delivery.butler.rest
Open in
urlscan Pro
195.208.0.103
Public Scan
Submission: On June 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 9th 2021. Valid for: a year.
This is the only time delivery.butler.rest was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 195.208.0.103 195.208.0.103 | 48287 (RU-CENTER) (RU-CENTER) | |
3 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 46.137.163.140 46.137.163.140 | 16509 (AMAZON-02) (AMAZON-02) | |
3 7 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
27 | 4 |
ASN48287 (RU-CENTER, RU)
PTR: ctv-carp7-http.nic.ru
delivery.butler.rest |
ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-163-140.eu-west-1.compute.amazonaws.com
bitrix.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
butler.rest
delivery.butler.rest |
3 MB |
5 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 9980 |
2 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52 |
3 KB |
2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3500 |
70 KB |
2 |
bitrix.info
bitrix.info — Cisco Umbrella Rank: 41702 |
4 KB |
27 | 5 |
Domain | Requested by | |
---|---|---|
18 | delivery.butler.rest |
delivery.butler.rest
|
5 | mc.yandex.com |
2 redirects
delivery.butler.rest
|
3 | fonts.googleapis.com |
delivery.butler.rest
|
2 | mc.yandex.ru |
1 redirects
delivery.butler.rest
|
2 | bitrix.info |
delivery.butler.rest
bitrix.info |
27 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
butler.rest |
vk.com |
t.me |
novoxpro.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
delivery.butler.rest Sectigo RSA Domain Validation Secure Server CA |
2021-05-09 - 2022-06-08 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-09 - 2022-08-01 |
3 months | crt.sh |
*.bitrix.info Go Daddy Secure Certificate Authority - G2 |
2022-03-15 - 2023-04-16 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2022-05-21 - 2022-10-31 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://delivery.butler.rest/
Frame ID: 694E4E1D6FCD0BB368F72C1CC0C87393
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Доставка блюд и полуфабрикатов из ресторана BUTLER - доставка ресторана ButlerDetected technologies
1C-Bitrix (CMS) ExpandDetected patterns
- (?:<link[^>]+components/bitrix|(?:src|href)="/bitrix/(?:js|templates))
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Основной сайт
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Novox Pro
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9664.YxxXlo8knrEORUeuZ2vZkVBCVTG4bWrAbHjbTSTRuFbEwsqNrFyLeb7nlRdyXmOS.nnW_vS2ytH-FKSmUedX8kPDoQ8Q%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9664.-9FFRYjWf0MkX6ygY57uPe7Zqg7AbWf9Nx2t234iBqIF5z0KbQ-BHrswqtFARPTgwEKLb6usBv-hskBthSeJ-w%2C%2C.fZ7epWjSuCyeqaNiiXmykjPzNKU%2C
- https://mc.yandex.com/watch/62725690?wmode=7&page-url=https%3A%2F%2Fdelivery.butler.rest%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A90948453372%3Ahid%3A729414324%3Az%3A0%3Ai%3A20220609194717%3Aet%3A1654804037%3Ac%3A1%3Arn%3A967460642%3Arqn%3A1%3Au%3A16548040371057414363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654804036155%3Ads%3A176%2C232%2C70%2C3%2C%2C0%2C%2C250%2C16%2C%2C%2C%2C732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654804037%3At%3A%D0%94%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%20%D0%B1%D0%BB%D1%8E%D0%B4%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D1%83%D1%84%D0%B0%D0%B1%D1%80%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%D0%B7%20%D1%80%D0%B5%D1%81%D1%82%D0%BE%D1%80%D0%B0%D0%BD%D0%B0%20BUTLER%20-%20%D0%B4%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%20%D1%80%D0%B5%D1%81%D1%82%D0%BE%D1%80%D0%B0%D0%BD%D0%B0%20Butler&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/62725690/1?wmode=7&page-url=https%3A%2F%2Fdelivery.butler.rest%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A90948453372%3Ahid%3A729414324%3Az%3A0%3Ai%3A20220609194717%3Aet%3A1654804037%3Ac%3A1%3Arn%3A967460642%3Arqn%3A1%3Au%3A16548040371057414363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654804036155%3Ads%3A176%2C232%2C70%2C3%2C%2C0%2C%2C250%2C16%2C%2C%2C%2C732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654804037%3At%3A%D0%94%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%20%D0%B1%D0%BB%D1%8E%D0%B4%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D1%83%D1%84%D0%B0%D0%B1%D1%80%D0%B8%D0%BA%D0%B0%D1%82%D0%BE%D0%B2%20%D0%B8%D0%B7%20%D1%80%D0%B5%D1%81%D1%82%D0%BE%D1%80%D0%B0%D0%BD%D0%B0%20BUTLER%20-%20%D0%B4%D0%BE%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%20%D1%80%D0%B5%D1%81%D1%82%D0%BE%D1%80%D0%B0%D0%BD%D0%B0%20Butler&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
delivery.butler.rest/ |
22 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kernel_main_v1.css
delivery.butler.rest/bitrix/cache/css/s1/sushi/kernel_main/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template_82802c938788a6f6e9e5ca79500b09b3_v1.css
delivery.butler.rest/bitrix/cache/css/s1/sushi/template_82802c938788a6f6e9e5ca79500b09b3/ |
165 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-dark.svg
delivery.butler.rest/local/templates/sushi/img/logo/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light.svg
delivery.butler.rest/local/templates/sushi/img/logo/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kernel_main_v1.js
delivery.butler.rest/bitrix/cache/js/s1/sushi/kernel_main/ |
309 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kernel_main_polyfill_promise_v1.js
delivery.butler.rest/bitrix/cache/js/s1/sushi/kernel_main_polyfill_promise/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadext.min.js
delivery.butler.rest/bitrix/js/main/loadext/ |
810 B 1010 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
extension.min.js
delivery.butler.rest/bitrix/js/main/loadext/ |
1 KB 798 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
template_b94e5f443708f0c5fec03568b537a9c8_v1.js
delivery.butler.rest/bitrix/cache/js/s1/sushi/template_b94e5f443708f0c5fec03568b537a9c8/ |
312 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
15 KB 997 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 803 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a3a771e5f014d862fe6ef22a4373295c.jpg
delivery.butler.rest/upload/iblock/a3a/ |
613 KB 614 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec363d8b9f6fe926b29827f4ed1108df.JPG
delivery.butler.rest/upload/iblock/ec3/ |
582 KB 583 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
34956020d83254ef400c112ac372bb13.jpg
delivery.butler.rest/upload/iblock/349/ |
834 KB 835 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a978c486df58f319d6be8e5f3ac85c4f.jpg
delivery.butler.rest/upload/iblock/a97/ |
421 KB 422 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIDisplay-Bold.woff2
delivery.butler.rest/local/templates/sushi/fonts/sfui/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
delivery.butler.rest/local/templates/sushi/fonts/fontawesome/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIDisplay-Regular.woff2
delivery.butler.rest/local/templates/sushi/fonts/sfui/ |
42 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ba.js
bitrix.info/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
203 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ajax_counter.php
delivery.butler.rest/bitrix/tools/conversion/ |
2 B 637 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bx_stat
bitrix.info/ |
42 B 543 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/62725690/ Redirect Chain
|
357 B 466 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| BX function| CBXSession object| bxSession object| phpVars object| jsUtils function| JCFloatDiv object| jsFloatDiv function| BXHint function| WaitOnKeyPress function| ShowWaitWindow function| CloseWaitWindow object| jsSelectUtils function| BXInputPopup object| jsCalendar string| ajaxUrl boolean| inProgress object| timeoutId function| sendQtyToCart function| addToCart function| $ function| jQuery object| bootstrap function| mixitup object| lazySizes object| _ba string| sessId function| ym function| _ba_punycode object| _baq object| Ya object| yaCounter6272569014 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.delivery.butler.rest/ | Name: PHPSESSID Value: Z77dtdTuJ3wYvhXrIygDrh4Pdd64BklS |
|
.bitrix.info/ | Name: bx_user_id Value: e255200cc1b560f1bae4ff19ced4877b |
|
delivery.butler.rest/ | Name: BX_USER_ID Value: e255200cc1b560f1bae4ff19ced4877b |
|
.butler.rest/ | Name: _ym_uid Value: 16548040371057414363 |
|
.butler.rest/ | Name: _ym_d Value: 1654804037 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 1947093534fake |
|
.butler.rest/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 125050391fake |
|
.yandex.com/ | Name: yandexuid Value: 5963967491654804037 |
|
.yandex.com/ | Name: yuidss Value: 5963967491654804037 |
|
mc.yandex.com/ | Name: yabs-sid Value: 2585913751654804037 |
|
.yandex.com/ | Name: i Value: PaZXWfcX4KjwKHxVx4qTxDXPlttQ585uuGjbHY7hbzT4xipBymceK1WhRcNjctnetnHk9hUoPTHiiFeeT3gXlgV6Fe8= |
|
.yandex.com/ | Name: ymex Value: 1686340037.yrts.1654804037#1686340037.yrtsi.1654804037 |
|
.delivery.butler.rest/ | Name: BITRIX_CONVERSION_CONTEXT_s1 Value: %7B%22ID%22%3A1%2C%22EXPIRE%22%3A1654808340%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bitrix.info
delivery.butler.rest
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
195.208.0.103
2a00:1450:4001:82b::200a
2a02:6b8::1:119
46.137.163.140
031dd8a30c58fcb69c0e1813ea71c9f850c7c1cc0d6b9edbd4b7f82b262165b7
0dbe217cf9691cc18af3861619846f52a1458c715593ec8babf824103ee1c08e
10670c3adff4b8983dcd2573f866dfb0fe3a82fec079e0d67a677b970a5c3708
194a24313cb1d365d8641f6730f786d8966fc55abc7325af44046f347d679b0a
223589062ab446c9ea9b0cf4c09b9d4607cee74912bfd295436aee00266fdc78
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30b15f99a80728cb1f3fce01f74ab70a1fbb5ca1862814baf514c66336998467
310c7ae8693c7f8ad510aa5fa990094c4202ff14538500cdf4c5e5428ec3f01a
40328dc5e5aa6d2f2961d7470e4052f1bdb72713b461721417c6d12b79e7da3b
474b4d7266171e03c8efcd904e8010bd8cb11a068d5e67b5450bc46d768a41e9
4904f9e17645f3b0ad5eaee1896f35715c37653b82b1ae20fc4f65404b39d613
493351e1e8ee3e5edf7b10e854973d3edd1f61d2459333303a216076e0e0935f
4faf0b6e1044f4b247abaccd4aa62aa1fceb2ce15ccdc3b3c86a4e9386a824a1
5091a49a8212ef34cfaf789790f0ac3b660b4530d8977e2037a1b0ad9b3d4b04
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710
8d531f6a14589b1f273b079dd0e540e6cfc2c3dc7ad298108f85edcaa0420b64
93c69f9fc008de320feb53017acc547d27f407db8e1b6aa374052670737cfee1
9a12a1f8ac40f9761d14822fe59f8ebd020778afcfe9b64edccc9f0ae3dd94f2
9d971b3cd15f5f21bdd1daef3923eb14e0f98d321fe23f7ee4ab6255c7c324b0
ae0b86356d67fe996c22145f55c1132b424b5be1d88ad245a2faf946c28d5984
b00faa405f9244f5d0ccd38e0a97321a5df7662d78c2627e684bf755d1e161c0
ccef95d26440502c392a67815755587463a835739ba0afbf2a20baaed1055460
df899972372e12c230ab2b95a480554caf6c3e73beb123a28727622be2461a21
f571a02b29e475bb29a792e721d9b0aec365d4f0a678101d2a4025afaaa2a164