174.138.18.197 Open in urlscan Pro
174.138.18.197  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 174.138.18.197/	19 KB 8 KB	544ms 484ms	Document text/html	174.138.18.197 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://174.138.18.197/ Protocol HTTP/1.1 Server 174.138.18.197 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.24.0 (Ubuntu) / Resource Hash 540d2dd252d83ce68af7d9878dfe3adf593724d39e9628f99778125fb6ca8a9b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 19 Mar 2024 04:39:01 GMT ETag W/"65ce1900-4dc0" Last-Modified Thu, 15 Feb 2024 14:00:32 GMT Server nginx/1.24.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	bannerjamu.png 174.138.18.197/	799 KB 799 KB	271ms 271ms	Image image/png	174.138.18.197 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://174.138.18.197/bannerjamu.png Requested by Host: 174.138.18.197 URL: http://174.138.18.197/ Protocol HTTP/1.1 Server 174.138.18.197 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.24.0 (Ubuntu) / Resource Hash 4cf322833a99b387b92cb6a76ba02939a96d0ae4c5606566ddf9082834a85af5 Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 19 Mar 2024 04:39:01 GMT Last-Modified Thu, 15 Feb 2024 13:49:58 GMT Server nginx/1.24.0 (Ubuntu) ETag "65ce1686-c7cc2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 818370
GET H2	200	background-JAMUSLOT-DESKTOP.png imagedel.com/default/jamuslot/	2 MB 2 MB	234ms 73ms	Image image/png	172.67.194.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedel.com/default/jamuslot/background-JAMUSLOT-DESKTOP.png Requested by Host: 174.138.18.197 URL: http://174.138.18.197/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.194.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 486c25f033c6ed4253cc465b76212374683ee0b001247cca4d0bb8baf2d209d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 19 Mar 2024 04:39:01 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 17BBC99FF3726B7F age 5539 alt-svc h3=":443"; ma=86400 content-length 1625725 x-amz-id-2 dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8 x-xss-protection 1; mode=block last-modified Thu, 08 Feb 2024 06:40:18 GMT server cloudflare etag "27557cbe973aa3aeeba1fa652e09deb3" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3gqP66nvCmpFK%2F4y1RplfsueCNLmf76nXXgCeRdslZiDrJpBiSdE1CkN7eUW6w9ZwWG%2B%2BiGWu1H9vrMvkwmmaVIYRPj66YWNM5oiH9iM1SJZQVA5YsmAtNtAbvxVgE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 866ac6baa9cee3e3-TLV
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	365ms 123ms	Stylesheet text/css	142.250.186.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap Requested by Host: 174.138.18.197 URL: http://174.138.18.197/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f10.1e100.net Software ESF / Resource Hash f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Mar 2024 04:39:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Mar 2024 04:37:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Mar 2024 04:39:01 GMT
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	379ms 125ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: 174.138.18.197 URL: http://174.138.18.197/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash cc851682d909034305244a1d283353073d39db6d2e46c2b8322efd08f18dc0d0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Tue, 19 Mar 2024 04:39:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73049 x-xss-protection 0 server sffe etag "7955463a5d2c0102" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 19 Mar 2024 04:39:01 GMT
GET DATA	200 OK	truncated /	760 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41eadc0db55cfd6b023620d2038c03a26a8039e6572f437bfe933ee7a8e8df98 Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	956 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7862d7a87563b8e398db6c645f2123def519d29023787c07b9280ba6b9637a2d Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4315cc85e65e50643d220fb1786ac035053269e65a3e8f69a01e1ffd8944a94 Request headers accept-language he-IL,he;q=0.9 Referer http://174.138.18.197/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 fonts.gstatic.com/s/notosans/v36/	38 KB 39 KB	351ms 114ms	Font font/woff2	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f131.1e100.net Software sffe / Resource Hash 91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://174.138.18.197 accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 18 Mar 2024 21:35:01 GMT x-content-type-options nosniff age 25441 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39412 x-xss-protection 0 last-modified Wed, 14 Feb 2024 22:43:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 18 Mar 2025 21:35:01 GMT
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012402262017000/v0/	8 KB 3 KB	350ms 116ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 7219f93cc6b41e34e4cdcafdea0a1ca0f9c46b0d2d7e1b850e0aca819cf242ec Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://174.138.18.197/ Origin http://174.138.18.197 accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 12 Mar 2024 18:01:49 GMT age 556633 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2973 x-xss-protection 0 server sffe etag "edc9f109c0641282" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 12 Mar 2025 18:01:49 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012402262017000/v0/	12 KB 4 KB	354ms 122ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402262017000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash ec446a10c73bf96f713f9fc280a76efd726f676487c63ed740a0c47ced06acbb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://174.138.18.197/ Origin http://174.138.18.197 accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 14 Mar 2024 21:57:06 GMT age 369716 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3942 x-xss-protection 0 server sffe etag "bcd6cbdc4aa77b63" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 14 Mar 2025 21:57:06 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
imagedel.com
142.250.184.193
142.250.186.138
172.217.16.131
172.67.194.54
174.138.18.197
41eadc0db55cfd6b023620d2038c03a26a8039e6572f437bfe933ee7a8e8df98
486c25f033c6ed4253cc465b76212374683ee0b001247cca4d0bb8baf2d209d6
4cf322833a99b387b92cb6a76ba02939a96d0ae4c5606566ddf9082834a85af5
540d2dd252d83ce68af7d9878dfe3adf593724d39e9628f99778125fb6ca8a9b
7219f93cc6b41e34e4cdcafdea0a1ca0f9c46b0d2d7e1b850e0aca819cf242ec
7862d7a87563b8e398db6c645f2123def519d29023787c07b9280ba6b9637a2d
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
cc851682d909034305244a1d283353073d39db6d2e46c2b8322efd08f18dc0d0
d4315cc85e65e50643d220fb1786ac035053269e65a3e8f69a01e1ffd8944a94
ec446a10c73bf96f713f9fc280a76efd726f676487c63ed740a0c47ced06acbb
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b