connect.18fortythree.com Open in urlscan Pro
2a09:8280:1:9032:60eb:1797:5542:d0db  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response connect.18fortythree.com/	22 KB 10 KB	250ms 236ms	Document text/html	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 068caaefdda0736be600cb2c6c0d62b4d41e16b877a4be650d58d132efdc381f Request headers :method GET :authority connect.18fortythree.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by Express fly-cache-status MISS content-type text/html; charset=utf-8 content-encoding gzip etag W/"5779-jwxFh95YwDukpVWj4Lv0CKeoQfE" date Thu, 05 Aug 2021 00:30:13 GMT server Fly/9044e14 (2021-08-04) via 2 fly.io fly-request-id 01FC9VFEFJ5MCPR64ZS6D0PY6N
GET H2	200	beaconsPolyfill.min.js Show response connect.18fortythree.com/	30 KB 11 KB	26ms 25ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/beaconsPolyfill.min.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 38f4a39da149d1fceb410d4a54a14f654f25fc2a1ffc31cc2e45c7ffa9773889 Request headers :path /beaconsPolyfill.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"776d-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEQ7MKW9VKP6QH1HSKFK x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	v3 Show response js.stripe.com/	229 KB 57 KB	388ms 53ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 125a76a6f670b8c5f43639279bfe812e1f193e5c268678d77146985ea2bc3e76 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding br vary Accept-Encoding age 256 via 1.1 varnish x-cache HIT content-length 57968 x-amz-id-2 0OEcN7zUNEuzGODnhiaBxfZ9gAxfrB0C5v1oR1l1Wa9vKI2ysiXTcWZQ+MS7DwXmngHo0O28rF4= x-served-by cache-fra19149-FRA timing-allow-origin * last-modified Wed, 04 Aug 2021 22:32:26 GMT server AmazonS3 etag "fcf8718ca1e94e3bace6939dac4fb1f5" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 50ZESK3A82X3QQDT access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 45
GET H2	200	main.a52c14ae.chunk.css connect.18fortythree.com/static/css/	82 KB 20 KB	26ms 25ms	Stylesheet text/css	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/css/main.a52c14ae.chunk.css Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 8113077546cde414da4682f4b2f2d3e62a61dc3ba993ce09f99647e66b40b753 Request headers :path /static/css/main.a52c14ae.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"1488c-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEQ7MQRABW7V0TGJRWR7 x-powered-by Express content-type text/css; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	7.cc0f66b4.chunk.js Show response connect.18fortythree.com/static/js/	1 MB 400 KB	33ms 32ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/7.cc0f66b4.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 2fa40874e5ed462e1aca5367053d9cdcb1b3ed0dbca0a59109e8c0150863bc28 Request headers :path /static/js/7.cc0f66b4.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"1015c2-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEQ71Q2FA85TAG0TX0A3 x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	main.c306d78c.chunk.js Show response connect.18fortythree.com/static/js/	34 KB 11 KB	31ms 31ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/main.c306d78c.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash bad4f31cd925b8c090f2197121ef094c45f9bfb4c1181a6ab4c9f8add4c9ab9c Request headers :path /static/js/main.c306d78c.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"875d-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEQ734XNCRRJKEDSD9JJ x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
POST H/1.1	200 OK	/ Show response sentry.io/api/1516749/envelope/	2 B 414 B	753ms 117ms	Fetch application/json	35.188.42.15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sentry.io/api/1516749/envelope/?sentry_key=334b820bd2344df2945a43c3aa2c17f7&sentry_version=7 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/static/js/7.cc0f66b4.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 15.42.188.35.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 05 Aug 2021 00:30:14 GMT vary Origin Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Type application/json access-control-allow-origin https://connect.18fortythree.com access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 0 Connection keep-alive Content-Length 2
GET H2	200	0.85812295.chunk.js Show response connect.18fortythree.com/static/js/	40 KB 16 KB	28ms 28ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/0.85812295.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash bae2744e1f4ae4958832e24b3eb6938a19f3f0eb2607f77d6e1976099529fe7c Request headers :path /static/js/0.85812295.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"a0a9-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXCEGSWGKXT9416PJDN x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	2.3a927f27.chunk.js Show response connect.18fortythree.com/static/js/	39 KB 16 KB	29ms 28ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/2.3a927f27.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 85472e45309748701e0c94bb5276ad92541379ce3ebbae82283db9c8428157cd Request headers :path /static/js/2.3a927f27.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"9c82-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXCPZRHRRCCYXGKCSGG x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	1.56f7fdf4.chunk.js Show response connect.18fortythree.com/static/js/	28 KB 12 KB	26ms 26ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/1.56f7fdf4.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 6f7f343babec787fa06a243760729d15e92534c80bd5fc09f8d054f69af76a2a Request headers :path /static/js/1.56f7fdf4.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"6ec0-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXCC131AGGPJ1D7WPZ7 x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	3.e7b7e13b.chunk.css connect.18fortythree.com/static/css/	7 KB 3 KB	31ms 30ms	Stylesheet text/css	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/css/3.e7b7e13b.chunk.css Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 5da212e0e29157d494174825f2b8b14183e55d97334e3033c92667694a18bc2b Request headers :path /static/css/3.e7b7e13b.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"1d6d-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXDNAQK6ZN48ZXPDW5N x-powered-by Express content-type text/css; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	3.186cf5d7.chunk.js Show response connect.18fortythree.com/static/js/	1 MB 442 KB	30ms 29ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/3.186cf5d7.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 672a343c15881fc5091cf3b07756e1e7c4edfcab143bc829677942a039fe5365 Request headers :path /static/js/3.186cf5d7.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"14cfe5-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXD25KVK92C6GNJ5BPH x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	4.09204ebe.chunk.css connect.18fortythree.com/static/css/	3 KB 1 KB	31ms 30ms	Stylesheet text/css	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/css/4.09204ebe.chunk.css Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash 73f171cebaa6ffd62abb68e7b8e940ad9dca35cf616753c84f07328802e1f5fe Request headers :path /static/css/4.09204ebe.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"a8e-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXDVZSV41DM9Q67YDWQ x-powered-by Express content-type text/css; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
GET H2	200	4.c5a7cb06.chunk.js Show response connect.18fortythree.com/static/js/	869 KB 293 KB	29ms 29ms	Script application/javascript	2a09:8280:1:9032:60eb:1797:5542:d0db FLY
General Check archive.org Show headers Download Go to Full URL https://connect.18fortythree.com/static/js/4.c5a7cb06.chunk.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:9032:60eb:1797:5542:d0db , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/9044e14 (2021-08-04) / Express Resource Hash ce553be2650828410f27ba0ca1e0c273be4d9ecc728f2a3b29dfa7eb46bff8d5 Request headers :path /static/js/4.c5a7cb06.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority connect.18fortythree.com referer https://connect.18fortythree.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT content-encoding gzip etag W/"d93be-17b0f142e50" last-modified Wed, 04 Aug 2021 02:53:06 GMT server Fly/9044e14 (2021-08-04) fly-request-id 01FC9VFEXDS613GC8V1JRKDX37 x-powered-by Express content-type application/javascript; charset=UTF-8 via 2 fly.io cache-control public, max-age=0 accept-ranges bytes
OPTIONS H2	204	link_actions us-central1-beacons-sup.cloudfunctions.net/ Frame	0 0	144ms 122ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-beacons-sup.cloudfunctions.net/link_actions Protocol H2 Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://connect.18fortythree.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-headers Content-Type, Authorization, X-Beacons-Token access-control-allow-methods GET, POST, DELETE access-control-allow-origin * access-control-max-age 3600 content-type text/html; charset=utf-8 function-execution-id hvppw5r2vh2s x-cloud-trace-context 3e7cd4ddc3f7c1b11d78ae13de472c85 date Thu, 05 Aug 2021 00:30:13 GMT server Google Frontend content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	photo-1558104467-81fcc26343a4 images.unsplash.com/	49 KB 50 KB	21ms 6ms	Image image/jpeg	2a04:4e42:3::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.unsplash.com/photo-1558104467-81fcc26343a4?ixlib=rb-1.2.1&ixid=eyJhcHBfaWQiOjExMDAyOH&q=80&fm=jpg&crop=entropy&fit=max&h=1080 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 545e31f082b1dfb84ece880ea1d15250172ae16fb0b1d321b7b2c4f85c99d5d7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT x-content-type-options nosniff fastly-restarts 1 last-modified Wed, 07 Jul 2021 11:19:57 GMT server imgix age 2466617 x-cache HIT, HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=315360000 x-imgix-id 3dce58010691ebc8a07c0291dbc385e44ee6bd2e accept-ranges bytes content-length 50325 cross-origin-resource-policy cross-origin x-served-by cache-sjc10052-SJC, cache-fra19183-FRA
GET H2	200	css fonts.googleapis.com/	2 KB 507 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Jost:400,700|sans-serif:400,700 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/static/js/1.56f7fdf4.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 30b0f7c0ee9c4d77d7384eb59bd20acb948686f165b8078aff37ae52ae0408c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 Aug 2021 00:28:22 GMT server ESF date Thu, 05 Aug 2021 00:30:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 Aug 2021 00:30:13 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	21ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25944 x-xss-protection 0 pragma public x-fb-debug rasqoavr1gnI3uqdVlqFv95/AN9TY/oP3BICZ6H/dBtTGNGBFGfKMCJopN8jTvar4QQDZSL1zMtU6OeAieQBTQ== x-fb-trip-id 686109401 x-frame-options DENY date Thu, 05 Aug 2021 00:30:13 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3-29	200	link_actions Show response us-central1-beacons-sup.cloudfunctions.net/	5 B 43 B	310ms 256ms	XHR application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-beacons-sup.cloudfunctions.net/link_actions Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/static/js/7.cc0f66b4.chunk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 24a279376551117f31ed9d92797023d0f89b376a6392801c7d6626e4cb7877e5 Request headers Accept application/json, text/plain, */* Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Thu, 05 Aug 2021 00:30:14 GMT content-encoding gzip server Google Frontend access-control-allow-headers Content-Type content-type application/json access-control-allow-origin * x-cloud-trace-context 4ad22205722229b63b353712f4afa324 cache-control private function-execution-id iftz9w8fva6j alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25
GET H2	200	vernicekbell.jpg cdn.beacons.ai/profile_pictures/instagram/	25 KB 25 KB	49ms 30ms	Image image/jpeg	2606:4700:20::681a:648 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.beacons.ai/profile_pictures/instagram/vernicekbell.jpg?q=1611167275.043221 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:648 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb7cd2aa57a15bf290ffbed268a7e7616fe29e033f6e6ed68f5983ca24766ca7 Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=sk5j+A==, md5=DRBtqAQy74KM5W4lpSNEwg== date Thu, 05 Aug 2021 00:30:13 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 110 x-guploader-uploadid ADPycdufCKp-YxN-ODbnf3Mj12icuaGhls3ObNqwkYLTj1XC6ybjl3xJk1_10GzC_sHrBXhiEn-XboltPLjg0Ri3kPyhZRiqIQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity cf-bgj h2pri content-type image/jpeg content-length 25376 last-modified Wed, 20 Jan 2021 18:27:54 GMT server cloudflare etag "0d106da80432ef828ce56e25a52344c2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnKBxMLXHbrwtEE9pCARmK3FwqtbjfVEwIgzs%2BI5Q020w%2FkJbhCrjEGjZUUshhyPWn8JYlf85Yz77MIRZLX%2BgUVFX%2BX79NLo7nvdjNFUVNvUY6cOT21oPYVmyyORgsJtWZ9oro31ilsUUlx7"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611167274718319 cache-control public, max-age=14400 x-goog-stored-content-length 25376 accept-ranges bytes cf-ray 679bea686bca05bf-FRA expires Thu, 05 Aug 2021 01:28:22 GMT
GET H2	200	substack_padded.png cdn.beacons.ai/images/social_icons/	1 KB 2 KB	35ms 16ms	Image image/png	2606:4700:20::681a:648 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.beacons.ai/images/social_icons/substack_padded.png Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:648 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3811ebb126202b3030e1099c931820f81e8ba6ad471c73c398096c137ab5b13d Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=+Wd12Q==, md5=EuOZI38lufO5SBtsOZsSlQ== date Thu, 05 Aug 2021 00:30:13 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3181 x-guploader-uploadid ABg5-UwmtOretrOqwwiwu9_WDSPw_k6JEcIz46eA1GrETLcwDB9YLtuelo0xjmlZgtGi8g0vSmC7NshlrYIHuug8-5U x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename*=utf-8''substack_padded.png content-type image/png content-length 1052 last-modified Fri, 18 Dec 2020 08:49:53 GMT server cloudflare etag "12e399237f25b9f3b9481b6c399b1295" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLm3M%2F5CfhZ94y5I%2BJ%2BxXaeDZiKtR8%2BeE4A2lC6fI6DuSgblItzeUQsBZQX%2B1TLGw7ZofwEVd4jHjpMzm%2BM8tYHMuu4I209vYVfSNdyOTWkcBa%2BzAe8Ukjc55xWvs6Fht%2Bm7YaW6sYoyzCHz"}],"group":"cf-nel","max_age":604800} x-goog-generation 1608281393276452 cache-control public, max-age=14400 x-goog-stored-content-length 1052 x-goog-meta-firebasestoragedownloadtokens 40d0ddb5-116f-4697-84c7-620bb023bf65 accept-ranges bytes cf-ray 679bea686bcc05bf-FRA expires Thu, 05 Aug 2021 00:37:12 GMT
GET H2	200	tr www.facebook.com/	44 B 251 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=122567676455737&ev=PageView&noscript=1 Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Thu, 05 Aug 2021 00:30:13 GMT
GET H2	200	92zatBhPNqw73oTd4g.woff2 fonts.gstatic.com/s/jost/v6/	26 KB 26 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/jost/v6/92zatBhPNqw73oTd4g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Jost:400,700|sans-serif:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 235d7eb8b19cd4c717a04effd62d8cbdf0d0f94dc3ae1faf547a149e08f79861 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://connect.18fortythree.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 19:20:27 GMT x-content-type-options nosniff age 191386 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26432 x-xss-protection 0 last-modified Wed, 20 Jan 2021 19:59:02 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Aug 2022 19:20:27 GMT
GET H3-29	200	122567676455737 Show response connect.facebook.net/signals/config/	253 KB 72 KB	14ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/122567676455737?v=2.9.44&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eb772f22f2c862a06a36bea4174f971d04d1f42e30663a267b4afcd15d3638c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 73349 x-xss-protection 0 pragma public x-fb-debug ArlZ9dFKVfk85dQvHi4Ln5ZhzLJZ0+0YE1GXy90vkZd6MANnz+iq147UolSSy4UenaXZIcBWQxOp2EyjSGSCBg== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 05 Aug 2021 00:30:13 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 91 B	8ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=122567676455737&ev=PageView&dl=https%3A%2F%2Fconnect.18fortythree.com%2F&rl=&if=false&ts=1628123414014&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628123414012.475813633&it=1628123413874&coo=false&rqm=GET Requested by Host: connect.18fortythree.com URL: https://connect.18fortythree.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:14 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Thu, 05 Aug 2021 00:30:14 GMT
GET H2	200	m-outer-775bcd17e5e345e5c78406e66e355cd7.html Show response js.stripe.com/v3/ Frame 1349	215 B 535 B	24ms 23ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47 Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://connect.18fortythree.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://connect.18fortythree.com/ Response headers x-amz-id-2 SNSMmkoudc0Oq3sP+Nkcul03tjOz7ETLmeopLgEmbCwSEErr+YNttX5ZpnhmrRpTlgUu7T1Jk84= x-amz-request-id 9J2SG9NDM85X6GG4 last-modified Wed, 04 Aug 2021 20:44:45 GMT etag "775bcd17e5e345e5c78406e66e355cd7" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding br accept-ranges bytes date Thu, 05 Aug 2021 00:30:14 GMT via 1.1 varnish age 293 x-served-by cache-fra19149-FRA x-cache HIT x-cache-hits 100 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 130
GET H2	200	m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1349	1 KB 818 B	24ms 24ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:14 GMT content-encoding br vary Accept-Encoding age 292 via 1.1 varnish x-cache HIT content-length 637 x-amz-id-2 SOPFCkvwZr3i7GG3eSzSMYea2QtUxOwS7E3ODzytG5bL7vZEfxkcht1qjPX0pcfjDpEYynJt9o0= x-served-by cache-fra19149-FRA timing-allow-origin * last-modified Wed, 04 Aug 2021 20:44:37 GMT server AmazonS3 etag "78581b5abad6c4e7b59c0f8ee45a8134" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id NKR48DSHB6DJS955 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 93
GET H2	200	inner.html Show response m.stripe.network/ Frame 833F	932 B 1 KB	42ms 12ms	Document text/html	2600:9000:2190:d400:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Fri, 18 Jun 2021 21:35:08 GMT strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip date Thu, 05 Aug 2021 00:29:47 GMT cache-control public, max-age=300 etag W/"60cd118c-3a4" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id 4CBeJiwLIztNIqdQXRwefrySXh9fnwPsxDCGB9ucNhscCEhbNyNcpQ== age 34
GET H2	200	out-4.5.35.js Show response m.stripe.network/ Frame 833F	85 KB 19 KB	13ms 13ms	Script application/x-javascript	2600:9000:2190:d400:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.35.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip etag W/"60cd118c-153a9" age 97 x-cache Hit from cloudfront last-modified Fri, 18 Jun 2021 21:35:08 GMT server nginx date Thu, 05 Aug 2021 00:28:37 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop ZRH50-C1 timing-allow-origin * x-amz-cf-id IPsipubIbnfM2jQhH4LXaYjtf5dKQmszEtG3g1jyd1b5AYGOCPBiZQ==
POST H2	200	6 Show response m.stripe.com/ Frame 833F	156 B 517 B	537ms 180ms	XHR text/plain	52.42.231.203 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.35.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.42.231.203 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-42-231-203.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 4950b1e4a34f6dcbe2c07228134b3fa814facd1ed909c5fbc0959d570d0ee6ec Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 05 Aug 2021 00:30:14 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=122567676455737&ev=Microdata&dl=https%3A%2F%2Fconnect.18fortythree.com%2F&rl=&if=false&ts=1628123414517&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22vernicekbell%20%7C%20Beacons%20mobile%20website%22%2C%22meta%3Adescription%22%3A%22On%20Instagram%20%40vernicekbell.%20I%20believe%20that%20when%20we%20live%20our%20mission%20and%20bring%20our%20gifts%20to%20the%20world%20then%20everything%20we%20touch%20will%20turn%20to%20gold%20allowing%20us%20to%20attract%20all%20that%20we%20need%20to%20create%20the%20business%20and%20lifestyle%20of%20our%20dreams.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22vernicekbell%20%7C%20Beacons%20mobile%20website%22%2C%22og%3Adescription%22%3A%22On%20Instagram%20%40vernicekbell.%20I%20believe%20that%20when%20we%20live%20our%20mission%20and%20bring%20our%20gifts%20to%20the%20world%20then%20everything%20we%20touch%20will%20turn%20to%20gold%20allowing%20us%20to%20attract%20all%20that%20we%20need%20to%20create%20the%20business%20and%20lifestyle%20of%20our%20dreams.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.beacons.ai%2Fprofile_pictures%2Finstagram%2Fvernicekbell.jpg%3Fq%3D1611167275.043221%22%2C%22og%3Aimage%3Awidth%22%3A%22200%22%2C%22og%3Aimage%3Aheight%22%3A%22200%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fbeacons.ai%2Fvernicekbell%22%2C%22og%3Atype%22%3A%22profile%22%2C%22twitter%3Asite%22%3A%22%40beaconsai%22%2C%22twitter%3Acreator%22%3A%22%40vernicekbell%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fcdn.beacons.ai%2Fprofile_pictures%2Finstagram%2Fvernicekbell.jpg%3Fq%3D1611167275.043221%22%2C%22profile%3Ausername%22%3A%22vernicekbell%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628123414012.475813633&it=1628123413874&coo=false&es=automatic&tm=3&rqm=GET Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://connect.18fortythree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 00:30:14 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Thu, 05 Aug 2021 00:30:14 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonpbeacons_sup function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| fbq function| _fbq object| __webpackStripeJSv3Jsonp function| Stripe

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.18fortythree.com/	1970-01-19 22:24:59	Name: _fbp Value: fb.1.1628123414012.475813633
			connect.18fortythree.com/	1970-01-19 20:25:28	Name: _bSignupSelfRef Value: vernicekbell

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.beacons.ai
connect.18fortythree.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
images.unsplash.com
js.stripe.com
m.stripe.com
m.stripe.network
sentry.io
us-central1-beacons-sup.cloudfunctions.net
www.facebook.com
151.101.12.176
2001:4860:4802:36::36
2600:9000:2190:d400:19:7d10:bd80:93a1
2606:4700:20::681a:648
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::720
2a09:8280:1:9032:60eb:1797:5542:d0db
35.188.42.15
52.42.231.203
068caaefdda0736be600cb2c6c0d62b4d41e16b877a4be650d58d132efdc381f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125a76a6f670b8c5f43639279bfe812e1f193e5c268678d77146985ea2bc3e76
235d7eb8b19cd4c717a04effd62d8cbdf0d0f94dc3ae1faf547a149e08f79861
24a279376551117f31ed9d92797023d0f89b376a6392801c7d6626e4cb7877e5
2fa40874e5ed462e1aca5367053d9cdcb1b3ed0dbca0a59109e8c0150863bc28
30b0f7c0ee9c4d77d7384eb59bd20acb948686f165b8078aff37ae52ae0408c4
3811ebb126202b3030e1099c931820f81e8ba6ad471c73c398096c137ab5b13d
38f4a39da149d1fceb410d4a54a14f654f25fc2a1ffc31cc2e45c7ffa9773889
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4950b1e4a34f6dcbe2c07228134b3fa814facd1ed909c5fbc0959d570d0ee6ec
4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
545e31f082b1dfb84ece880ea1d15250172ae16fb0b1d321b7b2c4f85c99d5d7
5da212e0e29157d494174825f2b8b14183e55d97334e3033c92667694a18bc2b
672a343c15881fc5091cf3b07756e1e7c4edfcab143bc829677942a039fe5365
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6f7f343babec787fa06a243760729d15e92534c80bd5fc09f8d054f69af76a2a
73f171cebaa6ffd62abb68e7b8e940ad9dca35cf616753c84f07328802e1f5fe
8113077546cde414da4682f4b2f2d3e62a61dc3ba993ce09f99647e66b40b753
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
85472e45309748701e0c94bb5276ad92541379ce3ebbae82283db9c8428157cd
bad4f31cd925b8c090f2197121ef094c45f9bfb4c1181a6ab4c9f8add4c9ab9c
bae2744e1f4ae4958832e24b3eb6938a19f3f0eb2607f77d6e1976099529fe7c
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
ce553be2650828410f27ba0ca1e0c273be4d9ecc728f2a3b29dfa7eb46bff8d5
eb772f22f2c862a06a36bea4174f971d04d1f42e30663a267b4afcd15d3638c8
fb7cd2aa57a15bf290ffbed268a7e7616fe29e033f6e6ed68f5983ca24766ca7