URL: https://stg-c62965.window-fasting.com/
Submission Tags: @phishunt_io
Submission: On March 18 via api from ES

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2600:1901:0:ce9::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is stg-c62965.window-fasting.com.
TLS certificate: Issued by GTS CA 1D2 on March 18th 2021. Valid for: 3 months.
This is the only time stg-c62965.window-fasting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
16 stg-c62965.window-fasting.com stg-c62965.window-fasting.com
6 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.googletagmanager.com stg-c62965.window-fasting.com
www.googletagmanager.com
2 www.facebook.com stg-c62965.window-fasting.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn.amplitude.com stg-c62965.window-fasting.com
1 fonts.googleapis.com stg-c62965.window-fasting.com
41 10

This site contains links to these domains. Also see Links.

Domain
www.thriveport.com
cookiepedia.co.uk
onetrust.com
Subject Issuer Validity Valid
stg-c62965.window-fasting.com
GTS CA 1D2
2021-03-18 -
2021-06-16
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
cdn.amplitude.com
Amazon
2020-11-18 -
2021-12-17
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2021-02-12 -
2022-02-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://stg-c62965.window-fasting.com/
Frame ID: DB8687D97F98DD010B0EDF28C8E0C560
Requests: 42 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

41
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

10
Subdomains

13
IPs

2
Countries

1861 kB
Transfer

3519 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
stg-c62965.window-fasting.com/
52 KB
8 KB
Document
General
Full URL
https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3635e1b00d840a598cade211bb15d027326d79000ea182aa6c4eb55b4e1dfe8c

Request headers

:method
GET
:authority
stg-c62965.window-fasting.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-guploader-uploadid
ABg5-UxrqDDYlS5802tQWqs5dBWnCbvI-WKqHyNhYCy8OSsaY1FjH3n3O0L_-j3odPc1HpwL1GWyPWjQ9uPOY-4TIGdvhL7PLQ
date
Thu, 18 Mar 2021 19:15:12 GMT
cache-control
no-cache, max-age=0
expires
Thu, 18 Mar 2021 19:15:12 GMT
last-modified
Wed, 27 Jan 2021 15:10:50 GMT
etag
"75d12f8d4dfe9c6443aa1c31b71682a5"
x-goog-generation
1611760250992722
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
7928
x-goog-meta-goog-reserved-file-mtime
1611760246
content-type
text/html
content-encoding
gzip
x-goog-hash
crc32c=RL9t9g== md5=ddEvjU3+nGRDqhwxtxaCpQ==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
7928
server
UploadServer
alt-svc
clear
main.css
stg-c62965.window-fasting.com/assets/css/
39 KB
7 KB
Stylesheet
General
Full URL
https://stg-c62965.window-fasting.com/assets/css/main.css
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8718b5720825f66adbc038eeb20a803108860439f7369bbb6cd4886e9c271a63

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:12 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1611760247
x-guploader-uploadid
ABg5-UwbOOXZKcivzfRtMvMaBDvSe-qm-VHIUAR_c7T_jOYdxZdAmvJm2Tn1FepgKhHMYV7uXhXFl_e8pveSYAnL27xoYFrReA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6522
last-modified
Wed, 27 Jan 2021 15:10:50 GMT
server
UploadServer
etag
"52a5da7affb406f51c770e8ebb3a928f"
vary
Accept-Encoding
x-goog-hash
crc32c=2xRphg==, md5=UqXaev+0BvUcdw6OuzqSjw==
x-goog-generation
1611760250812436
cache-control
no-cache, max-age=0
x-goog-stored-content-length
6522
accept-ranges
bytes
content-type
text/css
expires
Thu, 18 Mar 2021 19:15:12 GMT
phone_header.png
stg-c62965.window-fasting.com/assets/images/
289 KB
288 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/phone_header.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5df26a46bf0619f56d261bbf80a6c43c8e9ab2c59846143f1d1064c7e6a09d79

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uz6DZM3WI3eLpHLt4mvsMCYEBxnS71PJnCTWVEllKfgvvWzK1VZ45Z3jkzINB5UnP0mE_OBwOV0NymNalqZe8boUapC_A
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
294121
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"0c2d00925f6f11d7c26512f5a51fbfb3"
vary
Accept-Encoding
x-goog-hash
crc32c=YcaRJg==, md5=DC0Akl9vEdfCZRL1pR+/sw==
x-goog-generation
1605796308838855
cache-control
no-cache, max-age=0
x-goog-stored-content-length
294121
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
ico-fruit.png
stg-c62965.window-fasting.com/assets/images/
521 KB
521 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/ico-fruit.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c3e0c1742cf32770a5c8c5689f5a9dc654e6de66d15b41f77cd54eaa5e7b3442

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1606233029
x-guploader-uploadid
ABg5-UyWI4bMjvd2zHuWaIBSSC7JE0p2pv8HddQn9vm_niNp97ySjLnmgQzDNxuD5jAZ138zK1NL386miWy5PMCdXdY__2RnKg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
533142
last-modified
Tue, 24 Nov 2020 15:50:33 GMT
server
UploadServer
etag
"0ec0a1a1e1d309dee50122a7308cb7bf"
vary
Accept-Encoding
x-goog-hash
crc32c=M+GCuw==, md5=DsChoeHTCd7lASKnMIy3vw==
x-goog-generation
1606233033032281
cache-control
no-cache, max-age=0
x-goog-stored-content-length
533142
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
logo_icon.png
stg-c62965.window-fasting.com/assets/images/
12 KB
12 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/logo_icon.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
83ce6f9ff0d385eb529656f39b4126778696e79993292b8a7ccf6deb3acf5903

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-UzHQzEm_3Bo7bQ-etKDOH5BVFCYGS-vax6JCxhYMoQpuhDt_XsfbP5eaoB7UPszCJsTp94qDOHEHS_8RUE2LeHyKXZZPg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
12112
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"ac2bcb15854344ccee6a58332f77e818"
vary
Accept-Encoding
x-goog-hash
crc32c=87rcVQ==, md5=rCvLFYVDRMzualgzL3foGA==
x-goog-generation
1605796308691406
cache-control
no-cache, max-age=0
x-goog-stored-content-length
12112
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
main.js
stg-c62965.window-fasting.com/assets/js/
735 KB
173 KB
Script
General
Full URL
https://stg-c62965.window-fasting.com/assets/js/main.js
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
56dc11b09a754e1dd46082934495dcf3eff094bb17f8beaac4cc8794a23f9b1a

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1612193068
x-guploader-uploadid
ABg5-Ux4149ZRRB9rhFoP1b6cdl5Rpvi8evAXYK8EdGuKVemqBfyaorfdhY-TW2ep1gtf2PsBrAPRuomJ8YeGUThJxyO4IYoHw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
176531
last-modified
Mon, 01 Feb 2021 15:24:41 GMT
server
UploadServer
etag
"ae5ff8fb368a04bdd88fd1cf9391591f"
vary
Accept-Encoding
x-goog-hash
crc32c=DsgKPA==, md5=rl/4+zaKBL3Yj9HPk5FZHw==
x-goog-generation
1612193081754203
cache-control
no-cache, max-age=0
x-goog-stored-content-length
176531
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 18 Mar 2021 19:15:13 GMT
css2
fonts.googleapis.com/
5 KB
659 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11fd0a8e8538307bd300a009554f6021dae85d5ce8672289a9fca13115904fd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 19:04:48 GMT
server
ESF
date
Thu, 18 Mar 2021 19:15:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Mar 2021 19:15:13 GMT
gtm.js
www.googletagmanager.com/
248 KB
58 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDDJGGX
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b7a1e04788dc1fb8fb384f0e250f50c7830e04ba344254c462293d2ef939cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59332
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Mar 2021 19:15:13 GMT
js
www.googletagmanager.com/gtag/
136 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FTLQH0L4G1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDDJGGX
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b08c397f290ec77d275c8b968364a1c66c7f959f45ec4c13292905014f71e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53564
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:15:13 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDDJGGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
gq9SxwyNRdHMDTCSYUJ19kpYa0V7mqT/E2DytjfGlLQ7fb8Q3rwG2w22REULtp2YojWtAgHaHusfONNgjN5P1A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 18 Mar 2021 19:15:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDDJGGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6408
date
Thu, 18 Mar 2021 17:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 19:28:25 GMT
js
www.google-analytics.com/gtm/
93 KB
37 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-NPPJ4DC&t=gtm2&cid=751350972.1616094913
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f877e09f57607b1cdf35507a35bbea804e9b63d70286ff5bcd4046bccb6cdd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37162
x-xss-protection
0
expires
Thu, 18 Mar 2021 19:15:13 GMT
identity.js
connect.facebook.net/signals/plugins/
11 KB
5 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
HoDfaH9X5sIKXI5JCSG9ni8lYzPKtPYaeok5Qmu2EJIIlwYWKETqBQUJ3D3URMj+AKcJfbsXcMVg1uecCi2s0A==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 18 Mar 2021 19:15:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2754078884910553
connect.facebook.net/signals/config/
240 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2754078884910553?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14799226cf2727460e9da48593ae5722282121f58e859b4b0bdff730677b68a5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
F0PHVdxOrYUcYiMloIk64yM5stkTle5iT8v/eZBIORXIlsNZoFazOhT8LmGNQw1Hc19V+clrFbyajbACT2EVwA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 18 Mar 2021 19:15:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/
0
127 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FTLQH0L4G1&gtm=2oe3a0&_p=339944715&sr=1600x1200&ul=en-us&cid=751350972.1616094913&_s=1&dl=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&dt=Window%20Intermittent%20Fasting%20Tracker&sid=1616094913&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FTLQH0L4G1&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:15:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stg-c62965.window-fasting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
72 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=339944715&t=pageview&_s=1&dl=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&ul=en-us&de=UTF-8&dt=Window%20Intermittent%20Fasting%20Tracker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=613597672&gjid=2115567796&cid=751350972.1616094913&tid=UA-146173614-5&_gid=1024889277.1616094913&_r=1&gtm=2wg3a0NDDJGGX&z=1733019006
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:15:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stg-c62965.window-fasting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
411 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2754078884910553&ev=PageView&dl=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&rl=&if=false&ts=1616094913264&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1616094913262.1872698224&it=1616094913168&coo=false&tm=1&rqm=GET
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Mar 2021 19:15:13 GMT
ico_palm2.png
stg-c62965.window-fasting.com/assets/images/
9 KB
9 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/ico_palm2.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1a241d646bec9b15dd75a9f02c501a428ba05550a7f7e2febf929febbf43dc35

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-UwQZk40IOLbHcuvFoifLyOg4UpZBIy2eAglUcePgSuNqCbcdC32V-ZKKJivrpfHnQjhx6KXjF5wJLxjf1XA5Do6cdkPbg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
9204
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"df4ecb6d7a6868ea59de0f9a17611421"
vary
Accept-Encoding
x-goog-hash
crc32c=/UZadg==, md5=307LbXpoaOpZ3g+aF2EUIQ==
x-goog-generation
1605796308144435
cache-control
no-cache, max-age=0
x-goog-stored-content-length
9204
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
ico_women.png
stg-c62965.window-fasting.com/assets/images/
18 KB
19 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/ico_women.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2198f7c169d8dbd2a80aadadf577b8b875561ae721b290627f6d84b7a7ef22b6

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-UwSH50d2jt3XDNrE59QhLK47ZKQ5MveWIYlwns5r68HxyvrnKIbOHFVZ8D12wJDAM-_cwni_C0gW0Dcdpqr2dTjaw1KfQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
18721
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"38fc46080c365cfdf932f1668d475651"
vary
Accept-Encoding
x-goog-hash
crc32c=cFKurA==, md5=OPxGCAw2XP35MvFmjUdWUQ==
x-goog-generation
1605796308292367
cache-control
no-cache, max-age=0
x-goog-stored-content-length
18721
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
clock_img.png
stg-c62965.window-fasting.com/assets/images/
62 KB
62 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/clock_img.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
25ca96d00349d7ef476ec9159c3fad929a26cf610a29a7988fd61a5b14435807

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uyn4RR74i8MfubqfLCLwlmy2DW32OlHqCyLlZGocKlYqf1l9tNdTKvheQ-uor5lybnE38gSLoihUf5f9VxrzpbXYB2j3Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
63194
last-modified
Thu, 19 Nov 2020 14:31:47 GMT
server
UploadServer
etag
"04893c499ab34c5614455b82e1d8b69c"
vary
Accept-Encoding
x-goog-hash
crc32c=jsVg1Q==, md5=BIk8SZqzTFYURVuC4di2nA==
x-goog-generation
1605796307843930
cache-control
no-cache, max-age=0
x-goog-stored-content-length
63194
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
diagram.png
stg-c62965.window-fasting.com/assets/images/
276 KB
275 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/diagram.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
10f67a1c2128963a2c733fe21c34b3acbcd931402061c8df14e415b3674164af

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-UxNGVVg3ClyOesekJ6HeBm_GPwoGZGrQ248F-4L1oLm003gBQng1uDn4cw8Z-3vmlPyYYiL96m1-GOT7ybSVomRfJPLtQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
280753
last-modified
Thu, 19 Nov 2020 14:31:47 GMT
server
UploadServer
etag
"01a1f643467d5dee7b8c49e22cfca433"
vary
Accept-Encoding
x-goog-hash
crc32c=THXw+w==, md5=AaH2Q0Z9Xe57jEniLPykMw==
x-goog-generation
1605796307519354
cache-control
no-cache, max-age=0
x-goog-stored-content-length
280753
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
stars_ico.png
stg-c62965.window-fasting.com/assets/images/
2 KB
3 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/stars_ico.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e210193b1d7cd1e432dcf1dead89c327128532f65053179c3bedf6fca2a49fab

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uyb465oMtwvTgVRReHOFsdHyWrLoWKegjPc0qLgI3AsSn6vuzQCl2WqOpQUEGt3kDgj5zpY5VsPA74yRlXpH-3HBrw8PA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
2514
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"e81c20fbb21694472b9ce456bd5fcec5"
vary
Accept-Encoding
x-goog-hash
crc32c=HiI0Lg==, md5=6Bwg+7IWlEcrnORWvV/OxQ==
x-goog-generation
1605796308600861
cache-control
no-cache, max-age=0
x-goog-stored-content-length
2514
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
applepay_ico.png
stg-c62965.window-fasting.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/applepay_ico.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c33aca8e14e9607c4663738a80321c4c3f229b1b38de37f2041cc073c9b4f896

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uy84fkce6Eug1w2BwjDie79XOcNipWx8WKImD4W_tJvBrQTO291o6Sudooa1OaevtM8YOL8Fe6PlKwDtJzN2DENif3OfQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
2271
last-modified
Thu, 19 Nov 2020 14:31:47 GMT
server
UploadServer
etag
"6f58384f0dff1eada6dec9cb44f226b1"
vary
Accept-Encoding
x-goog-hash
crc32c=Y2USbA==, md5=b1g4Tw3/Hq2m3snLRPImsQ==
x-goog-generation
1605796307681023
cache-control
no-cache, max-age=0
x-goog-stored-content-length
2271
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
ios-btn.png
stg-c62965.window-fasting.com/assets/images/
7 KB
7 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/ios-btn.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f263fafa918054922a14a4ad5b385b5094102b278a73db5cfece7aa0fd432e16

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-UzhrHPUBnj51xUYhlCop5m4quHezoPuSzHG2GDF2Fc5eQVfTR_mcqytxaNmX_izj7ZzfS7h7aCoBDdXUjflFQ7ogUYEIA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6947
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"15c189dc418f43f8b2096eb78f2cd56e"
vary
Accept-Encoding
x-goog-hash
crc32c=6BB1gA==, md5=FcGJ3EGPQ/iyCW63jyzVbg==
x-goog-generation
1605796308606699
cache-control
no-cache, max-age=0
x-goog-stored-content-length
6947
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
gp-btn.png
stg-c62965.window-fasting.com/assets/images/
9 KB
9 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/gp-btn.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bda94e8ee8e07feb96fe20407923f42be7f5b43129e80b74558aad77faa9c7f2

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uzdufe3bwUx4TGpvs9BPdS_rnx6mWNT1MnBpLErfLreYWeyqhEMccEObX8vm_hjtsMZr4dkgbHQdkQLCbqX8CZbtWIZUw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8920
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"6653b5bc8fcd163e2a0a2ebc8698c5e4"
vary
Accept-Encoding
x-goog-hash
crc32c=WG6adw==, md5=ZlO1vI/NFj4qCi68hpjF5A==
x-goog-generation
1605796308084112
cache-control
no-cache, max-age=0
x-goog-stored-content-length
8920
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
ico_popup_sure.png
stg-c62965.window-fasting.com/assets/images/
31 KB
31 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/ico_popup_sure.png
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1e64616a1c6b78fe94e2f7154599f02e4b8f10e3cbab6fe05c4abb83bd9aef27

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uxcn-nNcwhyPc4TcH0sOmjIvq0ZE_ZvYMJdGQCsUnqOGnVjrytg-GbBuh-KaguhP6mOz2vtxprtO4aZpzWlTI_ghXwOaA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
31896
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"809f431b6980d2ac299486d4cc90d0ee"
vary
Accept-Encoding
x-goog-hash
crc32c=9ePMRw==, md5=gJ9DG2mA0qwplIbUzJDQ7g==
x-goog-generation
1605796308384180
cache-control
no-cache, max-age=0
x-goog-stored-content-length
31896
content-type
image/png
expires
Thu, 18 Mar 2021 19:15:13 GMT
footer_back.jpg
stg-c62965.window-fasting.com/assets/images/
36 KB
15 KB
Image
General
Full URL
https://stg-c62965.window-fasting.com/assets/images/footer_back.jpg
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ce9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e5e81d15559f4e93baf9e60debfedcd027d7d7d3837f18bad5a0d40cd2092815

Request headers

Referer
https://stg-c62965.window-fasting.com/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1605796304
x-guploader-uploadid
ABg5-Uz-Aq6kw3qwiDH5V-3bw2p0dwBIiFL0pBeEi_HJ63kvgIfdHoOqgE8TMvcaGgTnkZpHtLXypOxin2ExL8YlpS7BO99eqw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
14961
last-modified
Thu, 19 Nov 2020 14:31:48 GMT
server
UploadServer
etag
"7c0c7275d17637c472973e3fa1bea641"
vary
Accept-Encoding
x-goog-hash
crc32c=5IqjMw==, md5=fAxyddF2N8Rylz4/ob6mQQ==
x-goog-generation
1605796308146483
cache-control
no-cache, max-age=0
x-goog-stored-content-length
14961
content-type
image/jpeg
expires
Thu, 18 Mar 2021 19:15:13 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://stg-c62965.window-fasting.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:06:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
age
533335
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Sat, 12 Mar 2022 15:06:18 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
16 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDDJGGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8g79L9PKY/vudZazgfW0YA==
age
2243
vary
Accept-Encoding
content-length
5578
cf-request-id
08e85c7c3600004abc7426e000000001
x-ms-lease-status
unlocked
last-modified
Tue, 16 Mar 2021 01:59:40 GMT
server
cloudflare
etag
0x8D8E81F2906DDF6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f058fc1d-901e-0118-7e0d-1ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9d9ece24abc-FRA
b9b9b5da-408a-42c5-9aa7-67cd5c52a7be.json
cdn.cookielaw.org/consent/b9b9b5da-408a-42c5-9aa7-67cd5c52a7be/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b9b9b5da-408a-42c5-9aa7-67cd5c52a7be/b9b9b5da-408a-42c5-9aa7-67cd5c52a7be.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456bee4525d0a353f9312b65e056ceb9aa84e09eb9d782318c4a2146672f8c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
5EzTsmVYtCqmC4eBgOzdqg==
vary
Accept-Encoding
content-length
1292
cf-request-id
08e85c7c4700000eabc3012000000001
x-ms-lease-status
unlocked
last-modified
Wed, 17 Mar 2021 01:15:24 GMT
server
cloudflare
etag
0x8D8E8E2247A3EE0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4e07df16-201e-0027-339a-1b42af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9da0a610eab-FRA
amplitude-7.2.1-min.gz.js
cdn.amplitude.com/libs/
59 KB
19 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by
Host: stg-c62965.window-fasting.com
URL: https://stg-c62965.window-fasting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-178.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Origin
https://stg-c62965.window-fasting.com
Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:15 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
DUS51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
19222
access-control-allow-origin
*
last-modified
Tue, 22 Sep 2020 19:51:25 GMT
server
AmazonS3
etag
"e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
DHR3lzErRBYONB2aJBfHbLbxGSZLaY_cMylgOEA_3iMy_yZ9JoRHdQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
164 B
362 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6320c9dacda9d6fd-FRA
cf-request-id
08e85c7cb90000d6fdb2172000000001
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/
356 KB
78 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bh9exWOPGIwRshWljrtlEw==
age
9966679
vary
Accept-Encoding
content-length
79698
cf-request-id
08e85c7cdc00004abc7ca02000000001
x-ms-lease-status
unlocked
last-modified
Mon, 23 Nov 2020 02:33:28 GMT
server
cloudflare
etag
0x8D88F582961DDDE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f098869-501e-00cd-4b85-c1bdae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9dafef74abc-FRA
expires
Fri, 26 Mar 2021 19:15:13 GMT
en.json
cdn.cookielaw.org/consent/b9b9b5da-408a-42c5-9aa7-67cd5c52a7be/e1170fed-3a4a-42c4-ac34-0120bd6ad2ee/
28 KB
10 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/b9b9b5da-408a-42c5-9aa7-67cd5c52a7be/e1170fed-3a4a-42c4-ac34-0120bd6ad2ee/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa60a80096ee0a4058ef08035557b015ce724be53e681aa02c634aadff4bec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
HxXyxjc0y2YxU7Ozn/HCaA==
vary
Accept-Encoding
content-length
9579
cf-request-id
08e85c7d1200000eabf3a83000000001
x-ms-lease-status
unlocked
last-modified
Wed, 17 Mar 2021 01:15:28 GMT
server
cloudflare
etag
0x8D8E8E226B076D7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7ecb1248-a01e-0014-379a-1b1b82000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9db5bea0eab-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
W9e0YobmEbvdB0V9OmpQkw==
vary
Accept-Encoding
content-length
3329
cf-request-id
08e85c7d8400000eabbe99d000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:50 GMT
server
cloudflare
etag
0x8D89735209A34D6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
34dbcb98-401e-00b4-772b-1cd4e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9dc0ce40eab-FRA
expires
Fri, 26 Mar 2021 19:15:14 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/
46 KB
11 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Mar 2021 19:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
ydfMbMpHX/N/aS5YhkXXwQ==
vary
Accept-Encoding
content-length
11336
cf-request-id
08e85c7d8400000eabacaf3000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:53 GMT
server
cloudflare
etag
0x8D89735220FDD9F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b3f32d61-501e-0163-472b-1cd896000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6320c9dc0ce50eab-FRA
expires
Fri, 26 Mar 2021 19:15:14 GMT
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://stg-c62965.window-fasting.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:41:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
age
261238
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:41:16 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://stg-c62965.window-fasting.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:38:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
age
74226
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Thu, 17 Mar 2022 22:38:08 GMT
a
www.googletagmanager.com/
0
118 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=OPT-NPPJ4DC&cv=19&t=ol&s=h1&h=170&g=81&p=gtm&o=4000&l=169&q=451&f=51&e=21&i=10&d=-325&c=-344&hc=0&sr=0.050000&ps=0.007004760936449861&cb=1204727155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:15:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2754078884910553&ev=Microdata&dl=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&rl=&if=false&ts=1616094914768&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Window%20Intermittent%20Fasting%20Tracker%22%2C%22meta%3Adescription%22%3A%22Window%20%E2%80%93%20your%20reliable%20intermittent%20fasting%20tracker.%20Feel%20more%20energized%2C%20track%20your%20weight%20loss%2C%20and%20improve%20your%20health%20with%20intermittent%20fasting.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1616094913262.1872698224&it=1616094913168&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 19:15:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Mar 2021 19:15:14 GMT
collect
www.google-analytics.com/g/
0
82 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FTLQH0L4G1&gtm=2oe3a0&_p=339944715&sr=1600x1200&ul=en-us&cid=751350972.1616094913&_s=2&dl=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&dt=Window%20Intermittent%20Fasting%20Tracker&sid=1616094913&sct=1&seg=0&en=scroll&_et=1342&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FTLQH0L4G1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://stg-c62965.window-fasting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 19:15:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stg-c62965.window-fasting.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager function| fbq function| _fbq object| _fbq_gtm_ids string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize object| mainModule function| setImmediate function| clearImmediate function| onYouTubeIframeAPIReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| amplitude function| jsonFeed object| otStubData object| Optanon object| OneTrust

7 Cookies

Domain/Path Name / Value
.window-fasting.com/ Name: _gid
Value: GA1.2.1024889277.1616094913
.window-fasting.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Mar+18+2021+20%3A15%3A14+GMT%2B0100+(Central+European+Standard+Time)&version=6.10.0&hosts=&consentId=1e1fff7b-949d-4674-8125-e6dc793d3b85&interactionCount=0&landingPath=https%3A%2F%2Fstg-c62965.window-fasting.com%2F&groups=1%3A1%2C2%3A1%2C4%3A0
.window-fasting.com/ Name: _ga_FTLQH0L4G1
Value: GS1.1.1616094913.1.0.1616094914.0
.window-fasting.com/ Name: _fbp
Value: fb.1.1616094913262.1872698224
.window-fasting.com/ Name: _gat_UA-146173614-5
Value: 1
.window-fasting.com/ Name: amp_6280e6
Value: pqJpnCVTIAcKQL9iFLfTI3...1f13c6pvl.1f13c6pvl.0.0.0
.window-fasting.com/ Name: _ga
Value: GA1.2.751350972.1616094913

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
cdn.cookielaw.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
stg-c62965.window-fasting.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.226.156.178
2600:1901:0:ce9::
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f67a1c2128963a2c733fe21c34b3acbcd931402061c8df14e415b3674164af
11fd0a8e8538307bd300a009554f6021dae85d5ce8672289a9fca13115904fd7
14799226cf2727460e9da48593ae5722282121f58e859b4b0bdff730677b68a5
1a241d646bec9b15dd75a9f02c501a428ba05550a7f7e2febf929febbf43dc35
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1e64616a1c6b78fe94e2f7154599f02e4b8f10e3cbab6fe05c4abb83bd9aef27
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
2198f7c169d8dbd2a80aadadf577b8b875561ae721b290627f6d84b7a7ef22b6
25ca96d00349d7ef476ec9159c3fad929a26cf610a29a7988fd61a5b14435807
3635e1b00d840a598cade211bb15d027326d79000ea182aa6c4eb55b4e1dfe8c
3b08c397f290ec77d275c8b968364a1c66c7f959f45ec4c13292905014f71e42
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
456bee4525d0a353f9312b65e056ceb9aa84e09eb9d782318c4a2146672f8c3c
56dc11b09a754e1dd46082934495dcf3eff094bb17f8beaac4cc8794a23f9b1a
5aa60a80096ee0a4058ef08035557b015ce724be53e681aa02c634aadff4bec4
5b7a1e04788dc1fb8fb384f0e250f50c7830e04ba344254c462293d2ef939cc9
5df26a46bf0619f56d261bbf80a6c43c8e9ab2c59846143f1d1064c7e6a09d79
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
83ce6f9ff0d385eb529656f39b4126778696e79993292b8a7ccf6deb3acf5903
8718b5720825f66adbc038eeb20a803108860439f7369bbb6cd4886e9c271a63
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f877e09f57607b1cdf35507a35bbea804e9b63d70286ff5bcd4046bccb6cdd3
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bda94e8ee8e07feb96fe20407923f42be7f5b43129e80b74558aad77faa9c7f2
c33aca8e14e9607c4663738a80321c4c3f229b1b38de37f2041cc073c9b4f896
c3e0c1742cf32770a5c8c5689f5a9dc654e6de66d15b41f77cd54eaa5e7b3442
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e210193b1d7cd1e432dcf1dead89c327128532f65053179c3bedf6fca2a49fab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e81d15559f4e93baf9e60debfedcd027d7d7d3837f18bad5a0d40cd2092815
f263fafa918054922a14a4ad5b385b5094102b278a73db5cfece7aa0fd432e16