superfuds.celes.app Open in urlscan Pro
2607:f8b0:4004:c17::79  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response superfuds.celes.app/	3 KB 3 KB	888ms 730ms	Document text/html	2607:f8b0:4004:c17::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::79 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 1210d30eb8f746ad6f16d99b9a0b4c755aeabf43ceb8a25c4470e2ffdf53108c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-length 3294 content-type text/html date Sat, 27 Jan 2024 01:56:22 GMT etag "65b171f0-cde" last-modified Wed, 24 Jan 2024 20:24:16 GMT server Google Frontend x-cloud-trace-context fe672e6509ea2a9557b0523e05f201b0;o=1
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	173ms 63ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d52bc2b78875ad5aa7d3fb631ce947f259f3008eef744aadd87fc087177fc87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 27 Jan 2024 01:56:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 27 Jan 2024 00:13:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 27 Jan 2024 01:56:23 GMT
GET H2	200	index-1efff8d9.js Show response superfuds.celes.app/assets/	3 MB 3 MB	204ms 200ms	Script application/javascript	2607:f8b0:4004:c17::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://superfuds.celes.app/assets/index-1efff8d9.js Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::79 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash df75ac5ffee06a262cc2976aaa9ad644e5289af5d9ac6d7a70a6aef986a08afc Request headers Referer https://superfuds.celes.app/ Origin https://superfuds.celes.app accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:23 GMT last-modified Wed, 24 Jan 2024 20:24:16 GMT server Google Frontend etag "65b171f0-29b282" content-type application/javascript x-cloud-trace-context 1eae18b692211d88d189bb63575500ad accept-ranges bytes content-length 2732674
GET H2	200	index-a50806fc.css superfuds.celes.app/assets/	77 KB 18 KB	99ms 95ms	Stylesheet text/css	2607:f8b0:4004:c17::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://superfuds.celes.app/assets/index-a50806fc.css Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::79 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash a50806fcb382de185fdd335feae7dfa2969d7cb098825a9239c4a1ceefd9a09f Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:23 GMT content-encoding gzip last-modified Wed, 24 Jan 2024 20:24:16 GMT server Google Frontend etag W/"65b171f0-1333b" vary Accept-Encoding content-type text/css cache-control private
GET H2	200	platform.js Show response static.elfsight.com/platform/	49 KB 17 KB	110ms 38ms	Script application/javascript	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/platform/platform.js Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:23 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx000003d43ac5e56c4f0f4-0065af9f8e-53a44446-sfo2a age 2367 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Tue, 28 Nov 2023 12:13:36 GMT server cloudflare etag W/"2063d9765e1647d954e5344382c692a1" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 84bd60feb8905c71-MIA
GET H2	200	hotjar-3601353.js Show response static.hotjar.com/c/	10 KB 5 KB	394ms 184ms	Script application/javascript	18.67.17.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3601353.js?sv=6 Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.17.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-17-128.yto50.r.cloudfront.net Software / Resource Hash 53fb50bc46d22589eef836840f6e943e4cc6e8e60657ef8d9617e0659938a52c Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:23 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 1005873908b937da8d6e408eda0fb9e0.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-P1 etag W/6ae9090c5e079796318f423812e70df0 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id fe5jbk9qnDBQHRqIPlu8t_lLcw-XXxs2-G-vknhB_4Uyamj9Q5w-lg==
GET H2	200	css fonts.googleapis.com/	7 KB 791 B	63ms 61ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/assets/index-a50806fc.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 27 Jan 2024 01:56:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 27 Jan 2024 01:34:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 27 Jan 2024 01:56:23 GMT
GET H2	200	modules.0c2aac1b2d1ba79f2a01.js Show response script.hotjar.com/	219 KB 55 KB	241ms 83ms	Script application/javascript	13.33.165.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3601353.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.165.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-165-76.yto50.r.cloudfront.net Software / Resource Hash 8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 15:40:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 7f810c58196babfb78deeaeab9c8a91a.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C3 age 209778 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55804 last-modified Wed, 24 Jan 2024 15:39:41 GMT etag "252eda316b5dfe5750655c881f809a75" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id hENUR9rlA59htOZmSCLJWQY90JQVXF3tZsF7-I3MajKyNL5DyE9VPw==
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	418ms 137ms	XHR application/json	54.194.77.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.194.77.36 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-77-36.eu-west-1.compute.amazonaws.com Software / Resource Hash 9d041e9a4093e4b969cbae733abc07444b486245d5f19421c0397ae8d1b8b3a6 Request headers Referer https://superfuds.celes.app/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 27 Jan 2024 01:56:25 GMT content-length 56 vary Origin content-type application/json
GET H2	200	/ Show response core.service.elfsight.com/p/boot/	4 KB 3 KB	197ms 121ms	XHR application/json	2606:4700:10::ac43:1653 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fsuperfuds.celes.app%2Fes&w=58f28ea1-4c0e-42d0-8092-3b282de0daff Requested by Host: static.elfsight.com URL: https://static.elfsight.com/platform/platform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dae9788fc8eecb6e116607e0899a4d88b28890389b41b30cde7815e972caf26e Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0, 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-permitted-cross-domain-policies none strict-transport-security max-age=0 x-dns-prefetch-control on cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0, 1; mode=block referrer-policy no-referrer server cloudflare cross-origin-opener-policy unsafe-none etag W/"1137-P2gQekF/yK7hv1jMZ3YpegsEtxU" x-download-options noopen vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://superfuds.celes.app origin-agent-cluster ?1 access-control-allow-credentials true cf-apo-via origin,host cf-ray 84bd610b0a739af1-MIA
GET		tenant-info celes-backend-4mp5bsq4jq-uc.a.run.app/api/user/	0 0
GET H2	200	main-img.svg storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/	6 MB 6 MB	357ms 214ms	Image image/svg+xml	2607:f8b0:4004:c1d::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/main-img.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 288cfb2f69b2018a49fb1e247b98b5ed9088ff95dff4a549c1bdb8db01f1fc1e Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT x-guploader-uploadid ABPtcPo6jmqVVNb8-H0Uy4lqS_7m7FolxXGOi8zaIZVDdcIWBLyqtVZX02JMYwet0YP4fSoTQX4HahnP8A x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5958080 last-modified Mon, 28 Aug 2023 19:17:07 GMT server UploadServer etag "c43d1b2da99c7648ea6283a3775e374d" x-goog-generation 1693250227962042 content-type image/svg+xml x-goog-hash crc32c=SAoG8w==, md5=xD0bLamcdkjqYoOjd143TQ== cache-control public, max-age=3600 x-goog-stored-content-length 5958080 accept-ranges bytes expires Sat, 27 Jan 2024 02:56:25 GMT
GET H2	200	starts-login.svg storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/	436 B 918 B	302ms 160ms	Image image/svg+xml	2607:f8b0:4004:c1d::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/starts-login.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 954d940a9c558a5976486ad2c1a7da6b846e71f21867aa20c8540ef16dfbd8b2 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT x-guploader-uploadid ABPtcPpkocfNcodP8Nrmm-h-RlWmeP5hLLkRngJbqNm93bekRK3DvQaLa7Kv9jSPmZycCt66oyYCYRzhTA x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 436 last-modified Fri, 25 Aug 2023 19:04:45 GMT server UploadServer etag "593cea61ac6c8e882152da9ea757067a" x-goog-generation 1692990285541269 content-type image/svg+xml x-goog-hash crc32c=ME7Jag==, md5=WTzqYaxsjoghUtqep1cGeg== cache-control public, max-age=3600 x-goog-stored-content-length 436 accept-ranges bytes expires Sat, 27 Jan 2024 02:56:25 GMT
GET H2	200	spain.svg storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/	737 B 978 B	326ms 184ms	Image image/svg+xml	2607:f8b0:4004:c1d::cf GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/knowledgebase-287421-dvpbase/Public/Onboarding/Assets/Img/spain.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::cf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash b6f1a183046497b5b54ffb6dcb11c56d20901ff22684d38131b31a5c5da0917b Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT x-guploader-uploadid ABPtcPpXTB12N7padmbbQrE_HR0cbanWALmQwFmEbAgACCMoHEBgzggS6VAyjKEoNLJutmXS8dI x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 737 last-modified Fri, 25 Aug 2023 20:07:02 GMT server UploadServer etag "a2afbf74b4e323a301fd17e7b8ab6140" x-goog-generation 1692994022157018 content-type image/svg+xml x-goog-hash crc32c=pAQIqw==, md5=oq+/dLTjI6MB/RfnuKthQA== cache-control public, max-age=3600 x-goog-stored-content-length 737 accept-ranges bytes expires Sat, 27 Jan 2024 02:56:25 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	190ms 53ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://superfuds.celes.app accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:03:36 GMT x-content-type-options nosniff age 204769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 23 Jan 2025 17:03:36 GMT
GET H2	200	whatsappChat.js Show response static.elfsight.com/apps/whatsapp-chat/stable/2f89c22f6e7915d30d75462e906820287c2dbeec/app/	550 KB 178 KB	42ms 40ms	Script application/javascript	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/apps/whatsapp-chat/stable/2f89c22f6e7915d30d75462e906820287c2dbeec/app/whatsappChat.js Requested by Host: static.elfsight.com URL: https://static.elfsight.com/platform/platform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0d805360bf9e1b1fd9c681e39bd5efe79e98d4a4916bcf515adde575793383d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx0000036d3604d83623a6f-0065af9f86-53a5bbd4-sfo2a age 1655 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Fri, 29 Dec 2023 05:02:41 GMT server cloudflare etag W/"b00155c2c74da8a0bedddca1589364b7" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript; charset=utf-8 x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 84bd610bde495c71-MIA
GET H2	200	whatsapp.png static.elfsight.com/apps/all-in-one-chat/patterns/	112 KB 112 KB	460ms 459ms	Image image/png	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.elfsight.com/apps/all-in-one-chat/patterns/whatsapp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:25 GMT strict-transport-security max-age=0 cf-cache-status HIT x-amz-request-id tx00000f63df29ae1114085-0065af9f87-53a62350-sfo2a age 1507 cf-polished status=not_needed x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 content-length 114536 cf-bgj imgq:85,h2pri last-modified Wed, 16 Sep 2020 07:58:48 GMT server cloudflare etag "8a055527b27b887521a9f084497d8879" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type image/png x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 cache-control max-age=3600 x-rgw-object-type Normal accept-ranges bytes cf-ray 84bd610d08a45c71-MIA
GET DATA	200 OK	truncated /	417 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H2	200	IMG_8092.png files.elfsightcdn.com/eafe4a4d-3436-495d-b748-5bdce62d911d/3207e227-f397-4bd8-932f-138ff09b9bca/	7 KB 7 KB	536ms 37ms	Image image/png	2606:4700:20::ac43:4766 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://files.elfsightcdn.com/eafe4a4d-3436-495d-b748-5bdce62d911d/3207e227-f397-4bd8-932f-138ff09b9bca/IMG_8092.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4766 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73052fdb840a32d2dc569690cc7c481de3c5c93ba859cebb47620ded9828db8c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:26 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id tx0000000000000200675d2-0065ac4b72-41e48701-nyc3a age 299360 cf-polished origSize=8277, status=vary_header_present x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 content-length 6748 cf-bgj imgq:100,h2pri last-modified Fri, 22 Dec 2023 15:01:45 GMT server cloudflare etag "46571326717a4e44ff06cacc2435fcda" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oE%2BiF%2BtdD91JAYoQhIKamKhZPFHKBgx9xkRvaqoQQTj6rEisZ9GZKrDJFEa7Hm8E4WVOYgN3A0XGNvedPd7A%2B2LNJ%2FUCQeEqYxixV4T8FtQ%2BJcS2dguy0AAWXvecJDvoEOhad3hWu%2FKHNFvIk%2F%2BoWkOaCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png x-do-cdn-uuid 09fc71af-b58f-4172-b955-d9e3a4bdd076 cache-control max-age=604800 x-rgw-object-type Normal accept-ranges bytes cf-ray 84bd611049a0033d-MIA
POST H2	200	/ Show response api-js.mixpanel.com/track/	25 B 364 B	167ms 105ms	XHR application/json	107.178.240.159 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1706320589381 Requested by Host: superfuds.celes.app URL: https://superfuds.celes.app/assets/index-1efff8d9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.159 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 159.240.178.107.bc.googleusercontent.com Software envoy / Resource Hash e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers Referer https://superfuds.celes.app/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers strict-transport-security max-age=604800; includeSubDomains date Sat, 27 Jan 2024 01:56:29 GMT via 1.1 google server envoy access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://superfuds.celes.app access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true x-envoy-upstream-service-time 40 access-control-allow-headers X-Requested-With content-length 25 alt-svc clear
GET H2	200	survey-v2.9b6a2cc4c5dd365e84bc.js Show response script.hotjar.com/	285 KB 66 KB	84ms 84ms	Script application/javascript	13.33.165.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/survey-v2.9b6a2cc4c5dd365e84bc.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.165.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-165-76.yto50.r.cloudfront.net Software / Resource Hash a3714e11febd6db544b5674279425cb4b572dfaee9ec4636e0b2f297372622c7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 13:24:08 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 7f810c58196babfb78deeaeab9c8a91a.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C3 age 45142 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 66733 last-modified Fri, 26 Jan 2024 13:23:21 GMT etag "23e1473483a56b7bb310d9b92b73f2f0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 4-Cw01YFoEDapjF9NUIOGxq_DqeHmHvEZus977N0-UDXmcMlBpdFEA==
GET H2	200	hit Show response surveystats.hotjar.io/	0 473 B	644ms 458ms	XHR binary/octet-stream	18.67.17.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://surveystats.hotjar.io/hit?id=930266&device=desktop Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.17.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-17-13.yto50.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 01:56:32 GMT x-amz-version-id null via 1.1 f92b450b48c98e711c027c1986c59944.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-P1 x-cache Miss from cloudfront content-length 0 last-modified Wed, 27 Jan 2021 15:23:17 GMT server AmazonS3 etag "d41d8cd98f00b204e9800998ecf8427e" access-control-max-age 0 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control public,max-age=0 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 5t_cUK0e4wb3BGl60ZD-V7Y4uLNmE77tPOWqPeo5BgpJ_Q7Pw_q00w==
GET H2	200	hotjar-logo-small.svg www.hotjar.com/images/	590 B 997 B	251ms 81ms	Image image/svg+xml	13.33.165.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.hotjar.com/images/hotjar-logo-small.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.165.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-165-75.yto50.r.cloudfront.net Software / Resource Hash 08d62e0e4313d2131430a8baa41ef30eed43cd8f00a152f52495de19a1fdbf32 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://superfuds.celes.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 08 Jan 2024 21:23:18 GMT strict-transport-security max-age=2592000; includeSubDomains via 1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront) last-modified Mon, 08 Jan 2024 14:50:38 GMT x-amz-cf-pop YTO50-C3 age 1571592 etag W/"24e-18ce98dde30" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=31536000, stale-while-revalidate accept-ranges bytes content-length 590 x-amz-cf-id r121cLwLVYxiazHOolCfjA4aBLA2W66OpN1LVfMwUw800SzpsbhkXA==
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	238ms 79ms	Font font/woff2	13.33.165.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.165.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-165-76.yto50.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://superfuds.celes.app/ Origin https://superfuds.celes.app accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 17 Dec 2023 11:37:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 a06e85a5c7853d2f85565a048a9d2608.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C3 age 3507569 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 14 Dec 2023 15:34:25 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id wy7AJKeOIr1UZz1j_ImkT_qPEi0hZkvWim8bEdZoLYBdpmPQEx8zYA==
GET H2	200	Roboto-Regular.422781.woff2 script.hotjar.com/	49 KB 50 KB	249ms 93ms	Font font/woff2	13.33.165.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/Roboto-Regular.422781.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.165.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-165-76.yto50.r.cloudfront.net Software / Resource Hash 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://superfuds.celes.app/ Origin https://superfuds.celes.app accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 26 Dec 2023 06:33:45 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 a06e85a5c7853d2f85565a048a9d2608.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C3 age 2748165 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 21 Dec 2023 13:38:49 GMT etag "184a2a669cf798f8d80bcfba041c3ecf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id I8IuCqFWqG5Wn9_2x_h23MyStrd5YawNp2bOMEchXpbl4vyYX5LHBQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

celes-backend-4mp5bsq4jq-uc.a.run.app

URL

https://celes-backend-4mp5bsq4jq-uc.a.run.app/api/user/tenant-info?subdomain=superfuds

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| TreemapSquared function| SVG object| Apex function| ApexCharts object| __MUI_LICENSE_INFO__ object| componentHandler function| MaterialButton function| MaterialProgress function| MaterialSpinner function| MaterialTextfield object| firebaseui object| dialogPolyfill object| __core-js_shared__ object| core object| eapps function| eappsWhatsappChat

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.celes.app/	1970-01-21 02:44:16	Name: mp_0ee002f6ce333bc328aa04ee0b5bd7e2_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d48a1dec1813-0d697763421e3e-6b305750-1d4c00-18d48a1dec1813%22%2C%22%24device_id%22%3A%20%2218d48a1dec1813-0d697763421e3e-6b305750-1d4c00-18d48a1dec1813%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
			.celes.app/	1970-01-21 02:44:16	Name: _hjSessionUser_3601353 Value: eyJpZCI6ImNiZmZhNTEyLWE0N2EtNTFlYS1iYTY0LTA5NTkyNzUwYTFiMSIsImNyZWF0ZWQiOjE3MDYzMjA1ODUzMTEsImV4aXN0aW5nIjp0cnVlfQ==
			.celes.app/	1970-01-20 17:58:42	Name: _hjSession_3601353 Value: eyJpZCI6IjNiNzU2MDBkLTk5MTYtNGY2OS05MDY3LTZjZGMzM2M2YTIwNyIsImMiOjE3MDYzMjA1ODUzMTMsInMiOjEsInIiOjEsInNiIjoxLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
			core.service.elfsight.com/	1970-01-20 17:58:40	Name: elfsight_viewed_recently Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
celes-backend-4mp5bsq4jq-uc.a.run.app
content.hotjar.io
core.service.elfsight.com
files.elfsightcdn.com
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.elfsight.com
static.hotjar.com
storage.googleapis.com
superfuds.celes.app
surveystats.hotjar.io
www.hotjar.com
celes-backend-4mp5bsq4jq-uc.a.run.app
107.178.240.159
13.33.165.75
13.33.165.76
18.67.17.128
18.67.17.13
2606:4700:10::6816:455f
2606:4700:10::ac43:1653
2606:4700:20::ac43:4766
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::79
2607:f8b0:4004:c1d::cf
54.194.77.36
08d62e0e4313d2131430a8baa41ef30eed43cd8f00a152f52495de19a1fdbf32
1210d30eb8f746ad6f16d99b9a0b4c755aeabf43ceb8a25c4470e2ffdf53108c
288cfb2f69b2018a49fb1e247b98b5ed9088ff95dff4a549c1bdb8db01f1fc1e
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
2d52bc2b78875ad5aa7d3fb631ce947f259f3008eef744aadd87fc087177fc87
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e
53fb50bc46d22589eef836840f6e943e4cc6e8e60657ef8d9617e0659938a52c
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842
73052fdb840a32d2dc569690cc7c481de3c5c93ba859cebb47620ded9828db8c
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
954d940a9c558a5976486ad2c1a7da6b846e71f21867aa20c8540ef16dfbd8b2
9d041e9a4093e4b969cbae733abc07444b486245d5f19421c0397ae8d1b8b3a6
a3714e11febd6db544b5674279425cb4b572dfaee9ec4636e0b2f297372622c7
a50806fcb382de185fdd335feae7dfa2969d7cb098825a9239c4a1ceefd9a09f
b0d805360bf9e1b1fd9c681e39bd5efe79e98d4a4916bcf515adde575793383d
b6f1a183046497b5b54ffb6dcb11c56d20901ff22684d38131b31a5c5da0917b
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
dae9788fc8eecb6e116607e0899a4d88b28890389b41b30cde7815e972caf26e
df75ac5ffee06a262cc2976aaa9ad644e5289af5d9ac6d7a70a6aef986a08afc
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da