URL: https://app.thejupiter.group/login.php
Submission Tags: krdtest
Submission: On February 12 via api from JP — Scanned from JP

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 30 HTTP transactions. The main IP is 35.202.49.152, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is app.thejupiter.group.
TLS certificate: Issued by R3 on February 11th 2022. Valid for: 3 months.
This is the only time app.thejupiter.group was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 349
fonts.googleapis.com — Cisco Umbrella Rank: 35
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 556
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 489
58 KB
4 leadconnectorhq.com
static.leadconnectorhq.com — Cisco Umbrella Rank: 278806
2 MB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
14 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 62
www.google.com — Cisco Umbrella Rank: 2
73 KB
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 21509
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
448 B
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2660
6 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 944
139 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 5032
17 KB
1 grapesjs.com
grapesjs.com — Cisco Umbrella Rank: 347379
158 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
103 KB
1 thejupiter.group
app.thejupiter.group
3 KB
30 13
Domain Requested by
4 firebaseremoteconfig.googleapis.com static.leadconnectorhq.com
4 static.leadconnectorhq.com app.thejupiter.group
4 use.fontawesome.com app.thejupiter.group
2 firebaseinstallations.googleapis.com static.leadconnectorhq.com
2 fonts.googleapis.com static.leadconnectorhq.com
2 www.google-analytics.com app.thejupiter.group
www.google-analytics.com
2 maps.googleapis.com app.thejupiter.group
maps.googleapis.com
1 www.google.co.jp
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 netdna.bootstrapcdn.com static.leadconnectorhq.com
1 cdn.pendo.io app.thejupiter.group
1 public.profitwell.com app.thejupiter.group
1 accounts.google.com app.thejupiter.group
1 grapesjs.com app.thejupiter.group
1 cdnjs.cloudflare.com app.thejupiter.group
1 app.thejupiter.group
30 17

This site contains no links.

Subject Issuer Validity Valid
app.thejupiter.group
R3
2022-02-11 -
2022-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
grapesjs.com
R3
2021-12-16 -
2022-03-16
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
static.leadconnectorhq.com
GTS CA 1D4
2022-01-31 -
2022-05-01
3 months crt.sh
*.profitwell.com
Amazon
2021-08-02 -
2022-08-31
a year crt.sh
cdn.pendo.io
Amazon
2021-08-29 -
2022-09-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
www.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.thejupiter.group/login.php
Frame ID: F3C88FE7F6F97C84A09EB5CA72B88420
Requests: 27 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-scope
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Page Statistics

30
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

2528 kB
Transfer

9262 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
app.thejupiter.group/
5 KB
3 KB
Document
General
Full URL
https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.49.152 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.49.202.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
138bcba6fe5307ac097dfdb982c07adde36ceddddd719120cacb15827c564dde

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
openresty
date
Sat, 12 Feb 2022 01:25:31 GMT
content-type
text/html
vary
Accept-Encoding
x-guploader-uploadid
ADPycdt9NbW5X1CC2miayK3GqvI7YIkdnaReDBxCyT1gqBilAaOmXH6drqYNTu36HjWTCNIAINOpUOMv3CtdGXJE06itzziKug
cache-control
no-store, max-age=0
expires
Sat, 12 Feb 2022 01:25:31 GMT
last-modified
Fri, 11 Feb 2022 18:18:21 GMT
etag
W/"41e91c89f5cffbd02a4236bbb0055395"
x-goog-generation
1644603501328582
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
5484
x-goog-hash
crc32c=1b9f3w== md5=QekcifXP+9AqQja7sAVTlQ==
x-goog-storage-class
MULTI_REGIONAL
access-control-allow-origin
*
access-control-expose-headers
Content-Type Range Content-Range X-From-Cache
alt-svc
clear
content-encoding
gzip
js
maps.googleapis.com/maps/api/
160 KB
53 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE&libraries=places
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
24a5bdb81afd27adcae14613296f28d43d5c97150df96381f82de1c05c286d9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53411
x-xss-protection
0
expires
Sat, 12 Feb 2022 01:55:31 GMT
tinymce.min.js
cdnjs.cloudflare.com/ajax/libs/tinymce/4.9.6/
356 KB
103 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tinymce/4.9.6/tinymce.min.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be5cc021e604f4b3eb83d1816dccdd568184b0faaad367710f6a0f9671d8cf3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7014506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
104667
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-58e27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSSnB7gHzHMiE5bYhdDhx1iK2uFBRLNyxooYsfXDz9wthorOaVVu4idyKsnWo2rUXN8lZ0becdz1FHEd%2FUijJDQMLz5skt88zu60SyKd3fy1c7jjqYroGch%2BHJ0K5U13pNBTr7dErM2%2BJaNe%2FxMojzqJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dc206083ffa8a6e-NRT
expires
Thu, 02 Feb 2023 01:25:31 GMT
ckeditor.js
grapesjs.com/js/ckeditor/
521 KB
158 KB
Script
General
Full URL
https://grapesjs.com/js/ckeditor/ckeditor.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
a9bb7a03aa38d24d33e7370e3690c26f7709d6b9bb40c18667da4f5e5bf0b044

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
4bccf9fcb644b96815f7d3d6768a8bd076a58e2b
date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
age
0
x-cache
HIT
content-length
161712
x-served-by
cache-tyo11927-TYO
access-control-allow-origin
*
last-modified
Fri, 28 Jan 2022 14:58:23 GMT
server
GitHub.com
x-github-request-id
1602:75EE:3DB9B8:403920:6205D8A9
x-timer
S1644629132.585998,VS0,VE1
etag
W/"61f4048f-8244a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 11 Feb 2022 03:41:22 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
x-cache-hits
1
client
accounts.google.com/gsi/
182 KB
73 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bb0518b6abb0c1c60fbe37fe295faba55888a53abfda9bc287e26661b9e56c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fiaBdgt7U9Vz3oZUVWC3Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-fiaBdgt7U9Vz3oZUVWC3Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires
Sat, 12 Feb 2022 01:25:31 GMT
solid.css
use.fontawesome.com/releases/v5.8.1/css/
667 B
704 B
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/solid.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561b7e6fd9934ae58e8c04d53855a9692ca95e60b0231ae9e1766e78245f4dd3

Request headers

Referer
https://app.thejupiter.group/
Origin
https://app.thejupiter.group
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C3EGY6DXVXBQDV6A
x-amz-id-2
kM4esj21J/EVjU2eaU/YLje0U6+ZaecoPgoTfg+He1EfN+fH4pgkFAholLu058rxDOoXTfHC3nw=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"cddcd8fd12da8dd6bcad774583afd75c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2biEUHCcFhyV26cQ9ru%2B8PuCf5YxDcQYNSHAEWXVrOIYboL9ZDTeGN8Hg%2BnRSmNlvuEpWeFyHr3PxZ8BCg5NqJoGQM%2FD9bv3NwfzEdx1ZsJ%2B4m7hxsCUF3EGTVGNI2YhT%2BCdZ1UhCIORCFtU7sNBMpBX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dc206083d362062-NRT
regular.css
use.fontawesome.com/releases/v5.8.1/css/
675 B
697 B
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/regular.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae

Request headers

Referer
https://app.thejupiter.group/
Origin
https://app.thejupiter.group
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C3EMTKMR6K8DXM0Y
x-amz-id-2
EY4aS8ladwr+KTBOLwFYU1WgNBNmv0GW9z0UdyerXfRwqRAIZW5p1WvSW87Kjee3Veb5RLZ2yIY=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"b7c0350118f1465ba68e3b7c93fcc360"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7GwlNwkqyFtebmGOQ2Df1lRnODXXbtMXlcPsrmgGOz01wCnsGcP7ji1K0NeXb1fNKz1ssLUyfRB%2FoR2dvyAMyEuc4Es0P%2BII6SrVsKA1d%2FNzb2syxK8QKpsfpFXNHgOc2s5JyQoUas%2Fw5UB%2BYKSBGxs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dc206083d372062-NRT
brands.css
use.fontawesome.com/releases/v5.8.1/css/
660 B
1 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/brands.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493

Request headers

Referer
https://app.thejupiter.group/
Origin
https://app.thejupiter.group
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C3EPGDYMJP92VFHF
x-amz-id-2
+DPkT4P150UIRdot7dKsAPy1p1dMkWH+MF702N6cciSsGKY5X7/SYVxaOUEqW52FiEiQCImgjo4=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"c9fcdfd0e53dec8552f9dd3b40f75973"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnHCY4%2Fgx1sjI7665sIhEzDJES7pOU%2Blw77McRIF1oG5NNQ70nYjjlrgd2AMLAZPd8SgavM6RGhd1%2Bu1QmvzwJAm6xbZS%2B0dcvkEgJHuil8QLfrNqNQwaFTvxJq%2BV1KI7s%2BDunqZLtBQYlwMu76qy3oT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dc206083d382062-NRT
fontawesome.css
use.fontawesome.com/releases/v5.8.1/css/
52 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/fontawesome.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5

Request headers

Referer
https://app.thejupiter.group/
Origin
https://app.thejupiter.group
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C3ETK5DKPCHCHTYZ
x-amz-id-2
Zm6Ps/qM4VeGyFQqje0aLLUXqTl3861i1gZaynh1C3pqPbAOq4omljWZCbQKDADaUkF6RpepwCE=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"f87b6becf6c4595d38a59016c2460a0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jljB38S82ZcSzAphN2Dme7OnQSYpgk6KlQMZuL%2B2DdU2fYEUAWIF717jKRJzIwkPTH2hw3ElWlslNk4ZxR7iVJv2Kuwr646qU3HBWd%2FPFhvHlk9jNU%2BIMeo8WGYNHEXp2SljWNMQNOM8%2F%2BvvYBmuGsoZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dc206083d392062-NRT
app.13e77f62.css
static.leadconnectorhq.com/css/
733 KB
101 KB
Stylesheet
General
Full URL
https://static.leadconnectorhq.com/css/app.13e77f62.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
81c8870590c814bf5d6ea7bd0a14917168ebac12db54ff4148ca0ec0c8002eb0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduk0zy7u6_VdtyUsaPScyEMsyyWYXtXpKYsqmxKug2Qg4aicAHzEOGsmzkE_XynFrcjDi-D83AHzhGGlXg4Adw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
103158
last-modified
Fri, 11 Feb 2022 18:18:08 GMT
server
UploadServer
etag
"7861fb6e61843929aafd700be26c6b97"
x-goog-hash
crc32c=EnYQhQ==, md5=eGH7bmGEOSmq/XAL4mxrlw==
x-goog-generation
1644603488148564
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
no-store, max-age=0,no-transform
x-goog-stored-content-length
103158
accept-ranges
bytes
content-type
text/css
expires
Sat, 12 Feb 2022 01:25:31 GMT
chunk-vendors.44beb448.css
static.leadconnectorhq.com/css/
109 KB
23 KB
Stylesheet
General
Full URL
https://static.leadconnectorhq.com/css/chunk-vendors.44beb448.css
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b4f8b744e9e3a6f7e991315ad227ff1bb628ca77eb79c45abf0280e728b2cd1

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu85eBXyl20SqLfHNSxUzYOeSAPJFn_9HnaOqG6D_0w_jKsdy7yO23R2FWhy_Ijoeg220JT171UddS13taesqE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
22506
last-modified
Fri, 11 Feb 2022 18:18:09 GMT
server
UploadServer
etag
"35fadad212ae36aca6f4b0a8e5690871"
x-goog-hash
crc32c=ZONqOA==, md5=Nfra0hKuNqym9LCo5WkIcQ==
x-goog-generation
1644603489506308
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
no-store, max-age=0,no-transform
x-goog-stored-content-length
22506
accept-ranges
bytes
content-type
text/css
expires
Sat, 12 Feb 2022 01:25:31 GMT
app.232c4da2ab339b11de05.min.js
static.leadconnectorhq.com/js/
2 MB
477 KB
Script
General
Full URL
https://static.leadconnectorhq.com/js/app.232c4da2ab339b11de05.min.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
869b8825ee1b4718631a47705b8d046c5890aa5a164315f9d28de9ef884da9ab

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtN5rLg6pHlyQRRfR6t8PuDnfX9XOc7WuhafiWqN61mUAI0DAYswEWqvz8qtqf-MymAJ43yHd9eihcQkP1bbvU-VnojCQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
488028
last-modified
Fri, 11 Feb 2022 18:18:16 GMT
server
UploadServer
etag
"ab086dd30d0d35226e1bb70613f33b2c"
x-goog-hash
crc32c=qwBnzg==, md5=qwht0w0NNSJuG7cGE/M7LA==
x-goog-generation
1644603496513278
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
no-store, max-age=0,no-transform
x-goog-stored-content-length
488028
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 12 Feb 2022 01:25:31 GMT
chunk-vendors.0dcdb3f7b2e738d160ac.min.js
static.leadconnectorhq.com/js/
5 MB
1 MB
Script
General
Full URL
https://static.leadconnectorhq.com/js/chunk-vendors.0dcdb3f7b2e738d160ac.min.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2321df930249bf7635574daa0875d6034e9c9b89ded6c04558008425e9e09e13

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:31 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdviIxcDhUb7DNH9CDv4Up4DtaK0rjYuCVaP7rvIIQWSXMz9O6iLir7vJYzuJauR2GvGC1OGP8Xr3FaNXVS6wUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
1364565
last-modified
Fri, 11 Feb 2022 18:18:14 GMT
server
UploadServer
etag
"73eda81887ee9e3301794d8d41a70eb3"
x-goog-hash
crc32c=7Z2FIg==, md5=c+2oGIfunjMBeU2NQacOsw==
x-goog-generation
1644603494532486
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
no-store, max-age=0,no-transform
x-goog-stored-content-length
1364565
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 12 Feb 2022 01:25:31 GMT
profitwell.js
public.profitwell.com/js/
56 KB
17 KB
Script
General
Full URL
https://public.profitwell.com/js/profitwell.js?auth=a86dbc4f5714e6d4f157f30674c34782
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.25.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-25-95.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfc42e10ab9d5f58aa89c7483b9839090bf8cd04ba9fb0d8d525a11e17ac55e3

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 21:48:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 15:29:30 GMT
server
AmazonS3
age
13024
etag
W/"91484599154bb461309078fd68d50e16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
4YeK8WmtKeCIYm.JbzlWoez0jdlXWFV8
via
1.1 1d4c12e1d99255c676c0a5445e866a5a.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
LAX53-P1
content-type
application/x-javascript
x-amz-cf-id
WNmw6U0h6e8tdtfXTrsoROEeXs_uUBqLrqo4EQDj44yokrrGduOPiQ==
pendo.js
cdn.pendo.io/agent/static/2609845c-58c9-4b6e-7126-639c4121d0b7/
445 KB
139 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/2609845c-58c9-4b6e-7126-639c4121d0b7/pendo.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-214-97.nrt57.r.cloudfront.net
Software
UploadServer /
Resource Hash
99975b09e3cc0966388d0153762007cf6e9551281a51e3bb843b287f7fd14af6

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 01:21:37 GMT
Content-Encoding
gzip
Age
234
X-GUploader-UploadID
ADPycduqBsYWJlaDIKV44QMFWXwyMks8r_i7T1WWizVHuqR6JZixFtmNUJVcKTfZMtN8XIRqeFYY8q6xsfqmyjN97l1zQ4yHBw
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
140812
Access-Control-Allow-Origin
*
Last-Modified
Fri, 11 Feb 2022 07:40:06 GMT
Server
UploadServer
ETag
"99373f195ba6ad1cab1ee084c09b88e8"
Vary
Accept-Encoding
x-goog-hash
crc32c=nj+JLA==, md5=mTc/GVumrRyrHuCEwJuI6A==
x-goog-generation
1644565206402214
Via
1.1 c6a39a61a5883d63c301bf090ead6950.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
140812
X-Amz-Cf-Pop
NRT57-P4
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
zyjwHuka367lKSZsSRHakPiETelmUxCdkJksZdABKeZjXsK3f2hgPA==
Expires
Sat, 12 Feb 2022 01:29:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.thejupiter.group
URL: https://app.thejupiter.group/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5486
date
Fri, 11 Feb 2022 23:54:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Feb 2022 01:54:05 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/css/app.13e77f62.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://static.leadconnectorhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 23:35:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 01:25:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 01:25:32 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/css/app.13e77f62.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://static.leadconnectorhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
674, 617, 617
age
6417587
cdn-cachedat
2021-06-07 16:46:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
62e161fe6eaf6836fec7f8f5c8871398
cf-ray
6dc2060b7b568081-NRT
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/
0
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Calibri
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/css/app.13e77f62.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://static.leadconnectorhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

collect
www.google-analytics.com/j/
4 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1426265065&t=pageview&_s=1&dl=https%3A%2F%2Fapp.thejupiter.group%2Flogin.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=75394302&gjid=1657540455&cid=18385757.1644629133&tid=UA-115177999-2&_gid=550674259.1644629133&_r=1&_slc=1&z=1511512118
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.thejupiter.group/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 01:25:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.thejupiter.group
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 01:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.thejupiter.group
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
7 B
448 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115177999-2&cid=18385757.1644629133&jid=75394302&gjid=1657540455&_gid=550674259.1644629133&_u=aEBAAEAAEAAAAC~&z=802092947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.thejupiter.group/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Feb 2022 01:25:32 GMT
content-type
text/plain
access-control-allow-origin
https://app.thejupiter.group
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/highlevel-backend/
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/highlevel-backend/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://app.thejupiter.group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://app.thejupiter.group
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Sat, 12 Feb 2022 01:25:32 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
installations
firebaseinstallations.googleapis.com/v1/projects/highlevel-backend/
575 B
480 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/highlevel-backend/installations
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/js/chunk-vendors.0dcdb3f7b2e738d160ac.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3047ed3581c0aa412f64c349915e1fa28c069a218180c33f003b76ebeb019560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://app.thejupiter.group/
x-goog-api-key
AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Sat, 12 Feb 2022 01:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.thejupiter.group
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
457
x-xss-protection
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115177999-2&cid=18385757.1644629133&jid=75394302&_u=aEBAAEAAEAAAAC~&z=702767305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 01:25:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115177999-2&cid=18385757.1644629133&jid=75394302&_u=aEBAAEAAEAAAAC~&z=702767305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://app.thejupiter.group/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 01:25:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/
5 KB
4 KB
Fetch
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/firebase:fetch?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/js/chunk-vendors.0dcdb3f7b2e738d160ac.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80e::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6965567a04681be66472e924bfd806f4338249c1e0256f7c41dfb0fe5ce3b37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.thejupiter.group/
Content-Encoding
gzip
If-None-Match
*
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 12 Feb 2022 01:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
etag
etag-highlevel-backend-firebase-fetch--330998523
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.thejupiter.group
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
3673
x-xss-protection
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/
0
0
Preflight
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/firebase:fetch?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80e::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Origin
https://app.thejupiter.group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://app.thejupiter.group
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-max-age
3600
date
Sat, 12 Feb 2022 01:25:33 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/
1 KB
443 B
Fetch
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/fireperf:fetch?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE
Requested by
Host: static.leadconnectorhq.com
URL: https://static.leadconnectorhq.com/js/chunk-vendors.0dcdb3f7b2e738d160ac.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80e::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c79afafa917f696edc5fdda6c679d8af73c2e8f3e1fda44431351d44c1949ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer
https://app.thejupiter.group/
Accept-Language
jp-JP,jp;q=0.9
Authorization
FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6NDM5NDcyNDQ0ODg1OmFuZHJvaWQ6YzQ4MDIyMDA5YTU4ZmZjNyIsImV4cCI6MTY0NTIzMzkzMywiZmlkIjoiZFIwSnduNVZWN2ZDQ2tHTTNZUVh1USIsInByb2plY3ROdW1iZXIiOjQzOTQ3MjQ0NDg4NX0.AB2LPV8wRQIga4Dmx00GmYrbv-J5aB5nXJ-4cLeS5gMnxX0kCJ6z1c0CIQDyy7VS-wVuG_sgBMZEKESP7pfk54eu8GM26WDYQkCZXQ
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 12 Feb 2022 01:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
etag
etag-highlevel-backend-fireperf-fetch--333192599
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.thejupiter.group
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
419
x-xss-protection
0
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/
0
0
Preflight
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/highlevel-backend/namespaces/fireperf:fetch?key=AIzaSyB_w3vXmsI7WeQtrIOkjR6xTRVN5uOieiE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80e::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://app.thejupiter.group
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://app.thejupiter.group
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
authorization
access-control-max-age
3600
date
Sat, 12 Feb 2022 01:25:33 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| profitwell object| pendo string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| default_gsi object| google object| webpackJsonp object| regeneratorRuntime function| _ object| core object| gaGlobal object| gaData object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView number| mce-data-1frloi18i object| tinymce object| tinyMCE object| CKEDITOR object| closure_lm_215564 object| _buorgres

3 Cookies

Domain/Path Name / Value
.thejupiter.group/ Name: _ga
Value: GA1.2.18385757.1644629133
.thejupiter.group/ Name: _gid
Value: GA1.2.550674259.1644629133
.thejupiter.group/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://app.thejupiter.group/login.php
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.googleapis.com/css2?family=Calibri
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
app.thejupiter.group
cdn.pendo.io
cdnjs.cloudflare.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
grapesjs.com
maps.googleapis.com
netdna.bootstrapcdn.com
public.profitwell.com
static.leadconnectorhq.com
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.co.jp
www.google.com
18.65.214.97
18.65.25.95
185.199.110.153
2404:6800:4004:801::200d
2404:6800:4004:80e::200a
2404:6800:4004:81d::2003
2404:6800:4004:81d::200a
2404:6800:4004:81e::2004
2404:6800:4004:820::200e
2404:6800:4004:822::200a
2404:6800:4004:823::200a
2404:6800:4008:c13::9d
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6812:bcf
35.202.49.152
35.244.153.18
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
138bcba6fe5307ac097dfdb982c07adde36ceddddd719120cacb15827c564dde
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
2321df930249bf7635574daa0875d6034e9c9b89ded6c04558008425e9e09e13
24a5bdb81afd27adcae14613296f28d43d5c97150df96381f82de1c05c286d9f
2bb0518b6abb0c1c60fbe37fe295faba55888a53abfda9bc287e26661b9e56c1
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
3047ed3581c0aa412f64c349915e1fa28c069a218180c33f003b76ebeb019560
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3b4f8b744e9e3a6f7e991315ad227ff1bb628ca77eb79c45abf0280e728b2cd1
561b7e6fd9934ae58e8c04d53855a9692ca95e60b0231ae9e1766e78245f4dd3
5be5cc021e604f4b3eb83d1816dccdd568184b0faaad367710f6a0f9671d8cf3
6965567a04681be66472e924bfd806f4338249c1e0256f7c41dfb0fe5ce3b37d
81c8870590c814bf5d6ea7bd0a14917168ebac12db54ff4148ca0ec0c8002eb0
869b8825ee1b4718631a47705b8d046c5890aa5a164315f9d28de9ef884da9ab
8c79afafa917f696edc5fdda6c679d8af73c2e8f3e1fda44431351d44c1949ac
99975b09e3cc0966388d0153762007cf6e9551281a51e3bb843b287f7fd14af6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9bb7a03aa38d24d33e7370e3690c26f7709d6b9bb40c18667da4f5e5bf0b044
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfc42e10ab9d5f58aa89c7483b9839090bf8cd04ba9fb0d8d525a11e17ac55e3
d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629