urlscan.io logo urlscan.io
SecurityTrails logo

monitoring.amanah-staging.cs.ui.ac.id Open in urlscan Pro
152.118.148.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://monitoring.amanah-staging.cs.ui.ac.id/
Submission Tags: phishingrod
Submission: On June 16 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 152.118.148.65, located in Depok, Indonesia and belongs to INDONESIAUNI-AS-AP University of Indonesia, ID. The main domain is monitoring.amanah-staging.cs.ui.ac.id.
TLS certificate: Issued by R10 on June 16th 2024. Valid for: 3 months.
This is the only time monitoring.amanah-staging.cs.ui.ac.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 152.118.148.65 3382 (INDONESIA...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
9 4
Apex Domain
Subdomains		 Transfer
5 ui.ac.id
monitoring.amanah-staging.cs.ui.ac.id
2 MB
2 google.com
apis.google.com — Cisco Umbrella Rank: 210
63 KB
1 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 12643
113 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
9 4
Domain Requested by
5 monitoring.amanah-staging.cs.ui.ac.id monitoring.amanah-staging.cs.ui.ac.id
2 apis.google.com monitoring.amanah-staging.cs.ui.ac.id
apis.google.com
1 images.unsplash.com monitoring.amanah-staging.cs.ui.ac.id
1 fonts.googleapis.com monitoring.amanah-staging.cs.ui.ac.id
9 4

This site contains no links.

Subject Issuer Validity Valid
amanah-staging.cs.ui.ac.id
R10		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.apis.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.amanah-staging.cs.ui.ac.id/
Frame ID: 9B66E6D0C1183113C24F91A3AB4FC6F5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bisakita

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

9
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1747 kB
Transfer

1880 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
monitoring.amanah-staging.cs.ui.ac.id/ 		891 B
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://monitoring.amanah-staging.cs.ui.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.118.148.65 Depok, Indonesia, ASN3382 (INDONESIAUNI-AS-AP University of Indonesia, ID),
Reverse DNS
amanah.cs.ui.ac.id
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
60cf260195953aecde48b74bb5334c0b185c7cc9812804c0eec0b325402a028f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 16 Jun 2024 11:38:53 GMT
etag
W/"6411e58f-37b"
last-modified
Wed, 15 Mar 2023 15:34:39 GMT
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
main.fc63fb68.js
monitoring.amanah-staging.cs.ui.ac.id/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://monitoring.amanah-staging.cs.ui.ac.id/static/js/main.fc63fb68.js
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.118.148.65 Depok, Indonesia, ASN3382 (INDONESIAUNI-AS-AP University of Indonesia, ID),
Reverse DNS
amanah.cs.ui.ac.id
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e67164d75e83c6e0a3cb97eb0d81b64507de7a07101b65c1f5a37b0af8aa8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 11:38:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Wed, 15 Mar 2023 15:34:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6411e58f-1607b2"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
1443762
x-xss-protection
1; mode=block, 1; mode=block
main.cbb96663.css
monitoring.amanah-staging.cs.ui.ac.id/static/css/ 		151 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://monitoring.amanah-staging.cs.ui.ac.id/static/css/main.cbb96663.css
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.118.148.65 Depok, Indonesia, ASN3382 (INDONESIAUNI-AS-AP University of Indonesia, ID),
Reverse DNS
amanah.cs.ui.ac.id
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ea05b3f464ed4a107e0297bece4f601bea6b7b82338e59b83253d980b15d4ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 11:38:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Wed, 15 Mar 2023 15:34:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6411e58f-25d00"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
154880
x-xss-protection
1; mode=block, 1; mode=block
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4f15ba0f500a3cdd04a8d317011ba482f51cdd43dfa99f6eef80123e94985f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 11:38:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21323
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"9e5f32b4d5ea53ff"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 11:38:53 GMT
css2
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Archivo:wght@400;500;600;700&family=Lato:wght@400;700&family=Poppins:wght@400;500;600;700&family=Roboto:wght@400;500;700&family=Source+Sans+Pro:wght@400;600;700&display=swap
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/static/css/main.cbb96663.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9cd4094be0e4f02ff3b1f4359249b915362e3c4295e1e9d40737cd0d5a00e0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 11:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 11:38:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 11:38:54 GMT
photo-1488521787991-ed7bbaae773c
images.unsplash.com/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1488521787991-ed7bbaae773c?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1170&q=80
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
7ab02bf960503bec040cb41ea53e7a1f1a7159f8111c66d21df0f0f31a4ffc7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 11:38:58 GMT
x-content-type-options
nosniff
age
924968
x-cache
HIT, HIT, HIT, MISS
x-imgix-id
e8e30cd2426baa9253641ed8d82a0ae97a596be2
cross-origin-resource-policy
cross-origin
content-length
115093
x-served-by
cache-sjc10077-SJC, cache-ams2100090-AMS, cache-fra-eddf8230106-FRA, cache-mxp6940-MXP
last-modified
Wed, 05 Jun 2024 18:42:50 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
appearance
monitoring.amanah-staging.cs.ui.ac.id/ 		568 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://monitoring.amanah-staging.cs.ui.ac.id/appearance
Requested by
Host: monitoring.amanah-staging.cs.ui.ac.id
URL: https://monitoring.amanah-staging.cs.ui.ac.id/static/js/main.fc63fb68.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.118.148.65 Depok, Indonesia, ASN3382 (INDONESIAUNI-AS-AP University of Indonesia, ID),
Reverse DNS
amanah.cs.ui.ac.id
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b6c83d46ef19576051459cf0c1bd109574874a2fd101f0c9b22a8d1dead080e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 11:38:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx/1.18.0 (Ubuntu)
content-length
568
content-type
text/html
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dd604365909f97802853f2d32f6bf6b418f5a4291df9e42379405a028491838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 10:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42108
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 10:42:38 GMT
favicon.ico
monitoring.amanah-staging.cs.ui.ac.id/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://monitoring.amanah-staging.cs.ui.ac.id/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.118.148.65 Depok, Indonesia, ASN3382 (INDONESIAUNI-AS-AP University of Indonesia, ID),
Reverse DNS
amanah.cs.ui.ac.id
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://monitoring.amanah-staging.cs.ui.ac.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 11:38:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Wed, 15 Mar 2023 15:34:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6411e58f-f1e"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/x-icon
accept-ranges
bytes
content-length
3870
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| gapi object| ___jsl object| Backbone object| regeneratorRuntime function| tinycolor object| _F_toggles object| osapi

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://monitoring.amanah-staging.cs.ui.ac.id/appearance
Message:
Failed to load resource: the server responded with a status of 502 ()
network error
Message:
The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block