ls.ac-forum.ru Open in urlscan Pro
195.208.69.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y
Submission: On November 20 via manual (November 20th 2019, 4:13:44 pm UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 195.208.69.6, located in Russian Federation and belongs to MTS, RU. The main domain is ls.ac-forum.ru.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 6th 2019. Valid for: 2 years.

This is the only time ls.ac-forum.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	195.208.69.6 195.208.69.6		8359 (MTS) (MTS)
11	1

11 195.208.69.6 (Russian Federation)

ASN8359 (MTS, RU)

ls.ac-forum.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ac-forum.ru ls.ac-forum.ru	546 KB
11	1

	Domain	Requested by
11	ls.ac-forum.ru	ls.ac-forum.ru
11	1

This site contains no links.

Subject Issuer	Validity	Valid
*.ac-forum.ru Sectigo RSA Organization Validation Secure Server CA	`2019-02-06` - `2021-02-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y
Frame ID: 4C1A96A09678F7E0CA3730D744D6929F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

546 kB
Transfer

545 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response ls.ac-forum.ru/	19 KB 19 KB	1235ms 946ms	Document text/html	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / PHP/5.3.29 Resource Hash `e97380cec643d4d446fd186ec696a855a81625ecc44a413f8c7342f27a18c459` Request headers :method GET :authority ls.ac-forum.ru :scheme https :path /index.php?r=survey/index/sid/723793/lang/ru/newtest/Y pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 cache-control no-store, no-cache, must-revalidate,post-check=0, pre-check=0 pragma no-cache content-type text/html; charset=utf-8 expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Wed, 20 Nov 2019 16:03:31 GMT server Microsoft-IIS/10.0 x-powered-by PHP/5.3.29 set-cookie PHPSESSID=ruofub6so7llv4hdjqbcfmkrn2; expires=Thu, 21-Nov-2019 16:03:31 GMT; path=/; HttpOnly YII_CSRF_TOKEN=79f0e24aa75eac52b6523c850d6250a9914b9fbc; path=/ p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" date Wed, 20 Nov 2019 16:03:31 GMT content-length 19244
GET H2	200	jquery-ui-custom.css ls.ac-forum.ru/upload/templates/forum_default2/	29 KB 29 KB	63ms 61ms	Stylesheet text/css	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/upload/templates/forum_default2/jquery-ui-custom.css Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `07ef66d559e272b2fd1625b4c178170234d18a34e51ccc8d89bb2e3ad5eb9f8f` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 28 Feb 2018 07:32:35 GMT server Microsoft-IIS/10.0 etag "d0c3844d66b0d31:0" content-type text/css status 200 accept-ranges bytes content-length 29856
GET H2	200	template.css ls.ac-forum.ru/upload/templates/forum_default2/	32 KB 32 KB	112ms 110ms	Stylesheet text/css	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/upload/templates/forum_default2/template.css Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `fe98cf99e9f1f2ff6e64150f62c5c613472703e773fd61b744ccb85886a5d380` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Mon, 23 Sep 2019 16:54:46 GMT server Microsoft-IIS/10.0 etag "9f29ac9a2f72d51:0" content-type text/css status 200 accept-ranges bytes content-length 32657
GET H2	200	jquery-1.11.1.min.js Show response ls.ac-forum.ru/third_party/jquery/	94 KB 94 KB	116ms 115ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/third_party/jquery/jquery-1.11.1.min.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 11 Feb 2015 12:33:22 GMT server Microsoft-IIS/10.0 etag "01527ecf645d01:0" content-type application/javascript status 200 accept-ranges bytes content-length 95786
GET H2	200	jquery-ui-1.10.3.custom.min.js Show response ls.ac-forum.ru/third_party/jqueryui/js/	223 KB 223 KB	168ms 166ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/third_party/jqueryui/js/jquery-ui-1.10.3.custom.min.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `86257d4247cd96758088bb4126954daaf59bf05750d399ba1c050340605f0f23` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 11 Feb 2015 12:33:22 GMT server Microsoft-IIS/10.0 etag "01527ecf645d01:0" content-type application/javascript status 200 accept-ranges bytes content-length 228137
GET H2	200	jquery.ui.touch-punch.min.js Show response ls.ac-forum.ru/third_party/jquery-touch-punch/	1 KB 1 KB	57ms 56ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/third_party/jquery-touch-punch/jquery.ui.touch-punch.min.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `8074d47b5fc9e9bdcb9656d4f775b9ce839efd9060c3640ed434bfa1f88ba94d` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 11 Feb 2015 12:33:22 GMT server Microsoft-IIS/10.0 etag "01527ecf645d01:0" content-type application/javascript status 200 accept-ranges bytes content-length 1190
GET H2	200	survey_runtime.js Show response ls.ac-forum.ru/scripts/	16 KB 16 KB	114ms 113ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/scripts/survey_runtime.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `a517aa8b57f5c780dc846a7788079a004e7e84d6414d0a3e04602098673a80c4` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 11 Feb 2015 12:33:20 GMT server Microsoft-IIS/10.0 etag "0e8f5eaf645d01:0" content-type application/javascript status 200 accept-ranges bytes content-length 16667
GET H2	200	em_javascript.js Show response ls.ac-forum.ru/scripts/expressions/	117 KB 118 KB	211ms 210ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/scripts/expressions/em_javascript.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `a8f37f315ac5be0eda13354d7a1b97e9eec3ce4f1b2ba23df728dd14061d0984` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 11 Feb 2015 12:33:20 GMT server Microsoft-IIS/10.0 etag "0e8f5eaf645d01:0" content-type application/javascript status 200 accept-ranges bytes content-length 120279
GET H2	200	template.js Show response ls.ac-forum.ru/upload/templates/forum_default2/	9 KB 9 KB	216ms 216ms	Script application/javascript	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Full URL https://ls.ac-forum.ru/upload/templates/forum_default2/template.js Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `1e3005ea4dad51cd320c4f34387f0f99738725d1458c57c58af3cc7270b6120b` Request headers Referer https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Mon, 28 Oct 2019 11:48:25 GMT server Microsoft-IIS/10.0 etag "fab1719b858dd51:0" content-type application/javascript status 200 accept-ranges bytes content-length 9345
GET H2	200	forum-logo-3.jpg ls.ac-forum.ru/upload/templates/forum_default2/	5 KB 5 KB	60ms 60ms	Image image/jpeg	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Show image Full URL https://ls.ac-forum.ru/upload/templates/forum_default2/forum-logo-3.jpg Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/index.php?r=survey/index/sid/723793/lang/ru/newtest/Y Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `6466ff8099194e16eac5da69ce4476db94958b9b595884a84bf3454d57860117` Request headers Referer https://ls.ac-forum.ru/upload/templates/forum_default2/template.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 28 Feb 2018 07:38:03 GMT server Microsoft-IIS/10.0 etag "582c1167b0d31:0" content-type image/jpeg status 200 accept-ranges bytes content-length 4649
GET H2	200	ui-bg_glass_75_e6e6e6_1x400.png ls.ac-forum.ru/upload/templates/forum_default2/images/	110 B 172 B	51ms 50ms	Image image/png	195.208.69.6 MTS
General Check archive.org Show headers Download Go to Show image Full URL https://ls.ac-forum.ru/upload/templates/forum_default2/images/ui-bg_glass_75_e6e6e6_1x400.png Requested by Host: ls.ac-forum.ru URL: https://ls.ac-forum.ru/third_party/jquery/jquery-1.11.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.208.69.6 , Russian Federation, ASN8359 (MTS, RU), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash `ddf5dd4e0ef2b185e8bb0af7b6e90ebe74a84384cb4700658e76e754c8bfe550` Request headers Referer https://ls.ac-forum.ru/upload/templates/forum_default2/template.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 16:03:31 GMT last-modified Wed, 28 Feb 2018 07:32:35 GMT server Microsoft-IIS/10.0 etag "6f3a7b4d66b0d31:0" content-type image/png status 200 accept-ranges bytes content-length 110

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| setJsVar function| limesurveySubmitHandler function| needConfirmHandler function| checkconditions function| fixnum_checkconditions function| navbuttonsJqueryUi function| showStartPopups function| activateLanguageChanger function| manageIndex function| addClassEmpty function| noScrollOnSelect function| tableCellAdapters function| inArray function| match_regex function| addHiddenField function| cancelBubbleThis function| cancelEvent function| hookEvent function| noScroll function| getkey function| goodchars function| show_hide_group function| round function| maxlengthtextarea function| LEMcount function| LEMunique function| LEMcountif function| LEMcountifop function| LEMsumifop function| LEMpi function| LEMsum function| LEMintval function| LEMis_null function| LEMis_float function| LEMis_int function| LEMis_numeric function| LEMis_string function| LEMconvert_value function| LEMif function| LEMlist function| LEMlog function| LEMjoin function| LEMimplode function| LEMregexMatch function| LEMstrlen function| LEMstr_replace function| LEMstrpos function| LEMempty function| LEMbool function| LEMeq function| LEMval function| LEMfixnum function| LEMstrip_tags function| LEMstddev function| LEMstrtoupper function| LEMstrtolower function| LEManyNA function| LEMsetTabIndexes function| LEMflagMandOther function| is_bool function| addslashes function| html_entity_decode function| htmlentities function| get_html_translation_table function| htmlspecialchars function| htmlspecialchars_decode function| ltrim function| nl2br function| number_format function| quoted_printable_decode function| quoted_printable_encode function| quotemeta function| rtrim function| sprintf function| str_pad function| str_repeat function| strcasecmp function| strcmp function| strip_tags function| stripslashes function| stripos function| stristr function| strrev function| strstr function| strtotime function| substr function| trim function| ucwords function| checkdate function| date function| gmdate function| idate function| mktime function| rand function| time function| updateHeadings function| updateColors object| LSvar number| showpopup object| startPopups function| focusFirst function| correctPNG function| parseName function| showOption function| hideOption number| bFixNumAuto number| bNumRealValue string| LEMradix object| numRegex object| intRegex string| LEMmode number| LEMgseq function| ExprMgr_process_relevance_and_tailoring function| LEMrel10786 function| LEMrel10787 object| LEMalias2varName object| LEMvarNameAttr boolean| tabIndexesSet boolean| LEM_initialized string| last_evt_type undefined| last_sgqa boolean| relChange10778 boolean| relChange10785 boolean| relChange10786 boolean| relChange10787 boolean| relChangeG0 object| newval string| jsName object| attr number| sgqarel number| qrel number| grel string| value

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ls.ac-forum.ru/	1969-12-31 23:59:59	Name: YII_CSRF_TOKEN Value: 79f0e24aa75eac52b6523c850d6250a9914b9fbc
			ls.ac-forum.ru/	1970-01-19 05:19:12	Name: PHPSESSID Value: ruofub6so7llv4hdjqbcfmkrn2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ls.ac-forum.ru
195.208.69.6
07ef66d559e272b2fd1625b4c178170234d18a34e51ccc8d89bb2e3ad5eb9f8f
1e3005ea4dad51cd320c4f34387f0f99738725d1458c57c58af3cc7270b6120b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6466ff8099194e16eac5da69ce4476db94958b9b595884a84bf3454d57860117
8074d47b5fc9e9bdcb9656d4f775b9ce839efd9060c3640ed434bfa1f88ba94d
86257d4247cd96758088bb4126954daaf59bf05750d399ba1c050340605f0f23
a517aa8b57f5c780dc846a7788079a004e7e84d6414d0a3e04602098673a80c4
a8f37f315ac5be0eda13354d7a1b97e9eec3ce4f1b2ba23df728dd14061d0984
ddf5dd4e0ef2b185e8bb0af7b6e90ebe74a84384cb4700658e76e754c8bfe550
e97380cec643d4d446fd186ec696a855a81625ecc44a413f8c7342f27a18c459
fe98cf99e9f1f2ff6e64150f62c5c613472703e773fd61b744ccb85886a5d380