hippo168.com
Open in
urlscan Pro
18.66.97.74
Public Scan
Effective URL: https://hippo168.com/
Submission: On November 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time hippo168.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.66.97.121 18.66.97.121 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 18.66.97.74 18.66.97.74 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2606:4700:440... 2606:4700:4400::6812:2a63 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
48 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-121.fra56.r.cloudfront.net
hippo168.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-74.fra56.r.cloudfront.net
hippo168.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
hippo168.com
1 redirects
hippo168.com |
1 MB |
6 |
aghippo168.com
member-api.aghippo168.com |
4 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335 |
107 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
2 KB |
0 |
amazonaws.com
Failed
s3.ap-southeast-1.amazonaws.com Failed |
|
48 | 5 |
Domain | Requested by | |
---|---|---|
17 | hippo168.com |
1 redirects
hippo168.com
|
6 | member-api.aghippo168.com |
hippo168.com
|
2 | cdn.jsdelivr.net |
hippo168.com
|
2 | fonts.googleapis.com |
hippo168.com
|
0 | s3.ap-southeast-1.amazonaws.com Failed | |
48 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hippo168.com Amazon RSA 2048 M01 |
2023-02-21 - 2024-01-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
aghippo168.com E1 |
2023-10-14 - 2024-01-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hippo168.com/
Frame ID: 127E253933425D1BDB3A96283ABFC089
Requests: 44 HTTP requests in this frame
Screenshot
Page Title
Pretty GamingPage URL History Show full URLs
-
http://hippo168.com/
HTTP 301
https://hippo168.com/ Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- /_nuxt/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hippo168.com/
HTTP 301
https://hippo168.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
48 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hippo168.com/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ |
335 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66a4782.js
hippo168.com/_nuxt/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bce416d.js
hippo168.com/_nuxt/ |
256 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3e2adbb.js
hippo168.com/_nuxt/ |
543 KB 103 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66df0eb.js
hippo168.com/_nuxt/ |
482 KB 77 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e872ce5.js
hippo168.com/_nuxt/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-loading.65b7ba5.jpg
hippo168.com/_nuxt/img/ |
887 KB 889 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_loading.png
hippo168.com/ |
903 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pentor.2c929fd.otf
hippo168.com/_nuxt/fonts/ |
56 KB 37 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 978 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ |
335 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maintenance
member-api.aghippo168.com/apiRoute/ |
177 B 502 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
22b7251.js
hippo168.com/_nuxt/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4d3f596.js
hippo168.com/_nuxt/ |
290 KB 74 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5389ead.js
hippo168.com/_nuxt/ |
14 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7545b83.js
hippo168.com/_nuxt/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9abb75c.js
hippo168.com/_nuxt/ |
286 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maintenance
member-api.aghippo168.com/apiRoute/ |
177 B 250 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pentor.2c929fd.otf
hippo168.com/_nuxt/fonts/ |
56 KB 37 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Logo.svg
hippo168.com/ptg3/headerBar/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Menu.svg
hippo168.com/ptg3/headerBar/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
online.svg
hippo168.com/ptg3/hall/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getAllBac
member-api.aghippo168.com/apiRoute/table/ |
15 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUserOnline
member-api.aghippo168.com/apiRoute/table/ |
634 B 334 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pentor-bold.7b329d7.otf
hippo168.com/_nuxt/fonts/ |
58 KB 39 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loading_logo.svg
hippo168.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e0d30e1d-1801-8958-e23f-58cd997dc486.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e53a66c2-fb35-9264-64ec-5f3f47d583da.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3b3f1fb2-a502-065c-3587-38c4420fc095.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
6e97ee75-fc02-53f6-8b4b-fde980695bc3.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a28e539c-3304-51c0-c153-f69c30af86b9.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
a1c45d09-0156-ee70-70d1-9527a6e59233.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
6bf36d2f-ef48-5643-2371-76aaca92bc10.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d217fd53-70c8-bfd6-2e58-ec6ed8d47ad9.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8bac3f3d-4bb1-73f4-6b1b-208a25b08f5b.png
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
b8c38f02-8e63-9e78-46bc-07883ce09d94.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
53a8de33-b0e3-baa9-4b15-8f1a1be37dbd.jpg
s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
online.svg
hippo168.com/ptg3/hall/table/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
myPendingBetByGameId
member-api.aghippo168.com/apiRoute/transaction/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hippo168.com
- URL
- https://hippo168.com/ptg3/headerBar/Logo.svg
- Domain
- hippo168.com
- URL
- https://hippo168.com/ptg3/headerBar/Menu.svg
- Domain
- hippo168.com
- URL
- https://hippo168.com/ptg3/hall/online.svg
- Domain
- hippo168.com
- URL
- https://hippo168.com/loading_logo.svg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/e0d30e1d-1801-8958-e23f-58cd997dc486.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/e53a66c2-fb35-9264-64ec-5f3f47d583da.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/3b3f1fb2-a502-065c-3587-38c4420fc095.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/6e97ee75-fc02-53f6-8b4b-fde980695bc3.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/a28e539c-3304-51c0-c153-f69c30af86b9.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/a1c45d09-0156-ee70-70d1-9527a6e59233.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/6bf36d2f-ef48-5643-2371-76aaca92bc10.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/d217fd53-70c8-bfd6-2e58-ec6ed8d47ad9.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/8bac3f3d-4bb1-73f4-6b1b-208a25b08f5b.png
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/b8c38f02-8e63-9e78-46bc-07883ce09d94.jpg
- Domain
- s3.ap-southeast-1.amazonaws.com
- URL
- https://s3.ap-southeast-1.amazonaws.com/cdn.thf4k.com/53a8de33-b0e3-baa9-4b15-8f1a1be37dbd.jpg
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
- Domain
- hippo168.com
- URL
- https://hippo168.com/ptg3/hall/table/online.svg
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
- Domain
- member-api.aghippo168.com
- URL
- https://member-api.aghippo168.com/apiRoute/transaction/myPendingBetByGameId
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| HowlerGlobal object| Howler function| Howl function| Sound object| $nuxt0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
hippo168.com
member-api.aghippo168.com
s3.ap-southeast-1.amazonaws.com
hippo168.com
member-api.aghippo168.com
s3.ap-southeast-1.amazonaws.com
18.66.97.121
18.66.97.74
2606:4700:4400::6812:2a63
2606:4700::6810:5514
2a00:1450:4001:82b::200a
0230216619ab360e5478ab429514246d89bfbecc1ef7a115b940f22e6bf8893c
03994c582a4de89b8978bf6131a201a00ded46c6bd98784539e0bff052ef6e1e
0824d48f19c02c04d8d789114d60043959dc07d60e73be82ce617d6c75ec5745
1984c823ae1ed8a33d541ae38243e26abced0be2b9dbbda7be87187cca6f026d
306ca6f735eb8ef7100fdcf543ea5bacd2922ae7e703cc2446f07bbe32eaf462
5792045da30cbee35a6a09b15bf50a69c61d3484eed7fc21616396b3c3ed33fc
6a4171a9b8274847edb0c112357f5b7870302eaf9c53eb4440f182f05b7d5366
7f0d75206738538e07fae74ae57288b3e1e20c6218c8b3697c5db6af592cafef
9456a4c56a4566f6f4456a9c1502d63675d7311809e591eae3aa98658ecd95e3
96856b23c8a0e0dc477c75834809f8c0b4de8e1c32e9fc008fc6459496151f33
a001e726a37c47e1f493b88e383d4797d3b39665ee0da5619c2a3f5ddf3402e1
a511ea0f6b3b37742d55f6479a64dfb2a20817c90f294dd3fb521fd335a3c010
b30a842e76abd456a3efdaf401bb4981f173094a13fa45edbe4ada33648aa24f
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
bb46164bd31894e6d7e88c6abcdd653880d3e9ec9cd91a6b2d69f4469f263bac
c9cef15f099e5040f892d8df85b3782c226cf9f6b180cf68d6f46fa861d8086b
dc404039e3a2ca5d7d99f640265f331581056e3a703a3d5b9be099002dbdfc86
f30a3109a1bf4f571904a0d9394a6f1a7ecb8e7597dde7d08a3828baf7c9fd35
fa6a73576e277c964aff1c57e369c86fe1a2e4631af87993d341155d678da26e
fb4c5f1c9465f8a8bfa67fd9c456d95046e02b08d1d9132fa1a79c938004a1b2