maccosmetics.hello-charles.com Open in urlscan Pro
2606:4700:10::6816:4ec5  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://maccosmetics.hello-charles.com/ Page URL
2. https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ Show response maccosmetics.hello-charles.com/	10 KB 5 KB	73ms 44ms	Document text/html	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce08833469a49013a92e71e99401bab39ec8eee427a84395d2abb4618327276c Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 87f7838a696b9158-FRA content-encoding gzip content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' content-type text/html cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin date Mon, 06 May 2024 08:13:56 GMT expect-ct max-age=0 expires 0 last-modified Wed, 17 Apr 2024 14:57:41 GMT pragma no-cache referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=0; includeSubDomains; preload vary Accept-Encoding via 1.1 google x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id f713f23e-74ee-4068-b391-aad12e14da54 x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/	3 KB 931 B	41ms 18ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Karla:ital,wght@0,400;0,700;1,400;1,700&display=swap Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 385bbfe047c43e1506bc673925d655bc4824409f7327474a2d8f858be686e293 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 06 May 2024 08:13:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 May 2024 08:13:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 06 May 2024 08:13:56 GMT
GET H2	200	130785.js Show response fast.appcues.com/	22 KB 6 KB	50ms 7ms	Script text/javascript	2a04:4e42:400::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/130785.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Resource Hash 6580544b997c6b979c8eedf4edcf395540e36ca47f7e9bc52953742216307c25 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-encoding gzip via 1.1 varnish age 68 x-cache HIT content-length 5288 x-request-id F8zYGwBvf61KpguBjv_k x-served-by cache-fra-etou8220077-FRA server Cowboy x-timer S1714983236.323164,VS0,VE1 vary accept-encoding, Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=120,public access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 1
GET H3	200	vendor.9d029d65.js Show response maccosmetics.hello-charles.com/js/	4 MB 1 MB	64ms 64ms	Script application/javascript	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/js/vendor.9d029d65.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8f0c7c679f7810f80cb23405dadd4fbcceaca6743b6f63d0e41af1a1adbbcae Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-89bb1c4987b94b7fe07d50a3a6b6e6d8' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-89bb1c4987b94b7fe07d50a3a6b6e6d8' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-89bb1c4987b94b7fe07d50a3a6b6e6d8' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-89bb1c4987b94b7fe07d50a3a6b6e6d8' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip x-permitted-cross-domain-policies none cf-cache-status MISS via 1.1 google x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 894452f4-c3e4-46ed-acd4-9874835eb0d2 referrer-policy strict-origin-when-cross-origin last-modified Wed, 17 Apr 2024 14:57:41 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag "448019-caxv7gOoXAc0oZQ8ujBDTwSMRD8" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-download-options noopen cache-control public, max-age=31536000 cf-ray 87f7838b1a279158-FRA
GET H3	200	charles.e4c5c022.js Show response maccosmetics.hello-charles.com/js/	1 MB 248 KB	53ms 53ms	Script application/javascript	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/js/charles.e4c5c022.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c85e9520e2a09e24b0671c45ba6033f52ebed22d50e7fcd44f32f8d8cdac5b6c Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-665a8e05c2022cd4e3c9863e6bb5fbfe' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-665a8e05c2022cd4e3c9863e6bb5fbfe' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-665a8e05c2022cd4e3c9863e6bb5fbfe' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-665a8e05c2022cd4e3c9863e6bb5fbfe' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip x-permitted-cross-domain-policies none cf-cache-status MISS via 1.1 google x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 5e76f9b2-443b-4b66-a704-0f050b9532c1 referrer-policy strict-origin-when-cross-origin last-modified Wed, 17 Apr 2024 14:57:41 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag "13f5e9-WqMIst3RV6zmhaq/qLQdGy+Fezk" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-download-options noopen cache-control public, max-age=31536000 cf-ray 87f7838b1a2b9158-FRA
GET H3	200	app.338713ff.js Show response maccosmetics.hello-charles.com/js/	3 MB 739 KB	71ms 70ms	Script application/javascript	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/js/app.338713ff.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 835d9c867936202207c82eb0f1c99604c029de91fcb96df7ca92bf1c9b5f5ef0 Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-24aa8672d9749d5fc52da4cd4aeff321' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-24aa8672d9749d5fc52da4cd4aeff321' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-24aa8672d9749d5fc52da4cd4aeff321' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-24aa8672d9749d5fc52da4cd4aeff321' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip x-permitted-cross-domain-policies none cf-cache-status MISS via 1.1 google x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 562a0a88-9dd8-40aa-a410-f29bab78ce9d referrer-policy strict-origin-when-cross-origin last-modified Wed, 17 Apr 2024 14:57:41 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag "2f076e-hitVjQS9SPDoGRlY8tvNLyKw4Bc" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-download-options noopen cache-control public, max-age=31536000 cf-ray 87f7838b1a2d9158-FRA
GET H3	200	app.d15ab2d2.css maccosmetics.hello-charles.com/css/	560 KB 105 KB	57ms 56ms	Stylesheet text/css	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/css/app.d15ab2d2.css Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8135cc14fdd431fad615ee3e596200fa4d66520c00cb08c8098b027a39d0ab08 Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-8b2baa5663ed3f7a350f514b78989ccb' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-8b2baa5663ed3f7a350f514b78989ccb' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-8b2baa5663ed3f7a350f514b78989ccb' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-8b2baa5663ed3f7a350f514b78989ccb' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip x-permitted-cross-domain-policies none cf-cache-status MISS via 1.1 google x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 42891e3b-d5fc-499e-8cc7-17b4e790f4c6 referrer-policy strict-origin-when-cross-origin last-modified Wed, 17 Apr 2024 14:57:41 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag "8be4a-jeksq++IIoP4dYMMOsT85bL864Q" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css access-control-allow-origin * x-download-options noopen cache-control public, max-age=31536000 cf-ray 87f7838ac9d39158-FRA
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.4.1/	21 KB 7 KB	38ms 9ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 08:14:30 GMT content-encoding gzip x-content-type-options nosniff age 518366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6763 x-xss-protection 0 last-modified Tue, 13 Apr 2021 06:56:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 30 Apr 2025 08:14:30 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/8.4.1/	40 KB 11 KB	38ms 10ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 05:44:43 GMT content-encoding gzip x-content-type-options nosniff age 527353 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10908 x-xss-protection 0 last-modified Tue, 13 Apr 2021 06:56:17 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 30 Apr 2025 05:44:43 GMT
GET H2	200	appcues.main.172fee540c34c0957d6015ace2169e3deaff11df.js Show response fast.appcues.com/generic/main/6.0.2/	458 KB 130 KB	20ms 6ms	Script application/javascript	2a04:4e42:400::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/generic/main/6.0.2/appcues.main.172fee540c34c0957d6015ace2169e3deaff11df.js Requested by Host: fast.appcues.com URL: https://fast.appcues.com/130785.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 27e32161d38adc7a0f15aafee186c4878356a9b0939d196a6ea62fd0d227d9d9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Origin https://maccosmetics.hello-charles.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-encoding gzip via 1.1 varnish x-amz-request-id ZFJBB50P2R4RDTBS age 987409 x-amz-server-side-encryption AES256 x-cache HIT content-length 132007 x-amz-id-2 9UK7tfzNlCPKZeD84G56oLvsBbLwAUPv5+j9t3y0QVMI8taIUN5GKW/DqwWNd0k9GfXB32uK7WxWC2ck/ckUSw== x-served-by cache-fra-etou8220128-FRA last-modified Wed, 24 Apr 2024 20:34:25 GMT server AmazonS3 x-timer S1714983236.347954,VS0,VE0 etag "686084a09e747528f05948c0fd984e00" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 555
GET H2	200	container.172fee540c34c0957d6015ace2169e3deaff11df.css fast.appcues.com/generic/main/6.0.2/	16 KB 2 KB	7ms 6ms	Stylesheet text/css	2a04:4e42:400::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.appcues.com/generic/main/6.0.2/container.172fee540c34c0957d6015ace2169e3deaff11df.css Requested by Host: fast.appcues.com URL: https://fast.appcues.com/generic/main/6.0.2/appcues.main.172fee540c34c0957d6015ace2169e3deaff11df.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Origin https://maccosmetics.hello-charles.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:56 GMT content-encoding gzip via 1.1 varnish x-amz-request-id 91MFE5H32XNTSARR age 987623 x-amz-server-side-encryption AES256 x-cache HIT content-length 1992 x-amz-id-2 ZdtQF4WTF+/3/OjXag9gKnPY6VoIg9Zp05BYZxLBboMhceUXvsro+wXiyh0t2fVInUllNriXT7IyFIi+D/PkfA== x-served-by cache-fra-etou8220128-FRA last-modified Wed, 24 Apr 2024 20:34:25 GMT server AmazonS3 x-timer S1714983236.479064,VS0,VE0 etag "5be05ce494e7cac41d062a0b12a1657c" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/css; charset=utf-8; access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With,Authorization x-cache-hits 5477
GET H2	200	heap-3355954813.js cdn.heapanalytics.com/js/	129 KB 38 KB	74ms 8ms	Script application/javascript	13.32.27.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-3355954813.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-5.fra56.r.cloudfront.net Software nginx / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:43 GMT content-encoding br via 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop FRA56-C2 age 14 x-powered-by Express etag W/"2033e-lm6pCY27a6xxEYIBO216LrLJomk" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id oIKi40Hb1shYVCHv1fsueLHqJxkcDo31l02oWkKpOEBjx3LJ62QpmA==
GET H3	200	emojis-json.a235a801.js maccosmetics.hello-charles.com/js/	0 28 KB	46ms 45ms	Other application/javascript	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/js/emojis-json.a235a801.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/js/app.338713ff.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-3648545aa39012aa5c6be2f21172dd6d' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-3648545aa39012aa5c6be2f21172dd6d' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:57 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-3648545aa39012aa5c6be2f21172dd6d' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-3648545aa39012aa5c6be2f21172dd6d' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip x-permitted-cross-domain-policies none cf-cache-status MISS via 1.1 google x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id c79d71d6-5d03-4281-8855-ceb09f022ece referrer-policy strict-origin-when-cross-origin last-modified Wed, 17 Apr 2024 14:57:41 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag "34db4-VzUeNqV2o0rH46X7xHqb1vGMw2o" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-download-options noopen cache-control public, max-age=31536000 cf-ray 87f783943e669158-FRA
GET DATA	200 OK	truncated /	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H3	401	me maccosmetics.hello-charles.com/api/v0/	139 B 1 KB	45ms 45ms	XHR application/json	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/api/v0/me Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/js/charles.e4c5c022.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-c2949760bd0bcd3d4de87fcfc9452e1d' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-c2949760bd0bcd3d4de87fcfc9452e1d' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 X-Client-Version sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept application/json; charset=utf-8 Referer https://maccosmetics.hello-charles.com/ X-Client-Type Charles SDK JavaScript sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:57 GMT content-security-policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-c2949760bd0bcd3d4de87fcfc9452e1d' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-c2949760bd0bcd3d4de87fcfc9452e1d' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload via 1.1 google x-permitted-cross-domain-policies none cf-cache-status DYNAMIC x-dns-prefetch-control off cross-origin-resource-policy cross-origin server-timing total; dur=4.965951; desc="Total Response Time" alt-svc h3=":443"; ma=86400 content-length 139 x-xss-protection 0 x-request-id ae7951de-76cf-4891-bf03-16751d56e4c7 x-response-time 5.928ms referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy same-origin-allow-popups etag W/"8b-SO7QdfO4JthQPyQ7tDQ9/YcpvHM" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Origin content-type application/json; charset=utf-8 content-language de-DE x-download-options noopen access-control-expose-headers Content-Type,Content-Language,Authorization,Accept,Accept-Language,Origin,X-Resource-Count,X-Charles-Cache,X-Requested-With,X-HTTP-Method-Override,Server-Timing access-control-allow-credentials true x-ratelimit-reset 1714984056 x-ratelimit-limit 10000 cf-ray 87f783932d059158-FRA x-ratelimit-remaining 9999
GET BLOB	200 OK	bcf3c494-3264-49a3-950e-797228313f9e https://maccosmetics.hello-charles.com/	4 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://maccosmetics.hello-charles.com/bcf3c494-3264-49a3-950e-797228313f9e Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 4520 Content-Type application/javascript
GET BLOB	200 OK	bcf3c494-3264-49a3-950e-797228313f9e https://maccosmetics.hello-charles.com/	4 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://maccosmetics.hello-charles.com/bcf3c494-3264-49a3-950e-797228313f9e Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 4520 Content-Type application/javascript
GET		h heapanalytics.com/	0 0
GET H3	200	Primary Request auth Show response maccosmetics.hello-charles.com/api/	3 KB 2 KB	75ms 75ms	Document text/html	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/js/app.338713ff.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2b866c5019e5e780bd7276ac7b19e71c7e646ff04e7d4105b507a5fc599304d Security Headers Name Value Content-Security-Policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-4e251a49276f2eb78d36a2a14564b388' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-4e251a49276f2eb78d36a2a14564b388' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://maccosmetics.hello-charles.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-expose-headers Content-Type,Content-Language,Authorization,Accept,Accept-Language,Origin,X-Resource-Count,X-Charles-Cache,X-Requested-With,X-HTTP-Method-Override,Server-Timing alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87f78394cf1d9158-FRA content-encoding gzip content-language de-DE content-security-policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-4e251a49276f2eb78d36a2a14564b388' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-4e251a49276f2eb78d36a2a14564b388' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin date Mon, 06 May 2024 08:13:57 GMT expect-ct max-age=0 referrer-policy strict-origin-when-cross-origin server cloudflare server-timing total; dur=44.540794999999996; desc="Total Response Time" strict-transport-security max-age=0; includeSubDomains; preload vary Origin via 1.1 google x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-ratelimit-limit 10000 x-ratelimit-remaining 9999 x-ratelimit-reset 1714984056 x-request-id 5e0b55a4-27bc-4d4f-8716-2e5c963a44c1 x-response-time 45.770ms x-xss-protection 0
GET H3	404	favicon.svg maccosmetics.hello-charles.com/img/icons/	14 B 2 KB	43ms 42ms	Other text/html	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/img/icons/favicon.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-8653cdbc67307318a8625041ffa4affd' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-8653cdbc67307318a8625041ffa4affd' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:57 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-8653cdbc67307318a8625041ffa4affd' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-8653cdbc67307318a8625041ffa4affd' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload via 1.1 google x-permitted-cross-domain-policies none cf-cache-status MISS content-encoding gzip x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 6193aead-4bb2-4018-b0ba-f6dd315318aa referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy same-origin-allow-popups expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * x-download-options noopen cf-ray 87f78394cf1e9158-FRA
GET		favicon.svg cdn.hello-charles.com/charles-agent-ui/statics/app/v2/	0 0
GET H3	200	style.css maccosmetics.hello-charles.com/api/public/stylesheets/	3 MB 243 KB	57ms 56ms	Stylesheet text/css	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/api/public/stylesheets/style.css?v=2 Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be1a549857e195725dc53ff03104570feca3d47911df5e831f4f9b348d7cee5 Security Headers Name Value Content-Security-Policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-b9c555c51be4febdf2fd87447c0b579c' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-b9c555c51be4febdf2fd87447c0b579c' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:58 GMT content-security-policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-b9c555c51be4febdf2fd87447c0b579c' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-b9c555c51be4febdf2fd87447c0b579c' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload via 1.1 google x-permitted-cross-domain-policies none cf-cache-status MISS content-encoding gzip x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id ef344dcf-c3b5-461f-b503-f13a88540928 x-response-time 17.963ms referrer-policy strict-origin-when-cross-origin last-modified Thu, 18 Apr 2024 16:57:33 GMT server cloudflare cross-origin-opener-policy same-origin-allow-popups etag W/"2d0ae5-RQJdqsu758gvH0BlrVbI9Yvpn2I" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 x-download-options noopen cache-control max-age=36000, must-revalidate cf-ray 87f783955fd69158-FRA
GET H3	200	login.js Show response maccosmetics.hello-charles.com/api/oauth/	1 KB 2 KB	66ms 61ms	Script application/javascript	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/api/oauth/login.js Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 562f25537a9f3ccfceee414e65f529d18677f0817b2c4e0eb529465659c18f5a Security Headers Name Value Content-Security-Policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-73a5225286e8135ac32c53cc3c7cf68d' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-73a5225286e8135ac32c53cc3c7cf68d' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:58 GMT content-security-policy default-src 'self';frame-src 'self';script-src 'self' cdn.hello-charles.com cdn.jsdelivr.net cdnjs.cloudflare.com 'nonce-73a5225286e8135ac32c53cc3c7cf68d' 'unsafe-inline' 'strict-dynamic';object-src 'none';img-src 'self' data: charles-cdn.storage.googleapis.com cdn.hello-charles.com;script-src-attr 'none';script-src-elem 'self' 'nonce-73a5225286e8135ac32c53cc3c7cf68d' 'unsafe-inline' 'strict-dynamic';style-src 'self' https: 'unsafe-inline';frame-ancestors 'self';font-src 'self' https: data:;base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload via 1.1 google x-permitted-cross-domain-policies none cf-cache-status MISS content-encoding gzip x-dns-prefetch-control off cross-origin-resource-policy cross-origin server-timing total; dur=3.9939489999999997; desc="Total Response Time" alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id b65abc59-0512-49d3-943f-a55ea222e8f0 x-response-time 5.069ms referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy same-origin-allow-popups etag W/"4a9-h34ht4Kai7vJaOPchlvgL8vIIzY" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 content-language de-DE x-download-options noopen access-control-expose-headers Content-Type,Content-Language,Authorization,Accept,Accept-Language,Origin,X-Resource-Count,X-Charles-Cache,X-Requested-With,X-HTTP-Method-Override,Server-Timing access-control-allow-credentials true x-ratelimit-reset 1714984056 x-ratelimit-limit 10000 cf-ray 87f783955fd99158-FRA x-ratelimit-remaining 9999
GET H2	200	logo_text_typie.svg cdn.hello-charles.com/charles-agent-ui/statics/logo/	5 KB 3 KB	29ms 20ms	Image image/svg+xml	2606:4700:10::6816:4fc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hello-charles.com/charles-agent-ui/statics/logo/logo_text_typie.svg Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4fc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eddca33a139b8c1b4ade6de279dee0f54599bcea75cea6295ae41dc3921857d1 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:57 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 1977 x-guploader-uploadid ABPtcPp6yUCY4_hylzPsZB2O3v38YFVWhMXevT4HdeTsyIjKVXzz27PDSLHcuDuT09NqIJ3SYYw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Mon, 04 Mar 2024 15:29:53 GMT server cloudflare etag W/"39281a5b58c583be3d6590213224d47d" vary Accept-Encoding x-goog-hash crc32c=Wj33+g==, md5=OSgaW1jFg749ZZAhMiTUfQ== x-goog-generation 1709566193357728 access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-goog-stored-content-length 5511 access-control-expose-headers * cf-ray 87f783956c871d86-FRA expires Mon, 06 May 2024 08:41:00 GMT
GET H3	404	favicon-32x32.png maccosmetics.hello-charles.com/img/icons/	14 B 2 KB	70ms 70ms	Other text/html	2606:4700:10::6816:4ec5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maccosmetics.hello-charles.com/img/icons/favicon-32x32.png Requested by Host: maccosmetics.hello-charles.com URL: https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4ec5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe Security Headers Name Value Content-Security-Policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-2127fbce8bc2f7141ff8f3070308dec7' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-2127fbce8bc2f7141ff8f3070308dec7' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/api/auth?redirect_path=%2Fhome Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:58 GMT content-security-policy default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-2127fbce8bc2f7141ff8f3070308dec7' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-2127fbce8bc2f7141ff8f3070308dec7' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self' x-content-type-options nosniff strict-transport-security max-age=0; includeSubDomains; preload via 1.1 google x-permitted-cross-domain-policies none cf-cache-status MISS content-encoding gzip x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 75134ce4-3d05-4e84-90e2-c767444935fe referrer-policy strict-origin-when-cross-origin server cloudflare cross-origin-opener-policy same-origin-allow-popups expect-ct max-age=0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * x-download-options noopen cf-ray 87f783957ff39158-FRA
GET H2	200	favicon.svg cdn.hello-charles.com/charles-agent-ui/statics/app/v2/	1 KB 893 B	21ms 21ms	Other image/svg+xml	2606:4700:10::6816:4fc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hello-charles.com/charles-agent-ui/statics/app/v2/favicon.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4fc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9276bde6e1a6da3c393906469926f80b4bce916535954bbc066112ac2534fe42 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:58 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 2731 x-guploader-uploadid ABPtcPpXfp5JcTcxwj0c-kY4zNEYx-OUeCzXfcYHArrY0_vdYZG6Nk4UP_Dm_YF-oj6C0ENOJHZUmOKR x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Mon, 22 May 2023 11:42:02 GMT server cloudflare etag W/"038bf872685fa11cc4b778ae28276805" vary Accept-Encoding x-goog-hash crc32c=ATg+ZA==, md5=A4v4cmhfoRzEt3iuKCdoBQ== x-goog-generation 1684755722230191 access-control-allow-origin * content-type image/svg+xml cache-control public, max-age=3600 x-goog-stored-content-length 1462 access-control-expose-headers * cf-ray 87f78396de3d1d86-FRA expires Mon, 06 May 2024 07:30:00 GMT
GET H3	200	favicon.ico cdn.hello-charles.com/charles-agent-ui/statics/app/v2/	4 KB 2 KB	117ms 117ms	Other image/x-icon	2606:4700:10::6816:4fc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hello-charles.com/charles-agent-ui/statics/app/v2/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4fc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c87bb8fa303440d87c12cd18c8914fdb58e836f0c2f6b3dba20f30df8738ffb Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://maccosmetics.hello-charles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 08:13:58 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding gzip x-guploader-uploadid ABPtcPpT1rqUKnGnwRLC4oeQTBGDaiXi1lfKv2l9OH2BwFwZB-AXWdCUQCOxtiWFfyv0aSa7w5lEQy0H0w x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Mon, 22 May 2023 11:42:02 GMT server cloudflare etag W/"34c7b2e740cb6d3628408ca2a5466b78" vary Accept-Encoding x-goog-generation 1684755722165033 content-type image/x-icon access-control-allow-origin * x-goog-hash crc32c=SWQqlA==, md5=NMey50DLbTYoQIyipUZreA== access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 4286 cf-ray 87f78397092191fc-FRA expires Mon, 06 May 2024 09:13:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

heapanalytics.com

URL

https://heapanalytics.com/h?a=3355954813&u=2842767084450807&v=4940303133917994&s=1753461012835592&b=web&tv=4.0&z=0&h=%2F&d=maccosmetics.hello-charles.com&k=Screen%20Dimensions%20Dashboard%20page&k=1600%20x%201200&k=Screen%20orientation%20Dashboard%20page&k=Horizontal&ts=1714983237773&ubv=124.0.6367.118&upv=10.0.0&st=1714983237776

Domain

cdn.hello-charles.com

URL

https://cdn.hello-charles.com/charles-agent-ui/statics/app/v2/favicon.svg

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| authCode undefined| refreshToken undefined| accessToken function| initAuth function| signInCallback function| post

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hello-charles.com/	1970-01-21 05:51:00	Name: _hp2_id.3355954813 Value: %7B%22userId%22%3A%222842767084450807%22%2C%22pageviewId%22%3A%224940303133917994%22%2C%22sessionId%22%3A%221753461012835592%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.hello-charles.com/	1970-01-20 20:23:05	Name: _hp2_ses_props.3355954813 Value: %7B%22z%22%3A0%2C%22ts%22%3A1714983237773%2C%22d%22%3A%22maccosmetics.hello-charles.com%22%2C%22h%22%3A%22%2F%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://maccosmetics.hello-charles.com/api/v0/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://maccosmetics.hello-charles.com/img/icons/favicon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://maccosmetics.hello-charles.com/img/icons/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';connect-src 'self' wss://maccosmetics.hello-charles.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com api.hello-charles.com staging-3.hello-charles.com staging-4.hello-charles.com api.charlesuniversesdev.com api.charlesuniversestest.com sentry.io o355257.ingest.sentry.io cdn.hello-charles.com charles-cdn.storage.googleapis.com api.giphy.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com maps.gstatic.com proxy-cdn.chls.to https://heapanalytics.com uni-8f61d05f-5269-4743-a1ae-22e3108fedb8.storage.googleapis.com;script-src 'self' cdn.hello-charles.com https://cdn.heapanalytics.com https://heapanalytics.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https://*.appcues.com https://*.appcues.net;object-src 'none';img-src 'self' https://heapanalytics.com data: https: https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com;media-src 'self' https:;script-src-attr 'none';style-src 'self' https: 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com;frame-ancestors 'self';frame-src 'self' https://*.hello-charles.com *.marketplace.hello-charles.com https://charles-flows.com https://*.charles-flows.com https://charlesidentity.com https://*.charlesidentity.com https://app.eu-west-1.prismatic.io/ https://*.appcues.com;font-src 'self' https: data: fonts.gstatic.com charles-cdn.storage.googleapis.com https://heapanalytics.com https://fonts.gstatic.com 'nonce-061759c51cb8aaaacec6fdfffd8a6600' 'unsafe-inline';base-uri 'self';block-all-mixed-content;upgrade-insecure-requests;form-action 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.hello-charles.com
fast.appcues.com
fonts.googleapis.com
heapanalytics.com
maccosmetics.hello-charles.com
www.gstatic.com
cdn.hello-charles.com
heapanalytics.com
13.32.27.5
2606:4700:10::6816:4ec5
2606:4700:10::6816:4fc5
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a04:4e42:400::622
0c87bb8fa303440d87c12cd18c8914fdb58e836f0c2f6b3dba20f30df8738ffb
27e32161d38adc7a0f15aafee186c4878356a9b0939d196a6ea62fd0d227d9d9
385bbfe047c43e1506bc673925d655bc4824409f7327474a2d8f858be686e293
4be1a549857e195725dc53ff03104570feca3d47911df5e831f4f9b348d7cee5
562f25537a9f3ccfceee414e65f529d18677f0817b2c4e0eb529465659c18f5a
6580544b997c6b979c8eedf4edcf395540e36ca47f7e9bc52953742216307c25
8135cc14fdd431fad615ee3e596200fa4d66520c00cb08c8098b027a39d0ab08
835d9c867936202207c82eb0f1c99604c029de91fcb96df7ca92bf1c9b5f5ef0
9276bde6e1a6da3c393906469926f80b4bce916535954bbc066112ac2534fe42
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c85e9520e2a09e24b0671c45ba6033f52ebed22d50e7fcd44f32f8d8cdac5b6c
c8f0c7c679f7810f80cb23405dadd4fbcceaca6743b6f63d0e41af1a1adbbcae
ce08833469a49013a92e71e99401bab39ec8eee427a84395d2abb4618327276c
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
eddca33a139b8c1b4ade6de279dee0f54599bcea75cea6295ae41dc3921857d1
f2b866c5019e5e780bd7276ac7b19e71c7e646ff04e7d4105b507a5fc599304d