claim.supernormal.art Open in urlscan Pro
104.19.240.93  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response claim.supernormal.art/	127 KB 25 KB	849ms 554ms	Document text/html	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8cb3cf3bebdb8bff66e933304dc462e99c8c17725edc5917c78673f841b794fa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 76b2e7840bcd6967-FRA Connection keep-alive Content-Encoding br Content-Type text/html Date Wed, 16 Nov 2022 20:16:26 GMT Server cloudflare Transfer-Encoding chunked cache-control no-store referrer-policy origin vary Accept-Encoding x-bubble-capacity-limit 0 ms slower x-bubble-capacity-used 0.153 unit-seconds used x-bubble-perf {"total":259.8,"percents":{"top":{"bubble_cpu":25.5,"block":58.9,"capacity_rl":0,"other_pause":0,"pre_fiber":15.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":14,"appserver_cache_misses_time":0,"redis":48.5,"fiber_queue":14.4,"capacity_wait":0.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":14,"derived_cache_memory_misses":14,"serverjson":29,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":61,"fiber_queue":58,"blocks":57},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":9917636,"derived_build_time_spent":0}} x-powered-by Express
GET H/1.1	200 OK	early.js Show response claim.supernormal.art/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/	23 KB 10 KB	268ms 267ms	Script application/javascript	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf Request headers Referer https://claim.supernormal.art/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:27 GMT Content-Encoding br CF-Cache-Status MISS x-bubble-perf {"total":35.3,"percents":{"top":{"bubble_cpu":17,"block":81,"capacity_rl":0,"other_pause":0,"pre_fiber":1.4},"sub":{"pp_userdb":5.7,"pp_wait_userdb":0,"http_request":0,"serverjson":8.3,"appserver_cache_misses_time":0,"redis":60,"fiber_queue":9.1,"capacity_wait":6.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5901700,"derived_build_time_spent":0}} x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.091 unit-seconds used Server cloudflare vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * CF-RAY 76b2e787dc316967-FRA x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	run.css claim.supernormal.art/package/run_css/3adcd871969963ee055ca7725c618983a6e6aaa3966bef0773ff69c95b4becd1/mb-checker/live/index/xfalse/xfalse/	88 KB 15 KB	363ms 323ms	Stylesheet text/css	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/package/run_css/3adcd871969963ee055ca7725c618983a6e6aaa3966bef0773ff69c95b4becd1/mb-checker/live/index/xfalse/xfalse/run.css Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8217e1e55f0ffc8c99453a588732ea47387dc4ecd6f9a53f1f132129aa41c1d8 Request headers accept-language de-DE,de;q=0.9 Referer https://claim.supernormal.art/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:27 GMT Content-Encoding br CF-Cache-Status MISS x-bubble-perf {"total":84.4,"percents":{"top":{"bubble_cpu":47.2,"block":52,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":18.7,"appserver_cache_misses_time":0,"redis":37.7,"fiber_queue":11.4,"capacity_wait":3.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":11,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":24,"fiber_queue":30,"blocks":29},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5971183,"derived_build_time_spent":0}} x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.092 unit-seconds used Server cloudflare vary Accept-Encoding Content-Type text/css access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * CF-RAY 76b2e7881f985b50-FRA x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	run.js Show response claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/	2 MB 603 KB	340ms 299ms	Script application/javascript	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0577890b7f82063e7de092df189fd6eb646c5b1c25d13d7f376d673467bd4e8d Request headers Referer https://claim.supernormal.art/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:27 GMT Content-Encoding br CF-Cache-Status MISS x-bubble-perf {"total":22.6,"percents":{"top":{"bubble_cpu":14.5,"block":81.7,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":57.4,"fiber_queue":21.3,"capacity_wait":4.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":491907,"derived_build_time_spent":0}} x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.008 unit-seconds used Server cloudflare vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * CF-RAY 76b2e7881f389963-FRA x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	static.js Show response claim.supernormal.art/package/static_js/e591cd48bd992a8902a0fd9db0b9124a1b03d4c1ef9cc9594aca7e1158b04031/mb-checker/live/index/xnull/xfalse/xfalse/xfalse/	126 KB 31 KB	487ms 445ms	Script application/javascript	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/package/static_js/e591cd48bd992a8902a0fd9db0b9124a1b03d4c1ef9cc9594aca7e1158b04031/mb-checker/live/index/xnull/xfalse/xfalse/xfalse/static.js Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 592eef2ce92e6049a9f385a560cfe1d0a41a7513b8344d54e8849e8fefb2e252 Request headers Referer https://claim.supernormal.art/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:27 GMT Content-Encoding br CF-Cache-Status MISS x-bubble-perf {"total":187.6,"percents":{"top":{"bubble_cpu":9.1,"block":90.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":4.4,"appserver_cache_misses_time":0,"redis":18,"fiber_queue":1.9,"capacity_wait":1.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":13,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":32,"fiber_queue":29,"blocks":28},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2571862,"derived_build_time_spent":0}} x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.04 unit-seconds used Server cloudflare vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * CF-RAY 76b2e7882b4f9b8f-FRA x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	dynamic.js Show response claim.supernormal.art/package/dynamic_js/dfee52f4bb09c826e604c593769407c16997fd2c51c96d1c6ec3d0f6f43db5ed/mb-checker/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/	16 KB 6 KB	1202ms 945ms	Script application/javascript	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/package/dynamic_js/dfee52f4bb09c826e604c593769407c16997fd2c51c96d1c6ec3d0f6f43db5ed/mb-checker/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash a2059834ed3c5e0d476d006cffac4a3f7754ffde4561827abf0e976b18e13303 Request headers Referer https://claim.supernormal.art/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:28 GMT Content-Encoding br CF-Cache-Status MISS x-bubble-perf {"total":690,"percents":{"top":{"bubble_cpu":6.8,"block":93.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":153.9,"appserver_cache_misses_time":0,"redis":31.7,"fiber_queue":7,"capacity_wait":2.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":4,"derived_cache_memory_misses":4,"serverjson":32,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":84,"fiber_queue":33,"blocks":32},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7049018,"derived_build_time_spent":0}} x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.108 unit-seconds used Server cloudflare vary Accept-Encoding Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * CF-RAY 76b2e78979ba9ba7-FRA x-bubble-capacity-limit 0 ms slower
GET H2	200	web3.min.js Show response cdn.jsdelivr.net/npm/web3@1.7.4/dist/	1 MB 334 KB	85ms 44ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/web3@1.7.4/dist/web3.min.js Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b34afb49eaea9172c5bdb38c7a18afeeb27f99b6567b72f12a1089ac1004bdab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://claim.supernormal.art/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5735128 x-jsd-version 1.7.4 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19136-FRA, cache-itm18824-ITM x-jsd-version-type version server cloudflare etag W/"165991-5TNEwrbFzIMdrs44eUGmzKibhtk" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clRI7hs%2B8a8S3P%2FoU5w%2Bx2swcWJM3jCPQkMJTNpSKrOca%2BXqBK38A80spJjNRO6CkBkPoIAmOqtx9X6Rp3SMx4Rwcs%2BQa3UTTPrDNgvmOEgppv9zri6dJJ%2FB0rKqpJNI8s0HCAXiWqqPt8EMIN8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 76b2e7882a909279-FRA
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	68ms 27ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CPoppins:600 Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ad7d7be426a25a485840c260b67804f37d812c122cd5c646baa852ca955b7319 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://claim.supernormal.art/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 16 Nov 2022 20:16:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 16 Nov 2022 20:16:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 16 Nov 2022 20:16:27 GMT
GET H/1.1	200 OK	data Show response claim.supernormal.art/api/1.1/init/	283 B 1 KB	240ms 240ms	XHR text/plain	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/api/1.1/init/data?location=https%3A%2F%2Fclaim.supernormal.art%2F Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6ea0a72206b595d4509f3c45189acf23032c7708be8dc66e17f1b1446d1cda16 Request headers accept-language de-DE,de;q=0.9 Referer https://claim.supernormal.art/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 16 Nov 2022 20:16:27 GMT CF-Cache-Status DYNAMIC x-bubble-perf {"total":22.2,"percents":{"top":{"bubble_cpu":27.8,"block":67.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.5,"appserver_cache_misses_time":0,"redis":42.5,"fiber_queue":12.5,"capacity_wait":14.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":925480,"derived_build_time_spent":0}} Server cloudflare x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.014 unit-seconds used CF-RAY 76b2e7899ffa6967-FRA x-bubble-capacity-limit 0 ms slower
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	69ms 20ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CPoppins:600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 18:50:24 GMT x-content-type-options nosniff age 177963 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 14 Nov 2023 18:50:24 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	65ms 17ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700%7CPoppins:600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claim.supernormal.art accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 22:04:56 GMT x-content-type-options nosniff age 511891 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 10 Nov 2023 22:04:56 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://claim.supernormal.art/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	supernormal-mystery-box Show response app.manifold.xyz/c/ Frame 5B3D	39 KB 9 KB	507ms 230ms	Document text/html	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/c/supernormal-mystery-box Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Express Resource Hash 8bb680a126d6f1f83b0b8d5afdb5be722e1812345b1259708b4245a60afe6ec3 Request headers Referer https://claim.supernormal.art/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges none content-encoding gzip content-type text/html; charset=utf-8 date Wed, 16 Nov 2022 20:16:28 GMT etag "9ba0-Bd11V+augLtzYoT3gWmeOt1oVeQ" vary User-Agent, Accept-Encoding x-powered-by Express
POST H/1.1	200 OK	hi Show response claim.supernormal.art/user/	57 B 1 KB	238ms 238ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/user/hi Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 7c855edb3d792850f7122cd2946ded769e889dc74e9283ce6c7c6c4c8f9586a4 Request headers X-Bubble-Epoch-Name Epoch: Runmode page fully loaded X-Bubble-Epoch-ID 1668629788195x344112048568828900 X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1668629788273x596897991476355000 X-Bubble-PL 1668629788273x343 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://claim.supernormal.art/ cache-control no-cache Referer https://claim.supernormal.art/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers Date Wed, 16 Nov 2022 20:16:28 GMT Content-Encoding br CF-Cache-Status DYNAMIC x-bubble-perf {"total":19.1,"percents":{"top":{"bubble_cpu":19.4,"block":78,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":25.4,"appserver_cache_misses_time":0,"redis":50.3,"fiber_queue":14.1,"capacity_wait":5.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":557928,"derived_build_time_spent":0}} x-bubble-appname mb-checker x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.009 unit-seconds used Server cloudflare x-bubble-request-took 19 vary Accept-Encoding Content-Type application/json cache-control no-cache CF-RAY 76b2e790cb969ba7-FRA x-bubble-capacity-limit 0 ms slower
POST H/1.1	200 OK	m Show response claim.supernormal.art/user/	4 B 1 KB	242ms 241ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/user/m Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1668629788386x608467177174409900 X-Bubble-PL 1668629788273x343 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://claim.supernormal.art/ cache-control no-cache Referer https://claim.supernormal.art/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers Date Wed, 16 Nov 2022 20:16:28 GMT Content-Encoding br CF-Cache-Status DYNAMIC x-bubble-perf {"total":18.6,"percents":{"top":{"bubble_cpu":18.2,"block":78.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41.9,"fiber_queue":13.1,"capacity_wait":24.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":505674,"derived_build_time_spent":0}} x-bubble-appname mb-checker x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.008 unit-seconds used Server cloudflare x-bubble-request-took 18 vary Accept-Encoding Content-Type application/json cache-control no-cache CF-RAY 76b2e79179b86967-FRA x-bubble-capacity-limit 0 ms slower
GET H2	200	marketplace.css marketplace.manifoldxyz.dev/latest/ Frame 5B3D	68 KB 10 KB	435ms 18ms	Stylesheet text/css	2600:9000:21f3:7600:1c:647:b880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://marketplace.manifoldxyz.dev/latest/marketplace.css Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:7600:1c:647:b880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aa71f051f5ca3243bf404f9a05c8c30e83097208185d68296bd0bf8832d6d606 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 19:08:00 GMT content-encoding gzip via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) last-modified Wed, 16 Nov 2022 19:07:41 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 4110 etag W/"a341d31af1230a1b8aabebf92e3ba9e0" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id 9y6jBtP9CJUOUC81CcSvQAiQjDGO-2beNzv34LgG-S0Qq58zjGmK9A==
GET H2	200	claimComplete.css d3itct7q6t8yn2.cloudfront.net/latest/ Frame 5B3D	35 KB 6 KB	93ms 20ms	Stylesheet text/css	2600:9000:21f3:6400:a:1975:9780:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3itct7q6t8yn2.cloudfront.net/latest/claimComplete.css Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6400:a:1975:9780:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 167a3ee3629c93a6b56a29a56f194180aed93d7f990383ba88125d3507b955ad Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 04:47:56 GMT content-encoding gzip via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) last-modified Tue, 15 Nov 2022 04:47:10 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 55713 etag W/"5f62c2cf6c38bef945a7f7fabf4175df" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id gZ7pXaz5cCbXgPzG-bkLrZwOl3U4cJDqxRwKHu-axD0jeRIK2Qajig==
GET H2	200	script.js Show response plausible.io/js/ Frame 5B3D	1 KB 1 KB	309ms 24ms	Script application/javascript	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/js/script.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:29 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 883 cdn-cachedat 11/16/2022 17:45:20 cdn-pullzone 682664 cross-origin-resource-policy cross-origin application 10.0.0.6 server BunnyCDN-AMS-883 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control public, must-revalidate, max-age=86400 permissions-policy interest-cohort=() cdn-requestid c07fb55d1988fecf4e4e73ea55cd6ecf cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	marketplace.umd.min.js Show response marketplace.manifoldxyz.dev/latest/ Frame 5B3D	3 MB 845 KB	435ms 18ms	Script application/javascript	2600:9000:21f3:7600:1c:647:b880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://marketplace.manifoldxyz.dev/latest/marketplace.umd.min.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:7600:1c:647:b880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e48c735c5bd2f7fddc18e6f896bfc06176c31e0413b580c1053308efcedc9d81 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 19:07:50 GMT content-encoding gzip via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) last-modified Wed, 16 Nov 2022 19:07:41 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 4120 etag W/"2bc79c788b776d013c6d283da135402e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id WMwfKTz62VrWd07pZFZ4Nr23c6aOfeQ6i09_FwFIs6SRwz9qAHb4AQ==
GET H2	200	claimComplete.umd.min.js Show response d3itct7q6t8yn2.cloudfront.net/latest/ Frame 5B3D	3 MB 892 KB	92ms 19ms	Script application/javascript	2600:9000:21f3:6400:a:1975:9780:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3itct7q6t8yn2.cloudfront.net/latest/claimComplete.umd.min.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6400:a:1975:9780:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6624b79d7b1e368ade6962578f0eb9c8cfb69267ea23637ef0697c8b1066a79f Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 04:47:56 GMT content-encoding gzip via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) last-modified Tue, 15 Nov 2022 04:47:10 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 55713 etag W/"3f922a87df9870a2de9f82c2ee7e45e2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id KiivudOtUxNKpzmSHVc5-JPo7Bz03YsNsHa84-1y_rbJAra_jdHxew==
GET H2	200	e77a37f.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	2 KB 1 KB	241ms 239ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/e77a37f.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 283568f51eca82b2229daaa33b9dbea2077940394c86305ebbf0062d51e68c8c Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:09 GMT etag W/"9d6-18478533253" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	0253fa8.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	176 KB 62 KB	347ms 345ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/0253fa8.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash cebd80fc79bf69e2c73a4c68ed605e442c672bf8ac6249be4174ebc7a7da57b5 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:05 GMT etag W/"2c097-1847853258e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	14e1840.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	21 KB 7 KB	240ms 238ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/14e1840.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 07ca2b4f9d9500b092eced5f8568dbc91f73e37f7902528bfe50154a50c07915 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:09 GMT etag W/"54bf-18478533253" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	70a2849.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	53 KB 14 KB	346ms 344ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/70a2849.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 80d2fa1a3a26b2db096fbe07c87f047eeb12a6db597b4ea2a7f25e0c4be348e6 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:05 GMT etag W/"d438-1847853258e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	20c0e86.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	235 B 417 B	240ms 238ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/20c0e86.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 51e250c0d92813ad080d6927024b50179a2576eb2a8d06e5d0fe569c3915b00c Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:09 GMT etag W/"eb-1847853324f" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	b8c0c31.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	35 KB 8 KB	346ms 345ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/b8c0c31.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 1d740d58ff1dbfcef92f6bc8165d6a6e087b012dfdb12ed7e6020c0c12569fec Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:05 GMT etag W/"8afc-1847853258e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	39c42c5.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	15 KB 6 KB	242ms 240ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/39c42c5.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash 1f72d7135dac309123e7b5d285948eb860f4de5b07f40f26029cdc5acade7062 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:09 GMT etag W/"3c9b-1847853324f" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	1bcb3e8.modern.js Show response app.manifold.xyz/_nuxt/ Frame 5B3D	454 KB 146 KB	350ms 349ms	Script application/javascript	52.73.47.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.manifold.xyz/_nuxt/1bcb3e8.modern.js Requested by Host: app.manifold.xyz URL: https://app.manifold.xyz/c/supernormal-mystery-box Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-47-153.compute-1.amazonaws.com Software / Resource Hash ca892fa0af3bd5c134cedbd33a106390cfad6acca624b288159c3af01b22fd2d Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/c/supernormal-mystery-box User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 20:16:28 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 22:47:05 GMT etag W/"719dc-1847853258e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	connect.umd.min.js Show response connect.manifoldxyz.dev/2.0.14/ Frame 5B3D	2 MB 496 KB	302ms 24ms	Script application/javascript	2600:9000:20eb:a200:7:7040:cc40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connect.manifoldxyz.dev/2.0.14/connect.umd.min.js Requested by Host: d3itct7q6t8yn2.cloudfront.net URL: https://d3itct7q6t8yn2.cloudfront.net/latest/claimComplete.umd.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a200:7:7040:cc40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 90a0b039278740667f205abf384c524bb0d4ad87f1904413d9b0fc97a09ce6a7 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 05:02:15 GMT content-encoding gzip via 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront) last-modified Mon, 07 Nov 2022 17:42:18 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 54856 etag W/"283b81a12ad6211e304d15d33a0ae9d5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id e1cVOAOuamAs9eDNSbNI8qYSq2k-5bNm8QFTMNlHGqnlHlBWxH2ttw==
GET H2	200	walletIdentity.umd.min.js Show response identity.manifoldxyz.dev/latest/ Frame 5B3D	201 KB 57 KB	536ms 29ms	Script application/javascript	2600:9000:2451:200:0:b83e:c640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://identity.manifoldxyz.dev/latest/walletIdentity.umd.min.js Requested by Host: d3itct7q6t8yn2.cloudfront.net URL: https://d3itct7q6t8yn2.cloudfront.net/latest/claimComplete.umd.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2451:200:0:b83e:c640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c89ce92fbfd3c68de4f3a88fa83fe1be5db47914526c97631cdfe088bc69bc0f Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 16 Nov 2022 10:57:47 GMT content-encoding gzip via 1.1 660c94f4f2991ce757c8a794a9814a00.cloudfront.net (CloudFront) last-modified Fri, 28 Oct 2022 04:48:03 GMT server AmazonS3 x-amz-cf-pop HAM50-P2 age 33524 etag W/"19da1d611f0a00a20d3860fc49a08988" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id niKvATT1C3Elzcih91jR3BYdX5wzkFTHSbSPjQBEfUfRy4qs0uPgQA==
GET H2	200	walletIdentity.css identity.manifoldxyz.dev/latest/ Frame 5B3D	8 KB 3 KB	535ms 29ms	Stylesheet text/css	2600:9000:2451:200:0:b83e:c640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://identity.manifoldxyz.dev/latest/walletIdentity.css Requested by Host: d3itct7q6t8yn2.cloudfront.net URL: https://d3itct7q6t8yn2.cloudfront.net/latest/claimComplete.umd.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2451:200:0:b83e:c640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1d3dfdaf2943a3d67fc9333c4da28f06b572550b8499b45c0246afe9e57f2d0 Request headers accept-language de-DE,de;q=0.9 Referer https://app.manifold.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 15 Nov 2022 21:39:53 GMT content-encoding gzip via 1.1 660c94f4f2991ce757c8a794a9814a00.cloudfront.net (CloudFront) last-modified Fri, 28 Oct 2022 04:48:03 GMT server AmazonS3 x-amz-cf-pop HAM50-P2 age 81398 etag W/"53b6841ebe82eed2686608dc4b2e4128" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id _7GX3h6Ed_wtcCobfXqdb5dHLSm6EVSMbHyHrJZafOVDo7mA3tD8Sw==
POST H/1.1	200 OK	apm Show response claim.supernormal.art/user/	4 B 1 KB	293ms 293ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/user/apm Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1668629790298x498001515707903000 X-Bubble-PL 1668629788273x343 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://claim.supernormal.art/ cache-control no-cache Referer https://claim.supernormal.art/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers Date Wed, 16 Nov 2022 20:16:30 GMT Content-Encoding br CF-Cache-Status DYNAMIC x-bubble-perf {"total":18.2,"percents":{"top":{"bubble_cpu":21.1,"block":70.5,"capacity_rl":0,"other_pause":0,"pre_fiber":4.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":44.9,"fiber_queue":14.8,"capacity_wait":12.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":576858,"derived_build_time_spent":0}} x-bubble-appname mb-checker x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.009 unit-seconds used Server cloudflare x-bubble-request-took 18 vary Accept-Encoding Content-Type application/json cache-control no-cache CF-RAY 76b2e79d7bac6967-FRA x-bubble-capacity-limit 0 ms slower
POST H2	202	event Show response plausible.io/api/ Frame 5B3D	2 B 488 B	195ms 81ms	XHR text/plain	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://app.manifold.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers date Wed, 16 Nov 2022 20:16:30 GMT cdn-edgestorageid 883 cdn-cachedat 11/16/2022 20:16:30 cdn-pullzone 682664 application 10.0.1.2 content-length 2 x-request-id Fygp9CDkQBwvHFpsh4-D server BunnyCDN-AMS-883 cdn-proxyver 1.03 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid 72b7b8e248033e64fec8e33d403c93a6 cdn-requestcountrycode DE cdn-status 202 cdn-requestpullsuccess True
POST H/1.1	200 OK	frg Show response claim.supernormal.art/	4 B 1 KB	249ms 249ms	XHR application/json	104.19.240.93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claim.supernormal.art/frg Requested by Host: claim.supernormal.art URL: https://claim.supernormal.art/package/run_js/87ead9ae05998c1324add0bcee85fc078af869f533b9d27bd7b328edffce1051/xfalse/x18/run.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.19.240.93 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Request headers X-Bubble-UTM-Data {} X-Bubble-Fiber-ID 1668629791389x269834662783029470 X-Bubble-PL 1668629788273x343 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://claim.supernormal.art/ cache-control no-cache Referer https://claim.supernormal.art/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers Date Wed, 16 Nov 2022 20:16:31 GMT Content-Encoding br CF-Cache-Status DYNAMIC x-bubble-perf {"total":10.4,"percents":{"top":{"bubble_cpu":31.5,"block":61.8,"capacity_rl":0,"other_pause":0,"pre_fiber":7.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.9,"fiber_queue":28.6,"capacity_wait":5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":493474,"derived_build_time_spent":0}} x-bubble-appname mb-checker x-powered-by Express Transfer-Encoding chunked Connection keep-alive x-bubble-capacity-used 0.008 unit-seconds used Server cloudflare x-bubble-request-took 11 vary Accept-Encoding Content-Type application/json cache-control no-cache CF-RAY 76b2e7a44bde6967-FRA x-bubble-capacity-limit 0 ms slower
POST		frg claim.supernormal.art/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

claim.supernormal.art

URL

https://claim.supernormal.art/frg

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| _p string| bubble_page_name boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| $ function| jQuery string| bubble_bundle_name object| Base64 object| BrowserDetect object| safe_require function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| setImmediate function| clearImmediate function| kill_notifier_socket function| restore_notifier_socket object| client_db number| server_time_offset function| authenticate_as object| element_performance_counts object| testing object| document_ready_key function| display_page function| Lib_post_load number| bubble_version object| plugins object| bubble_run_derived object| app object| translation_data object| language_data string| application_language function| Lib object| regeneratorRuntime function| Web3 function| setw3conn function| setw3wll function| setw3dnn function| everything_ready function| wait_for_everything function| show_banner

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.claim.supernormal.art/	1970-01-20 07:34:48	Name: mb-checker_live_u2main Value: 1668629786547x652369356382445600
			.claim.supernormal.art/	1970-01-20 07:34:48	Name: mb-checker_live_u2main.sig Value: 3MUwkKbCB1E0-q5RztAwvC1MrvY
			.claim.supernormal.art/	1969-12-31 23:59:59	Name: mb-checker_u1main Value: 1668629786506x544401540711620300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.manifold.xyz
cdn.jsdelivr.net
claim.supernormal.art
connect.manifoldxyz.dev
d3itct7q6t8yn2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
identity.manifoldxyz.dev
marketplace.manifoldxyz.dev
plausible.io
claim.supernormal.art
104.19.240.93
2600:9000:20eb:a200:7:7040:cc40:93a1
2600:9000:21f3:6400:a:1975:9780:21
2600:9000:21f3:7600:1c:647:b880:93a1
2600:9000:2451:200:0:b83e:c640:93a1
2606:4700::6810:5814
2a00:1450:4001:827::2003
2a00:1450:4001:831::200a
52.73.47.153
84.17.46.54
0577890b7f82063e7de092df189fd6eb646c5b1c25d13d7f376d673467bd4e8d
07ca2b4f9d9500b092eced5f8568dbc91f73e37f7902528bfe50154a50c07915
167a3ee3629c93a6b56a29a56f194180aed93d7f990383ba88125d3507b955ad
1d740d58ff1dbfcef92f6bc8165d6a6e087b012dfdb12ed7e6020c0c12569fec
1f72d7135dac309123e7b5d285948eb860f4de5b07f40f26029cdc5acade7062
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
283568f51eca82b2229daaa33b9dbea2077940394c86305ebbf0062d51e68c8c
51e250c0d92813ad080d6927024b50179a2576eb2a8d06e5d0fe569c3915b00c
592eef2ce92e6049a9f385a560cfe1d0a41a7513b8344d54e8849e8fefb2e252
5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf
6624b79d7b1e368ade6962578f0eb9c8cfb69267ea23637ef0697c8b1066a79f
6ea0a72206b595d4509f3c45189acf23032c7708be8dc66e17f1b1446d1cda16
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7c855edb3d792850f7122cd2946ded769e889dc74e9283ce6c7c6c4c8f9586a4
80d2fa1a3a26b2db096fbe07c87f047eeb12a6db597b4ea2a7f25e0c4be348e6
8217e1e55f0ffc8c99453a588732ea47387dc4ecd6f9a53f1f132129aa41c1d8
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bb680a126d6f1f83b0b8d5afdb5be722e1812345b1259708b4245a60afe6ec3
8cb3cf3bebdb8bff66e933304dc462e99c8c17725edc5917c78673f841b794fa
90a0b039278740667f205abf384c524bb0d4ad87f1904413d9b0fc97a09ce6a7
a2059834ed3c5e0d476d006cffac4a3f7754ffde4561827abf0e976b18e13303
aa71f051f5ca3243bf404f9a05c8c30e83097208185d68296bd0bf8832d6d606
ad7d7be426a25a485840c260b67804f37d812c122cd5c646baa852ca955b7319
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
b34afb49eaea9172c5bdb38c7a18afeeb27f99b6567b72f12a1089ac1004bdab
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c1d3dfdaf2943a3d67fc9333c4da28f06b572550b8499b45c0246afe9e57f2d0
c89ce92fbfd3c68de4f3a88fa83fe1be5db47914526c97631cdfe088bc69bc0f
ca892fa0af3bd5c134cedbd33a106390cfad6acca624b288159c3af01b22fd2d
cebd80fc79bf69e2c73a4c68ed605e442c672bf8ac6249be4174ebc7a7da57b5
e48c735c5bd2f7fddc18e6f896bfc06176c31e0413b580c1053308efcedc9d81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149