urlscan.io logo urlscan.io
SecurityTrails logo

www.berniesburgerbus.com Open in urlscan Pro
172.67.213.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.idbet-arigatou.click/
Effective URL: https://www.berniesburgerbus.com/
Submission: On October 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 172.67.213.111, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.berniesburgerbus.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.
This is the only time www.berniesburgerbus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.67.42.145 16509 (AMAZON-02)
3 172.67.213.111 13335 (CLOUDFLAR...)
14 206.189.235.143 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
11 172.67.15.14 13335 (CLOUDFLAR...)
36 9
1    54.67.42.145 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com
www.idbet-arigatou.click
3    172.67.213.111 (United States)

ASN13335 (CLOUDFLARENET, US)
www.berniesburgerbus.com
14    206.189.235.143 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
flywheel.co
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
11    172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
Apex Domain
Subdomains		 Transfer
14 flywheel.co
flywheel.co
2 MB
11 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 10809
va.tawk.to — Cisco Umbrella Rank: 10430
176 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 berniesburgerbus.com
www.berniesburgerbus.com
7 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
178 KB
1 gstatic.com
fonts.gstatic.com
50 KB
1 idbet-arigatou.click
www.idbet-arigatou.click
195 B
36 8
Domain Requested by
14 flywheel.co www.berniesburgerbus.com
8 embed.tawk.to www.berniesburgerbus.com
embed.tawk.to
3 va.tawk.to embed.tawk.to
3 www.berniesburgerbus.com www.berniesburgerbus.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.berniesburgerbus.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.berniesburgerbus.com
1 www.idbet-arigatou.click 1 redirects
36 11

This site contains links to these domains. Also see Links.

Domain
flywheel.co
instagram.com
twitter.com
Subject Issuer Validity Valid
berniesburgerbus.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
flywheel.co
E6		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
tawk.to
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.berniesburgerbus.com/
Frame ID: 2FDEC6ED12295135229EA311BF188A00
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bernie's Burger Bus Photography - Built by Flywheel Co.

Page URL History Show full URLs

  1. https://www.idbet-arigatou.click/ HTTP 301
    https://www.berniesburgerbus.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

9
IPs

2
Countries

2947 kB
Transfer

5721 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.idbet-arigatou.click/ HTTP 301
    https://www.berniesburgerbus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.berniesburgerbus.com/
Redirect Chain
  • https://www.idbet-arigatou.click/
  • https://www.berniesburgerbus.com/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.berniesburgerbus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eced123a5ff390ce40bfe4fb659173a02f9dfde68504e9f09688ccfeee4afd95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d0ef9ceed1803b0-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 11 Oct 2024 12:50:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g55GefQch7zviCEtWZVVP07hMOPx3SkFNz2dRKsGMGAf2O7oZwwGd%2Bi8O4xRTiSA7%2BFd3Y3AmsomsyVCIJ287d7ygF%2Boi6bXTA109iQGw9HjZGZDry6uB9%2FVo9MataYELlIPxpi7BcWgTpc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/plain
date
Fri, 11 Oct 2024 12:50:25 GMT
expires
631152000000
location
https://www.berniesburgerbus.com/
strict-transport-security
max-age=2592000
x-frame-options
SAMEORIGIN
speculation
www.berniesburgerbus.com/cdn-cgi/ 		128 B
577 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.berniesburgerbus.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QsitVPkgvF6jcTX42ULkgxTW2zCIoxj3NnXwvHRrIq%2FuSXyCj6ZJZbZBD0HvrVSjfvzl6CplHxU2jd4FCawdV2wGcnenOLZuhWZWxqAlTRjZ1lq%2FD4%2Berx4oSTTTYn9nBo89TPOZbqxZbXU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0ef9d178ad03b0-FRA
access-control-allow-origin
https://www.berniesburgerbus.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 11 Oct 2024 12:50:26 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
main.css
flywheel.co/assets/css/ 		594 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flywheel.co/assets/css/main.css?v2.12
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
e6cbcc26d87cc592e9648f90b4a4c5a6e9183ff87b69e8615f2ccf02efa97abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=31104000
content-encoding
gzip
etag
W/"5fa36180-94639"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Thu, 05 Nov 2020 02:20:48 GMT
server
nginx/1.15.5
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		219 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-47351619-1
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfef719efb4126e27fa0da46dc08239985ba8966ba0fb063bc5b13a63a7e711b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 12:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 12:50:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 11 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80090
x-xss-protection
0
server
Google Tag Manager
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
gzip
age
60081
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 20:09:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 20:09:05 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
bernies-school-bus.jpg
flywheel.co/storage/projects/bernies/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-school-bus.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
c7ce6313f3c24b55d8c1a97c2b69becbaf41f75413394a2dad946c33b767abbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5be220d8-29c03"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
171011
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 06 Nov 2018 23:16:40 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-houston-1.jpg
flywheel.co/storage/projects/bernies/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-houston-1.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
6ca32cf221d3f87d355a38ef4441f99ef5b1fc5e81f93fa2a31de2d445084c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5be220d8-1a02c"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
106540
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 06 Nov 2018 23:16:40 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-houston-2a.jpg
flywheel.co/storage/projects/bernies/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-houston-2a.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
0a913433e716c9b0aa55356b7394825a09356295f5c5fe319ea55ad8de4ab602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1230-1be6f"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
114287
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:32 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-bus-french-fries.jpg
flywheel.co/storage/projects/bernies/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-bus-french-fries.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
ec741d2e7fc0415d9ec745436a0691116e89b79e79da499de411b47383c7c635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1230-2f64f"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
194127
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:32 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-bus-lockers.jpg
flywheel.co/storage/projects/bernies/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-bus-lockers.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
7f6ddaf7a7986402b21738a34fbaea21bfe63208e9158da4a66542f2c1e3e684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1230-373eb"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
226283
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:32 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-bus-photography-1.jpg
flywheel.co/storage/projects/bernies/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-bus-photography-1.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
73b8b6cece3d9700b3d811d1d666515c2c776fa80e00a49da57186c21b54b2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1230-18a24"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
100900
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:32 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-bus-photography-2.jpg
flywheel.co/storage/projects/bernies/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-bus-photography-2.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
5003332fccf33b2f214b9f81747dff7d582541c1606d0fa339f6ad58b9845957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1230-212e2"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
135906
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:32 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
bernies-burger-bus-hero.jpg
flywheel.co/storage/projects/bernies/ 		437 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/bernies-burger-bus-hero.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
a554c34a25c0a718d934a89fbf397ae62a6eebe1b589bf62505825e98bfbe35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1231-6d471"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
447601
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:33 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
food-photography-flat-lay.jpg
flywheel.co/storage/projects/bernies/ 		350 KB
351 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/bernies/food-photography-flat-lay.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
5fe32d32f0211107dc354d398eab86622f425b888511fe041b9ea905c8f5469e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1231-57903"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
358659
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 13 Nov 2018 18:04:33 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
ikeepsafe-thumbnail.gif
flywheel.co/storage/projects/ikeepsafe/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/projects/ikeepsafe/ikeepsafe-thumbnail.gif
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
15b28d3c8725264a11dd8c4e58b9d81802ff36cfeef597efcddd7e25be11e911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5beb1226-1167"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
4455
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Tue, 13 Nov 2018 18:04:22 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
42627570_800_800.jpg
flywheel.co/storage/articles/08-2020-playlist/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flywheel.co/storage/articles/08-2020-playlist/42627570_800_800.jpg
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
595c91c0595599f50b3fff873f0810b733303a4a42cf82b5136f9b1c98cca028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5f7b4364-f9c2"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
accept-ranges
bytes
content-length
63938
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 05 Oct 2020 16:01:40 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
email-decode.min.js
www.berniesburgerbus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.berniesburgerbus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3G3rmIG1zHrdn6J0hGMV919kmuWPBeBHtK3r8Z4EAVfg%2BwTIJv%2BJbRDFJ8l4AM%2Bto%2Fc0mRTPnrOhh5i6oES5Nt0SYtzvvmGHun4TR75lGjJ2HwGcVX8coZ9MFy6POCd04Ob2iWmy1D9YTWk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d0ef9d51d9803b0-FRA
expires
Sun, 13 Oct 2024 12:50:26 GMT
date
Fri, 11 Oct 2024 12:50:26 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
server
cloudflare
vary
Accept-Encoding
main.js
flywheel.co/assets/js/ 		2 MB
520 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flywheel.co/assets/js/main.js?v2.12
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
9f843ccfcf9c5773b72bb97b765da64d8aaee8a0f816e7bdf39541c8ebe637e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=31104000
content-encoding
gzip
etag
W/"5fa36180-204a39"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:26 GMT
date
Fri, 11 Oct 2024 12:50:26 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=utf-8
last-modified
Thu, 05 Nov 2020 02:20:48 GMT
server
nginx/1.15.5
vary
Accept-Encoding
css
fonts.googleapis.com/ 		4 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae573a27d5781971d346b9febf44b8b23dc313fe6db1d5eca2afb8f168fbfd46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 12:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 12:50:26 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 12:18:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://fonts.googleapis.com/

Response headers

age
305918
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 23:51:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 23:51:48 GMT
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50668
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		286 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FLH794SBFY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47351619-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0ceb8557a2b14da8406ee93a02d013285ec0a37060cded7973d1d5f138ae587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 12:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 12:50:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100863
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47351619-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
gzip
age
5052
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 13:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 11:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1018894471&t=pageview&_s=1&dl=https%3A%2F%2Fwww.berniesburgerbus.com%2F&ul=de-de&de=UTF-8&dt=Bernie%27s%20Burger%20Bus%20Photography%20-%20Built%20by%20Flywheel%20Co.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1342943778&gjid=1412549232&cid=141650488.1728651027&tid=UA-47351619-1&_gid=2008368000.1728651027&_r=1&gtm=457e4a90za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&jsscut=1&npa=1&z=1227601479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.berniesburgerbus.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 12:50:27 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.berniesburgerbus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FLH794SBFY&gtm=45je4a90v9135618212za200&_p=1728651026722&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=141650488.1728651027&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1728651027&sct=1&seg=0&dl=https%3A%2F%2Fwww.berniesburgerbus.com%2F&dt=Bernie%27s%20Burger%20Bus%20Photography%20-%20Built%20by%20Flywheel%20Co.&en=page_view&_fv=1&_ss=1&tfd=2411
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLH794SBFY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.berniesburgerbus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
text/plain
server
Golfe2
default
embed.tawk.to/5eea44e39e5f69442290c3ed/ 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Requested by
Host: www.berniesburgerbus.com
URL: https://www.berniesburgerbus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a0c2ed0978cdd377ca78c6ced556e0e6bcd79e56f0d05a41dc4d1e8ce2166d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=3600
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"stable-v4-67075b0d15f"
x-content-type-options
nosniff
cf-ray
8d0ef9d93f9d8ed8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
cloudflare
twk-main.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		121 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"da5bb1dc647470204df0e49f5afac2de"
age
79938
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d0ef9db8ac38ed8-FRA
access-control-allow-origin
*
server
cloudflare
twk-vendor.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
x-content-type-options
nosniff
cf-ray
8d0ef9db8ac58ed8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
server
cloudflare
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"77a40166698f808a0942865537165b0f"
x-content-type-options
nosniff
cf-ray
8d0ef9db8ac98ed8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:28 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
server
cloudflare
twk-chunk-common.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96fed82548a3771af74a72b3cde8664e1a9d14467863fefa677981a292f37b36
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"706b77eb18401e1cf0b4f3ea3ebd3acc"
x-content-type-options
nosniff
cf-ray
8d0ef9db8acc8ed8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
server
cloudflare
twk-runtime.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a9c1b7f43670e0f565b25ce45bb096544194ebb3e4fd2e400aa693f076f4d4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6ba274a7215013e5a415c17e6c487bca"
age
79938
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d0ef9db8ad18ed8-FRA
access-control-allow-origin
*
server
cloudflare
twk-app.js
embed.tawk.to/_s/v4/app/67075b0d15f/js/ 		151 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5eea44e39e5f69442290c3ed/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.berniesburgerbus.com
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
age
79938
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:27 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:17 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d0ef9db8ad38ed8-FRA
access-control-allow-origin
*
server
cloudflare
favicon-32x32.png
flywheel.co/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://flywheel.co/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.235.143 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
80663b39fb6dc2783ade2e8e060c0c90d7da19926a3aebbc27fd1e526edf571f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

cache-control
max-age=31104000
etag
"5be09c87-6f3"
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:50:27 GMT
accept-ranges
bytes
content-length
1779
date
Fri, 11 Oct 2024 12:50:27 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 05 Nov 2018 19:39:51 GMT
server
nginx/1.15.5
x-frame-options
SAMEORIGIN
widget-settings
va.tawk.to/v1/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5eea44e39e5f69442290c3ed&widgetId=default&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16b456f80027375dc25d6be012856bf48915c50c7a9256b03a452a053188078
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"2-26-0"
access-control-allow-methods
GET,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:28 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-hmtg
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8d0ef9de2f3e8ed8-FRA
access-control-allow-origin
*
server
cloudflare
start
va.tawk.to/v1/session/ 		64 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3fc453f0e76225200b6a26d7cd832a18df0c2f00a9e8b0ff8337e7ea60a095
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://www.berniesburgerbus.com/

Response headers

access-control-max-age
3600
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:28 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-9dls
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8d0ef9df2ff46904-FRA
access-control-allow-origin
https://www.berniesburgerbus.com
content-length
64
server
cloudflare
start
va.tawk.to/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.berniesburgerbus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.berniesburgerbus.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8d0ef9de2f3b8ed8-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 11 Oct 2024 12:50:28 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-hmtg
en.js
embed.tawk.to/_s/v4/app/67075b0d15f/languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67075b0d15f/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67075b0d15f/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b048a94a13087fea28ca2dfe0ac3125b59bee2ce84829943918114045c707d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.berniesburgerbus.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1e587fa30ae5bd661c7a0887bb95b40a"
age
114598
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 12:50:28 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:42:18 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d0ef9e0d9516904-FRA
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| WebFont object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| Velocity object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window

6 Cookies

Domain/Path Name / Value
.berniesburgerbus.com/ Name: _gid
Value: GA1.2.2008368000.1728651027
.berniesburgerbus.com/ Name: _gat_gtag_UA_47351619_1
Value: 1
.berniesburgerbus.com/ Name: _ga_FLH794SBFY
Value: GS1.1.1728651027.1.0.1728651027.0.0.0
.berniesburgerbus.com/ Name: _ga
Value: GA1.1.141650488.1728651027
www.berniesburgerbus.com/ Name: twk_idm_key
Value: Q9GgMQDOqEuzPTiaEhTis
www.berniesburgerbus.com/ Name: TawkConnectionTime
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://va.tawk.to/v1/session/start
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
embed.tawk.to
flywheel.co
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
va.tawk.to
www.berniesburgerbus.com
www.google-analytics.com
www.googletagmanager.com
www.idbet-arigatou.click
142.250.185.67
172.67.15.14
172.67.213.111
2001:4860:4802:34::36
206.189.235.143
2a00:1450:4001:806::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:82b::200e
54.67.42.145
0a913433e716c9b0aa55356b7394825a09356295f5c5fe319ea55ad8de4ab602
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
15b28d3c8725264a11dd8c4e58b9d81802ff36cfeef597efcddd7e25be11e911
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1b3fc453f0e76225200b6a26d7cd832a18df0c2f00a9e8b0ff8337e7ea60a095
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5003332fccf33b2f214b9f81747dff7d582541c1606d0fa339f6ad58b9845957
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
595c91c0595599f50b3fff873f0810b733303a4a42cf82b5136f9b1c98cca028
5fe32d32f0211107dc354d398eab86622f425b888511fe041b9ea905c8f5469e
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca32cf221d3f87d355a38ef4441f99ef5b1fc5e81f93fa2a31de2d445084c0f
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73b8b6cece3d9700b3d811d1d666515c2c776fa80e00a49da57186c21b54b2f5
7f6ddaf7a7986402b21738a34fbaea21bfe63208e9158da4a66542f2c1e3e684
80663b39fb6dc2783ade2e8e060c0c90d7da19926a3aebbc27fd1e526edf571f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
96fed82548a3771af74a72b3cde8664e1a9d14467863fefa677981a292f37b36
9f843ccfcf9c5773b72bb97b765da64d8aaee8a0f816e7bdf39541c8ebe637e5
a554c34a25c0a718d934a89fbf397ae62a6eebe1b589bf62505825e98bfbe35c
ae573a27d5781971d346b9febf44b8b23dc313fe6db1d5eca2afb8f168fbfd46
b7a0c2ed0978cdd377ca78c6ced556e0e6bcd79e56f0d05a41dc4d1e8ce2166d
b9b048a94a13087fea28ca2dfe0ac3125b59bee2ce84829943918114045c707d
c0ceb8557a2b14da8406ee93a02d013285ec0a37060cded7973d1d5f138ae587
c16b456f80027375dc25d6be012856bf48915c50c7a9256b03a452a053188078
c2a9c1b7f43670e0f565b25ce45bb096544194ebb3e4fd2e400aa693f076f4d4
c7ce6313f3c24b55d8c1a97c2b69becbaf41f75413394a2dad946c33b767abbe
cfef719efb4126e27fa0da46dc08239985ba8966ba0fb063bc5b13a63a7e711b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e6cbcc26d87cc592e9648f90b4a4c5a6e9183ff87b69e8615f2ccf02efa97abb
ec741d2e7fc0415d9ec745436a0691116e89b79e79da499de411b47383c7c635
eced123a5ff390ce40bfe4fb659173a02f9dfde68504e9f09688ccfeee4afd95