crown-au.fun Open in urlscan Pro
172.67.221.200  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response crown-au.fun/	662 KB 179 KB	1288ms 1266ms	Document text/html	172.67.221.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crown-au.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.221.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60379e04780dee8a0c006c64f315eafc6d11583ab0c9d96bb352bd203126484f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * access-control-expose-headers Authorization alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ad26847bff4a814-SYD content-encoding br content-language en-AU content-type text/html; charset=utf-8 date Sat, 03 Aug 2024 01:06:51 GMT expect-ct max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cty4bxeGcT7Yi%2B46XMKu1BZqoEsMr7dsYTr6i6lOjHEeSLaWhWJfzGd8FwzpmbZjY4m5XUzV22PEauIkGCr%2BhCVrp3veTpTFmHUB06hpYKQ5ojSAHBXzigIFLpEJYyA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 0
GET H2	200	hotjar-5078487.js Show response static.hotjar.com/c/	11 KB 5 KB	274ms 263ms	Script application/javascript	108.158.32.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-5078487.js?sv=6 Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.158.32.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-158-32-22.syd3.r.cloudfront.net Software / Resource Hash 7771fde5094c9bca7a839d0ef6848a3352183906720a883b5d8372ccabb6b88d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 03 Aug 2024 01:06:52 GMT via 1.1 f5bc0d54a76b57b6f435f98d3e741ea4.cloudfront.net (CloudFront) x-amz-cf-pop SYD3-P2 etag W/83306e3c8e74a0423f1342241b9f54cb vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id 97Yx0UjkXnmyulg9E1WoAqegeP7yvWZEqhaUYJRyAGh56x85b166IQ==
GET H2	200	ZPy9TLTh28yA7TFBxa6DQLLe3FyWkfhAowB5nZh5-3riy1SWYgFDKaAkapfm4BdYCAa_=w50-h50-p play-lh.googleusercontent.com/	1 KB 1 KB	115ms 7ms	Image image/png	142.251.221.86 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/ZPy9TLTh28yA7TFBxa6DQLLe3FyWkfhAowB5nZh5-3riy1SWYgFDKaAkapfm4BdYCAa_=w50-h50-p Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.86 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f22.1e100.net Software fife / Resource Hash 5dae9046a28ecff03cf646dd9a3c8649e18187fa1c22671e05d6876adf77acb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 03 Aug 2024 01:02:00 GMT x-content-type-options nosniff age 292 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1094 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 04 Aug 2024 01:02:00 GMT
GET H2	200	ZPy9TLTh28yA7TFBxa6DQLLe3FyWkfhAowB5nZh5-3riy1SWYgFDKaAkapfm4BdYCAa_ play-lh.googleusercontent.com/	14 KB 15 KB	115ms 8ms	Image image/png	142.251.221.86 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/ZPy9TLTh28yA7TFBxa6DQLLe3FyWkfhAowB5nZh5-3riy1SWYgFDKaAkapfm4BdYCAa_ Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.86 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f22.1e100.net Software fife / Resource Hash d84985ae60027c8a63c8cbcb804820a7af242ac689cca7b7ae76fc3f68f19677 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 03 Aug 2024 01:02:00 GMT x-content-type-options nosniff age 292 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14839 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 04 Aug 2024 01:02:00 GMT
GET H2	200	SypdblnOM7tY7PdzGF9C_SfCHFdXP2ImbJsluzDmKiGwVPRqhlSVuyELwKMs2wYYy5E play-lh.googleusercontent.com/	18 KB 18 KB	113ms 6ms	Image image/png	142.251.221.86 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/SypdblnOM7tY7PdzGF9C_SfCHFdXP2ImbJsluzDmKiGwVPRqhlSVuyELwKMs2wYYy5E Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.86 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f22.1e100.net Software fife / Resource Hash f541eeb9a453acfd8f832aa95c34e892393ba403925747848e114a69a91804fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 03 Aug 2024 01:02:00 GMT x-content-type-options nosniff age 292 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18544 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sun, 04 Aug 2024 01:02:00 GMT
GET DATA	200 OK	truncated /	31 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bef56aeeae1ddf3cf1a282a73f84d7a0a33b2b3fc2104f9c169bb8a8c05e5a32 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	31ms 23ms	Font application/octet-stream	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://crown-au.fun/ Origin https://crown-au.fun User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 03 Aug 2024 01:06:52 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 22687 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mKrf4L%2FxKjOGmWkoqNZR%2FcIPk5OnUgQ3Y9eH7XVozEsogfp%2BhE0%2FNlqok6n1K9WMrxMrGNG5ZPQYpahSw5BVc1BlPjS%2BtPL%2BYg8dW4FU72v%2Bn4WLu7sRjt8GCkAB2QnRd9KypHjp"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8ad26853ec06dfab-SYD expires Thu, 24 Jul 2025 01:06:52 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	514ms 112ms	Script text/javascript	172.217.167.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api?v=3.3.9 Requested by Host: crown-au.fun URL: https://crown-au.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s17-in-f14.1e100.net Software ESF / Resource Hash c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 03 Aug 2024 01:06:52 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sat, 03 Aug 2024 01:06:52 GMT
GET H2	200	modules.8da33a8f469c3b5ffcec.js Show response script.hotjar.com/	223 KB 56 KB	13ms 4ms	Script application/javascript	18.67.93.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-5078487.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-55.syd62.r.cloudfront.net Software / Resource Hash 76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 14:23:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront) x-amz-cf-pop SYD62-P1 age 297825 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56385 last-modified Tue, 30 Jul 2024 14:22:40 GMT etag "0728625a147ca79276a1790b9cf3175d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 2s8EpLw4HXhLMwNTDboNjQqyX2n1Xo_a8oc71V4Zq1wLsQO2QpSblQ==
POST H2	200	/ Show response content.hotjar.io/	56 B 171 B	1375ms 566ms	XHR application/json	176.34.100.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?site_id=5078487&gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 176.34.100.118 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-176-34-100-118.eu-west-1.compute.amazonaws.com Software / Resource Hash e6b060fcfd6bdf24304d8b285c00def143ee10c6cfdb604d67388adeb4a648b4 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 03 Aug 2024 01:06:53 GMT content-length 56 access-control-max-age 86400 content-type application/json
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/	31 KB 11 KB	3ms 2ms	Script text/javascript	172.217.167.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api?v=3.3.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s17-in-f14.1e100.net Software sffe / Resource Hash 2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 07:31:11 GMT content-encoding br x-content-type-options nosniff age 236141 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10518 x-xss-protection 0 last-modified Wed, 31 Jul 2024 04:15:07 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 31 Jul 2025 07:31:11 GMT

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings object| ytp function| onYouTubeIframeAPIReady string| nAgt function| isTouchSupported function| getOS number| verOffset number| ix function| uncamel function| setUnit function| setFilter function| setActiveStyleSheet function| getActiveStyleSheet function| getPreferredStyleSheet function| createCookie function| readCookie function| $ function| jQuery object| bootstrap object| jQuery112409529164766113067 function| WOW object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.crown-au.fun/	1970-01-21 07:16:23	Name: _hjSessionUser_5078487 Value: eyJpZCI6ImU3MDllYjcxLTAwYzAtNWIyMy1iNGI4LTZlOTkxNzkwM2Y1YiIsImNyZWF0ZWQiOjE3MjI2NDcyMTI1MDEsImV4aXN0aW5nIjp0cnVlfQ==
			.crown-au.fun/	1970-01-20 22:30:49	Name: _hjSession_5078487 Value: eyJpZCI6IjRkOTFhNDFmLWIxZjUtNDE4OS05ZTBiLTMwMGZlMTg3MzkzMSIsImMiOjE3MjI2NDcyMTI1MDIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: a3_A1SEXeQ4
			.youtube.com/	1970-01-21 02:49:59	Name: VISITOR_INFO1_LIVE Value: 49JZk7aJbJA
			.youtube.com/	1970-01-21 02:49:59	Name: VISITOR_PRIVACY_METADATA Value: CgJBVRIEGgAgUw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
content.hotjar.io
crown-au.fun
play-lh.googleusercontent.com
script.hotjar.com
static.hotjar.com
www.youtube.com
104.17.25.14
108.158.32.22
142.251.221.86
172.217.167.110
172.67.221.200
176.34.100.118
18.67.93.55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
5dae9046a28ecff03cf646dd9a3c8649e18187fa1c22671e05d6876adf77acb3
60379e04780dee8a0c006c64f315eafc6d11583ab0c9d96bb352bd203126484f
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7771fde5094c9bca7a839d0ef6848a3352183906720a883b5d8372ccabb6b88d
bef56aeeae1ddf3cf1a282a73f84d7a0a33b2b3fc2104f9c169bb8a8c05e5a32
c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511
d84985ae60027c8a63c8cbcb804820a7af242ac689cca7b7ae76fc3f68f19677
e6b060fcfd6bdf24304d8b285c00def143ee10c6cfdb604d67388adeb4a648b4
f541eeb9a453acfd8f832aa95c34e892393ba403925747848e114a69a91804fe