%2C0%2C0%2C825%2C2%2C%2C%2C%2C1253%3Afp%3A610%3Agdpr%3A14%3Av%3A1508%3Awv%3A2%3Ast%3A1553303122%3Au%3A15533031221044122716%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%B8%D0%BB%D0%B8%20%D1%80%D0%B5%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5 HTTP 302
- https://mc.yandex.ru/watch/16914655/1?wmode=7&page-ref=http%3A%2F%2Ffinancelife.ru%2Fcompany%2Falfabank.ru&page-url=https%3A%2F%2Fanketa.alfabank.ru%2Falfaform-refpil%2Fstep1%3FscenarioId%3DPIL_FULL__INN_ab7%26platformId%3Dalfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork%26afclick%3D71886affd78b97d4458c6fa8c6ac1e55%26sub1%3D206454%26sub2%3D1%26sub3%3Df7dc54e84e%26utm_source%3Dalfapartners%26utm_medium%3Dcpa%26utm_campaign%3D118%26utm_content%3DPIL-PIL-70field-approve-14626-AlfaCredit%26product%3Dpil%26PIL%3D%26abtest%3DPIL_FULL__INN&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553303120082%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190323010521%3Aet%3A1553303122%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A592167527%3Ahid%3A475206035%3Ads%3A0%2C0%2C66%2C7%2C347%2C0%2C0%2C825%2C2%2C%2C%2C%2C1253%3Afp%3A610%3Agdpr%3A14%3Av%3A1508%3Awv%3A2%3Ast%3A1553303122%3Au%3A15533031221044122716%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%B8%D0%BB%D0%B8%20%D1%80%D0%B5%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5
47 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
alfabank.ru
financelife.ru/company/ Redirect Chain
|
208 B 690 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
step1
anketa.alfabank.ru/alfaform-refpil/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.181f2468.css
anketa.alfabank.ru/alfaform-refpil/assets/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.f9b4b375.css
anketa.alfabank.ru/alfaform-refpil/assets/ |
355 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.79523b61.js
anketa.alfabank.ru/alfaform-refpil/assets/ |
1 MB 330 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.b8f7198d.js
anketa.alfabank.ru/alfaform-refpil/assets/ |
853 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
google-analytics-suite.bi.owox.com/ |
255 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_roboto-rouble_regular.62900ae1.woff
anketa.alfabank.ru/alfaform-refpil/assets/static/media/ |
7 KB 3 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
sp.js
click.alfabank.ru/metrica/ |
72 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.js
api.flocktory.com/v2/ |
171 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.js
bn.adblender.ru/c/alfabank/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
click.adkratos.ru/ |
0 250 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
statad.ru/ |
43 B 397 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1011762258891737
connect.facebook.net/signals/config/ |
186 KB 45 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
code.js
top-fwz1.mail.ru/js/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 330 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 166 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtrg
vk.com/ |
49 B 330 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
counter
top-fwz1.mail.ru/ |
43 B 855 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneTagDefaultConfig.json
secure-ds.serving-sys.com/BurstingCachedScripts/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
application
anketa.alfabank.ru/alfaform-refpil/api/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 267 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneTagDefaultConfig.json
secure-ds.serving-sys.com/BurstingCachedScripts/ |
11 B 217 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
330 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Serving
bs.serving-sys.com/ |
7 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
471 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
848 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_roboto-rouble_bold.c37f39f8.woff
anketa.alfabank.ru/alfaform-refpil/assets/static/media/ |
7 KB 3 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_roboto-rouble_medium.7b07f235.woff
anketa.alfabank.ru/alfaform-refpil/assets/static/media/ |
7 KB 3 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_roboto-rouble_light.62ce335e.woff
anketa.alfabank.ru/alfaform-refpil/assets/static/media/ |
7 KB 3 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
google-analytics-suite.bi.owox.com/ |
43 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
253 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
i
click.alfabank.ru/metrica/retail/ |
43 B 346 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/16914655/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/16914655/ |
152 B 706 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tracker
top-fwz1.mail.ru/ |
43 B 763 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
i
click.alfabank.ru/metrica/retail/ |
43 B 346 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set
sync.rambler.ru/ Frame 4E67 |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 144 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
60 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| GlobalSnowplowNamespace function| sp object| date function| fbq function| _fbq object| versaTag function| setCookie function| getParam object| gclid undefined| gclsrc object| f object| b object| __core-js_shared__ function| twq object| _tmr object| Adblender function| webpackJsonp object| twttr object| flocktory object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| Modernizr function| __main function| getState undefined| aid object| Snowplow undefined| oneTagObj object| bsResponseObj object| Ya object| yaCounter16914655 string| first_page27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.alfabank.ru/ | Name: GTM_rambler_user Value: 1 |
|
.alfabank.ru/ | Name: alfa_ia_param_afclick Value: 71886affd78b97d4458c6fa8c6ac1e55 |
|
.alfabank.ru/ | Name: _ym_isad Value: 2 |
|
.alfabank.ru/ | Name: _ym_visorc_16914655 Value: w |
|
.alfabank.ru/ | Name: _sp_id.3c2b Value: 1a80824e-b930-49b0-8e7f-76ff1ffba73e.1553303121.1.1553303122.1553303121.2ef1bdb5-1a19-4630-a9cb-ed7a7d885e1e |
|
.alfabank.ru/ | Name: _dc_gtm_UA-1247553-1 Value: 1 |
|
.alfabank.ru/ | Name: alfa_ia_param_ya_cid Value: undefined |
|
.alfabank.ru/ | Name: _sp_ses.3c2b Value: * |
|
.alfabank.ru/ | Name: alfabank_data_guid Value: undefined |
|
anketa.alfabank.ru/ | Name: _ga_cid Value: 400445666.1553303121 |
|
.alfabank.ru/ | Name: _fbp Value: fb.1.1553303120945.631890056 |
|
.alfabank.ru/ | Name: _gat_Alfabank_ru_refinAnketa Value: 1 |
|
anketa.alfabank.ru/ | Name: ab_alfaform_pil_original Value: PIL_FULL__INN |
|
.alfabank.ru/ | Name: _ym_uid Value: 15533031221044122716 |
|
.alfabank.ru/ | Name: GTM_platformId Value: alfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork |
|
.alfabank.ru/ | Name: _gat_Alfabank_ru_refin Value: 1 |
|
.alfabank.ru/ | Name: _ym_d Value: 1553303122 |
|
anketa.alfabank.ru/ | Name: BIGipServer~External_Services~anketa_alfaform_pool Value: !5QZTmYBJA/XuWuPXarVJs5G0MElTej+JpvfZAe53CL1n11Y3Dhiu8iXoAjmVH6bOCDkaMMMTJiRreDv15W7XI1d/xZtMz2Ys4WrznHsB9A== |
|
.alfabank.ru/ | Name: _gid Value: GA1.2.416566486.1553303121 |
|
anketa.alfabank.ru/ | Name: staduid Value: https%3A%2F%2Fanketa.alfabank.ru%2Falfaform-refpil%2Fstep1%3FscenarioId%3DPIL_FULL__INN_ab7%26platformId%3Dalfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork%26afclick%3D71886affd78b97d4458c6fa8c6ac1e55%26sub1%3D206454%26sub2%3D1%26sub3%3Df7dc54e84e%26utm_source%3Dalfapartners%26utm_medium%3Dcpa%26utm_campaign%3D118%26utm_content%3DPIL-PIL-70field-approve-14626-AlfaCredit%26product%3Dpil%26PIL%3D%26abtest%3DPIL_FULL__INN |
|
.alfabank.ru/ | Name: __SourceTracker Value: alfapartners__cpa |
|
anketa.alfabank.ru/ | Name: alfa-csrf Value: MYCMzTeMrgXPEcGtAccKJQLlmRzxW8q974vAGN2RP3f |
|
anketa.alfabank.ru/ | Name: platformId Value: alfapartners_cpa_118_PIL-PIL-70field-approve-14626-AlfaCredit-admitad-206454-cpanetwork |
|
.alfabank.ru/ | Name: afclick Value: 71886affd78b97d4458c6fa8c6ac1e55 |
|
anketa.alfabank.ru/ | Name: BIGipServer~External_Services~alfaform-pil-flow-api-2 Value: !ejvF3E/JF3BnLPzXarVJs5G0MElTeub/nXpgeRpbdRBO30EYMOW68jzGaG9ReX3Hx/YjXHVcHuqJCBl8BT9CArDoW4cyUle+9tSl98C2Yg== |
|
.alfabank.ru/ | Name: _ga Value: GA1.2.400445666.1553303121 |
|
anketa.alfabank.ru/ | Name: BIGipServer~External_Services~alfaform-refpil Value: !18OoYGgfFGifklzXarVJs5G0MElTekbYjYH+mcjHD1hMwkoZ+RRhjHHaNIUMMVhpkUSbf3cwGU74AFT8LMv0ECP2MdgqtrsJlkm1PAxECA== |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.admitad.com
alfaabank.ru
analytics.twitter.com
anketa.alfabank.ru
api.flocktory.com
bn.adblender.ru
bs.serving-sys.com
click.adkratos.ru
click.alfabank.ru
connect.facebook.net
financelife.ru
google-analytics-suite.bi.owox.com
mc.yandex.ru
secure-ds.serving-sys.com
statad.ru
static.ads-twitter.com
stats.g.doubleclick.net
sync.rambler.ru
t.co
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
104.111.250.158
104.244.42.195
104.244.42.69
108.61.211.100
144.76.219.93
149.202.122.195
151.101.120.157
185.63.188.19
212.224.118.36
217.12.97.206
217.12.98.163
217.69.136.176
2a00:1450:4001:818::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c08::9d
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
37.1.218.193
54.171.133.33
80.252.91.53
81.19.77.13
87.240.129.71
89.184.82.134
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
142a937dd258fb692ef88228bead54d767ef24dd91b8604bbdc9e6e955afbb36
16dd7be20e8c7883d85903de43597115167a3ef6dba0f641210c054d2188b3dd
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29d84696a71889e1d692ea1fc2251a18bc8f44ddf2317e4e728815b7315c8e03
2abf46572d3041208078014b9aa1ede180e84c9e5227d1c7f8ee482de43558ba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300dea5352ce7449c31356038f60eff290a4bb5907867b8facac4ee5051c3534
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3761d85eed5c184a02a6d0f4219287d40774010de3ef3c0370dcecf3856749bc
3d692e6383a8db2c3efb9d0aa82fd2fd6f37e6066100a231bcabb907e1234362
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f9b88b0a6c4dad8b8b173747c736a241c1574f6f3ea2f38099c568ab86cafd
5c6bedff94884ac76679bc1ddeb5596b70f533869e9dbf19864bab5fb0214af7
6738d1b7cd0ccda53efe01c6816820e22f8c8787b717dd886cde1b9f9a57f61d
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
71360290b052616e93c98abae42c251be110cf5c0daaffc823a386bcda77ad68
76259e5660f9a00cd49477b03980d792c587e093c144132ac8f49c9bc2121c79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa6b4feceb83df12f9a1c585b82aba0fb317e8fc1f0d8af712476d24e399f69
91a90b8203c6c16ad1d8af3b1cfc63e609f7e710390e939af6f00debd7b806e2
98a0b23e1b2ce459293afadb5cf8ca1d9ebd0e56d6c898f9c9c2cb225d64e63a
98a19ecfde373f2632a0a4b3823b34c952735c052b7b83318c0503ee53c6f290
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9a862134b248c3abb77e35d9fd546b9e668f030088139d331fcfba6ce8eae1c5
a740ac2338f7fef66240a789c78b9bbff93b2717b2d10e9b792e0b2377b0a4ce
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b15a7773f45b6b4121bdc2194d6111956f235e6c04b205048a59384e96bcd8d9
b90952a765976332007d8c48cee324e57345dffc94175b13f62785d5ec6ffeeb
c2ec7d5f2281d5a978abef8e5e86195a03adae77c5513a7c0f5cb696332e3426
c49ad7a998831182b33ec342cad8369f37921db1f124e92101108cad0142b485
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd077d9cb337f13164eb95fbf80039dbc35fb69e9896f2e9b71894daba7cbd4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa3deefcffcef51aa293e26a6136974ccdaeff29449b154fad3c22cc13cd161
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0609e8b3e498b57c25c3cfbe5322e1042ae3f850d63287d27937d78adeffc8f
e3819920d3c48c3394ee61be723a8ebac3552bf508d22f4fa2aa008f2f56b7ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebbb663bedc3b610e6888a048f07993490dc3495d85d70da36daee87b09826f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d14b60df39db333c65bbdce9839fcc79de60561bcb96f7398c7ea2970160f
fd09cc8521101baefd4f8d0e6bda08a2c7aaf7c0064e67561c43e50a562ba5e5