<!doctype html>
<!--
  trentpower.fr · /security/

  static, semantic, self-managed, privacy-first.
  architecture · controls · public verification surface · residual risk.
  no analytics. no cookies. no external assets.

  simplicity over complexity.
  transparency over obscurity.
  verifiable integrity over trust assumptions.
-->
<html lang="en" dir="ltr">
<head>
  <!-- head · foundations -->
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
  <meta name="format-detection" content="telephone=no">
  <meta name="color-scheme" content="light dark">
  <meta name="theme-color" content="#E9E5DC">

  <!-- head · language bootstrap -->
  <script>(()=>{const e=document.documentElement;let t='';try{t=localStorage.getItem('tp-lang')||''}catch{}const n=(navigator.languages&&navigator.languages[0])||navigator.language||'en',a=t&&['en','fr'].includes(t)?t:/^fr\b/i.test(n)?'fr':'en';e.lang=a,e.dataset.lang=a,e.classList.add("js");try{const m=localStorage.getItem('tp-theme');if(m==='dark'||m==='light')e.dataset.theme=m}catch{}})();</script>

  <!-- head · document identity -->
  <title>Security &amp; Threat Model · Trent Power</title>
  <meta name="description"
        content="Security architecture, operational controls, public verification surfaces and residual risks">
  <meta name="document-edition" content="2026-05-17">
  <link rel="canonical" href="https://trentpower.fr/security/">

  <!-- head · indexing and discovery -->
  <meta name="robots" content="index, follow">
  <meta name="referrer" content="no-referrer">

  <!-- head · authorship and identity -->
  <meta name="author" content="Trent Power">
  <link rel="author" href="/.well-known/attribution.txt">
  <link rel="alternate" type="application/ld+json" href="/.well-known/person.json">
  <link rel="alternate" type="text/plain" href="/llms.txt">
  <link rel="me" href="https://commons.wikimedia.org/wiki/File:Trent_Power_portrait.jpg">
  <link rel="me" href="https://www.linkedin.com/in/trentpower/">
  <link rel="me" href="https://orcid.org/0009-0002-2652-7188">
  <link rel="me" href="https://www.crunchbase.com/person/trent-power-3f52">

  <!-- head · rights and reuse -->
  <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/">

  <!-- head · social and sharing -->
  <meta property="og:type" content="website">
  <meta property="og:site_name" content="Trent Power">
  <meta property="og:title" content="Security &amp; Threat Model · Trent Power">
  <meta property="og:description" content="Security architecture, operational controls, public verification surfaces and residual risks">
  <meta property="og:url" content="https://trentpower.fr/security/">
  <meta property="og:locale" content="en_AU">
  <meta property="og:image" content="https://trentpower.fr/images/og/security-og.png">
  <meta property="og:image:width" content="1200">
  <meta property="og:image:height" content="630">
  <meta property="og:image:type" content="image/png">
  <meta property="og:image:alt" content="Security &amp; Threat Model · Trent Power">

  <!-- head · application surface -->
  <meta name="application-name" content="Trent Power">
  <meta name="apple-mobile-web-app-title" content="Trent Power">
  <link rel="icon" href="/favicon.ico" sizes="any">
  <link rel="icon" href="/favicon.svg" type="image/svg+xml">
  <link rel="apple-touch-icon" href="/apple-touch-icon.png">
  <link rel="manifest" href="/manifest.webmanifest" type="application/manifest+json">

  <!-- head · rendering and assets -->
  <link rel="stylesheet" href="/styles.css?v=2026-05-17.6e98e889" integrity="sha384-AK3qa3LO+jbdQ26icF8AVgqRIKfZqZ5NMUee1g+vQZTwcHPQT1ckXSbTIswrEQVv">
  <link rel="stylesheet" href="/print.css?v=2026-05-17.6e98e889" media="print">

  <!-- head · structured data -->
  <script type="application/ld+json">{"@context":"https://schema.org","@type":"WebPage","@id":"https://trentpower.fr/security/#page","url":"https://trentpower.fr/security/","name":"Security · Trent Power","description":"Security architecture, operational controls, public verification surfaces and residual risks","inLanguage":"en","isPartOf":{"@id":"https://trentpower.fr/#website"},"about":{"@id":"https://trentpower.fr/#trent-power"},"author":{"@id":"https://trentpower.fr/#trent-power"},"publisher":{"@id":"https://trentpower.fr/#trent-power"},"primaryImageOfPage":{"@type":"ImageObject","url":"https://trentpower.fr/images/og/security-og.png","width":1200,"height":630},"datePublished":"2026-02-15T00:00:00+00:00","dateModified":"2026-05-17T00:00:00+00:00"}</script>
</head>
<body data-page="security" data-layout="masthead" data-surface="record" data-masthead="brand-only" data-edition="2026-05-17">

<a href="#main" class="skip-link">Skip to content</a>

<!-- body · masthead -->
<header class="site-header" data-component="site-header">
  <div class="nav">
    <div class="nav-inner">
      <a class="nav-mark u-author" href="/" aria-label="Trent Power home"><span>Trent</span> <span>Power</span></a>
    </div>
  </div>
</header>

<!-- body · primary content -->
<main class="site security-page" id="main" tabindex="-1">
  <div class="page">

    <!-- primary · 01 · statement -->
    <p class="page-kicker" data-i18n="security.page_kicker">Security &amp; Threat Model</p>
    <h1 class="page-title hero-stack measure-tight" data-i18n-html="security.page_h1"><span class="hero-line">Static.</span><span class="hero-line">Self-managed.</span><span class="hero-line">Verification-led.</span></h1>
    <div class="page-body">
      <p class="page-lede" data-i18n="security.body_intro">How this site is hosted, what it protects, what it doesn't - and how anyone can verify it independently.</p>

      <!-- primary · 02 · architecture -->
      <section class="security-section" aria-labelledby="security-architecture-heading">
        <h2 class="security-section-heading" id="security-architecture-heading" data-i18n="security.s1_summary">1. Architecture</h2>
        <section class="verify-card card" aria-labelledby="security-architecture-heading">
          <div class="verify-card__header">
            <p class="eyebrow" data-i18n="security.architecture_card.kicker">Architecture</p>
          </div>
          <dl class="record-grid">
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.browser_label">Browser</dt>
              <dd data-i18n-html="security.architecture_card.browser_body"><abbr title="HyperText Transfer Protocol Secure">HTTPS</abbr> · no cookies · no analytics</dd>
            </div>
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.host_label">Static host</dt>
              <dd data-i18n-html="security.architecture_card.host_body">Apache · Gandi · Paris · <abbr title="Secure File Transfer Protocol">SFTP</abbr> deployment</dd>
            </div>
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.files_label">Site files</dt>
              <dd data-i18n-html="security.architecture_card.files_body"><abbr title="HyperText Markup Language">HTML</abbr> · <abbr title="Cascading Style Sheets">CSS</abbr> · vanilla JS · self-hosted fonts</dd>
            </div>
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.cache_label">Offline cache</dt>
              <dd data-i18n="security.architecture_card.cache_body">Service worker · local cache after first visit</dd>
            </div>
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.trust_label">Trust</dt>
              <dd data-i18n="security.architecture_card.trust_body">Integrity · Verify · Source · Releases</dd>
            </div>
            <div class="record-grid__row meta-row">
              <dt data-i18n="security.architecture_card.archive_label">Archive</dt>
              <dd data-i18n="security.architecture_card.archive_body">Frozen signed releases</dd>
            </div>
          </dl>
        </section>
        <p class="security-architecture-note" data-i18n="security.s1_routes_note">Public inspection routes expose the signed manifest, page records, readable source mirrors and archived releases without exposing private infrastructure.</p>
      </section>

      <!-- primary · 03 · assets protected -->
      <section class="security-section" aria-labelledby="security-assets-heading">
        <h2 class="security-section-heading" id="security-assets-heading" data-i18n="security.s2_summary">2. Assets protected</h2>
        <p data-i18n="security.s2_body">The controls described here protect:</p>
        <ul class="i18n-list" data-i18n-list="security.s2_list">
          <li>Domain ownership</li>
          <li>DNS integrity</li>
          <li>Hosting account integrity</li>
          <li>Public content integrity</li>
          <li>The signing key used for release authenticity</li>
        </ul>
      </section>

      <!-- primary · 04 · threat model -->
      <section class="security-section" aria-labelledby="security-threat-heading">
        <h2 class="security-section-heading" id="security-threat-heading" data-i18n="security.s3_summary">3. Threat model</h2>
        <section class="security-subsection" aria-labelledby="security-threat-infra">
          <h3 class="security-subheading" id="security-threat-infra" data-i18n="security.s3_infra_heading">Infrastructure compromise</h3>
          <ul class="i18n-list" data-i18n-list="security.s3_infra_list">
            <li>Registrar account takeover</li>
            <li><abbr title="Domain Name System">DNS</abbr> hijack</li>
            <li>Hosting credential compromise</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-threat-content">
          <h3 class="security-subheading" id="security-threat-content" data-i18n="security.s3_content_heading">Content tampering</h3>
          <ul class="i18n-list" data-i18n-list="security.s3_content_list">
            <li>Post-deployment file modification</li>
            <li>Malicious JavaScript injection</li>
            <li>Silent alteration of static assets</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-threat-admin">
          <h3 class="security-subheading" id="security-threat-admin" data-i18n="security.s3_admin_heading">Administrative abuse</h3>
          <ul class="i18n-list" data-i18n-list="security.s3_admin_list">
            <li>Credential stuffing</li>
            <li>Automated vulnerability scanning</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-threat-noise">
          <h3 class="security-subheading" id="security-threat-noise" data-i18n="security.s3_noise_heading">Commodity internet noise</h3>
          <p data-i18n-html="security.s3_noise_body">Continuous automated probing for common <abbr title="Content Management System">CMS</abbr> paths, configuration files, or known endpoints. These are treated as persistent background conditions rather than exceptional events.</p>
        </section>
      </section>

      <!-- primary · 05 · controls -->
      <section class="security-section" aria-labelledby="security-controls-heading">
        <h2 class="security-section-heading" id="security-controls-heading" data-i18n="security.s4_summary">4. Controls</h2>
        <section class="security-subsection" aria-labelledby="security-controls-registrar">
          <h3 class="security-subheading" id="security-controls-registrar" data-i18n-html="security.s4_registrar_heading">Registrar &amp; <abbr title="Domain Name System">DNS</abbr></h3>
          <ul class="i18n-list" data-i18n-list="security.s4_registrar_list">
            <li><abbr title="Multi-Factor Authentication">MFA</abbr> enabled</li>
            <li>Registrar lock active</li>
            <li><abbr title="Domain Name System Security Extensions">DNSSEC</abbr> enabled and validated</li>
            <li><abbr title="Certificate Authority Authorization">CAA</abbr> records restrict certificate issuance</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-controls-hosting">
          <h3 class="security-subheading" id="security-controls-hosting" data-i18n="security.s4_hosting_heading">Hosting</h3>
          <ul class="i18n-list" data-i18n-list="security.s4_hosting_list">
            <li>Multi-factor authentication enabled</li>
            <li><abbr title="Secure File Transfer Protocol">SFTP</abbr>-only deployment</li>
            <li>No <abbr title="Secure Shell">SSH</abbr> shell exposure</li>
            <li>No scheduled background execution</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-controls-content">
          <h3 class="security-subheading" id="security-controls-content" data-i18n="security.s4_content_heading">Public content</h3>
          <ul class="i18n-list" data-i18n-list="security.s4_content_list">
            <li>Static architecture reduces server-side attack surface</li>
            <li>Strict <abbr title="Content Security Policy">CSP</abbr> starting from <code>default-src 'none'</code></li>
            <li>No external resource loading</li>
            <li>No dynamic script execution</li>
          </ul>
        </section>
        <section class="security-subsection" aria-labelledby="security-controls-monitoring">
          <h3 class="security-subheading" id="security-controls-monitoring" data-i18n="security.s4_monitoring_heading">Monitoring</h3>
          <ul class="i18n-list" data-i18n-list="security.s4_monitoring_list">
            <li>Structured log analysis</li>
            <li>Pattern detection and anomaly scoring</li>
            <li>File integrity drift detection against the signed release baseline</li>
          </ul>
        </section>
      </section>

      <!-- primary · 06 · public verification surface -->
      <section class="security-section" aria-labelledby="security-public-verification-heading">
        <h2 class="security-section-heading" id="security-public-verification-heading" data-i18n="security.public_verification_summary">5. Public verification surface</h2>
        <p data-i18n="security.public_verification_intro">The site exposes public inspection routes so published content can be checked without private infrastructure access.</p>
        <ul class="i18n-list" data-i18n-list="security.public_verification_list">
          <li><a href="/integrity/" aria-label="Open the integrity archive for signed releases, public key and manifest"><code>/integrity/</code></a> records signed releases, public key and manifest</li>
          <li><a href="/verify/" aria-label="Open the page verification tool for canonical URLs, source mirrors and fingerprints"><code>/verify/</code></a> records one page’s canonical <abbr title="Uniform Resource Locator">URL</abbr>, source mirror and fingerprint</li>
          <li><a href="/source/" aria-label="Open readable source mirrors of selected public files"><code>/source/</code></a> publishes readable mirrors of selected public files</li>
          <li><a href="/integrity/releases/" aria-label="Open frozen signed release snapshots"><code>/integrity/releases/</code></a> preserves frozen signed snapshots</li>
        </ul>
        <p data-i18n-html="security.public_verification_footer">These routes support inspection and provenance. They do not remove the need to protect <abbr title="Domain Name System">DNS</abbr>, hosting credentials and the private signing key.</p>
      </section>

      <!-- primary · 07 · residual risk -->
      <section class="security-section" aria-labelledby="security-residual-heading">
        <h2 class="security-section-heading" id="security-residual-heading" data-i18n="security.s6_summary">6. Residual risk</h2>
        <p data-i18n="security.s6_protect_summary">This model protects the public static site. It does not protect against registrar compromise, hosting compromise, client-device compromise or private key compromise.</p>
        <p data-i18n="security.s6_intro">This model does not attempt to address:</p>
        <ul class="i18n-list" data-i18n-list="security.s6_list">
          <li>Physical compromise of hosting infrastructure</li>
          <li>Global <abbr title="Domain Name System">DNS</abbr> root compromise</li>
          <li>Certificate authority (<abbr title="Certificate Authority">CA</abbr>) compromise</li>
          <li>State-level adversaries</li>
          <li>Zero-day browser exploits on client devices</li>
        </ul>
        <p data-i18n-html="security.s6_footer">The main risks remain domain, <abbr title="Domain Name System">DNS</abbr>, hosting and private key compromise.</p>
      </section>

      <!-- primary · 08 · disclosure -->
      <section class="security-section" aria-labelledby="security-disclosure-heading">
        <h2 class="security-section-heading" id="security-disclosure-heading" data-i18n="security.s7_summary">7. Disclosure</h2>
        <p data-i18n-html="security.s7_body">Responsible disclosure is welcome. Security contact details and encrypted communication instructions are published at <a href="/.well-known/security.txt" aria-describedby="desc-security-contact"><code>/.well-known/security.txt</code></a>.</p>
        <span class="visually-hidden" id="desc-security-contact" data-i18n="linkdesc.security_contact">Read the security.txt disclosure policy for this site</span>
      </section>

      <!-- primary · 09 · design principles -->
      <section class="security-section" aria-labelledby="security-design-heading">
        <h2 class="security-section-heading" id="security-design-heading" data-i18n="security.s8_summary">8. Design principles</h2>
        <ul class="i18n-list" data-i18n-list="security.s8_list">
          <li>Simplicity over complexity</li>
          <li>Deterministic behaviour over dynamic systems</li>
          <li>Transparency over obscurity</li>
          <li>Verifiable integrity over trust assumptions</li>
        </ul>
      </section>

    </div>
  </div>

</main>


<!-- body · footer -->
<footer class="site-footer" aria-label="Site footer">
  <div class="site-footer__inner">

    <!-- top stratum · identity · nav · language -->
    <div class="site-footer__top">

      <p class="site-footer__identity">
        <span class="year">&copy; <time datetime="2026">2026</time></span>
        <a class="wm" href="/" rel="home" aria-describedby="desc-home-footer">Trent Power</a>
        <span class="visually-hidden" id="desc-home-footer" data-i18n="linkdesc.home">Return to the homepage</span>
      </p>

      <nav class="site-footer__nav" aria-label="Footer">
        <span data-i18n="footer.location">Paris, France</span>
        <span class="sep" aria-hidden="true">&middot;</span>
        <a class="site-footer__action" href="/privacy/" rel="privacy-policy" aria-describedby="desc-privacy" data-i18n="footer.privacy">Privacy</a>
        <span class="visually-hidden" id="desc-privacy" data-i18n="linkdesc.privacy">Read how this site avoids analytics, cookies, profiling, tracking, and third-party assets</span>
        <span class="sep" aria-hidden="true">&middot;</span>
        <button type="button" class="site-footer__action"
                data-cite-open aria-haspopup="dialog"
                aria-describedby="desc-cite"
                data-i18n="footer.verify">Verify</button>
        <span class="visually-hidden" id="desc-cite" data-i18n="linkdesc.cite">Open citation and verification details for this page</span>
      </nav>

      <ul class="site-footer__language" aria-label="Language">
        <li><button type="button" data-lang="en" aria-pressed="true"  aria-describedby="desc-lang-en" lang="en">English</button> <span class="visually-hidden" id="desc-lang-en" data-i18n="linkdesc.lang_en">Read this site in English</span></li>
        <li aria-hidden="true"><span class="sep">&middot;</span></li>
        <li><button type="button" data-lang="fr" aria-pressed="false" aria-describedby="desc-lang-fr" lang="fr">Français</button> <span class="visually-hidden" id="desc-lang-fr" data-i18n="linkdesc.lang_fr">Lire ce site en français</span></li>
      </ul>

    </div>

    <hr class="site-footer__break" aria-hidden="true">

    <!-- bottom stratum · imprint · theme -->
    <div class="site-footer__bottom">

      <dl class="site-footer__imprint is-loading" id="footerImprint" aria-label="Publication integrity">
        <dt data-i18n="footer.proof.edition">Edition</dt>
        <dd><span data-proof="edition">&mdash;</span></dd>
        <dt data-i18n="footer.proof.signed">SHA256</dt>
        <dd><a class="sha-link" href="/integrity/" aria-describedby="desc-integrity"
               data-proof="sha" data-i18n-title="footer.proof.sha_title">sha256:&mdash;</a> <span class="visually-hidden" id="desc-integrity" data-i18n="linkdesc.integrity">Open the public integrity record, including hashes, signatures, and release verification</span></dd>
        <dt data-i18n="footer.proof.last_verified">Verified</dt>
        <dd><span class="v--fresh" data-proof="verified">&mdash;</span></dd>
      </dl>

      <ul class="site-footer__theme" aria-label="Appearance">
        <li><button type="button" data-theme="light"  aria-pressed="false" aria-describedby="desc-theme-light" data-i18n="footer.theme.light">Light</button> <span class="visually-hidden" id="desc-theme-light" data-i18n="linkdesc.theme_light">Switch to the light appearance</span></li>
        <li aria-hidden="true"><span class="sep">&middot;</span></li>
        <li><button type="button" data-theme="system" aria-pressed="true"  aria-describedby="desc-theme-auto" data-i18n="footer.theme.auto">Auto</button> <span class="visually-hidden" id="desc-theme-auto"  data-i18n="linkdesc.theme_auto">Match the system appearance setting</span></li>
        <li aria-hidden="true"><span class="sep">&middot;</span></li>
        <li><button type="button" data-theme="dark"   aria-pressed="false" aria-describedby="desc-theme-dark" data-i18n="footer.theme.dark">Dark</button> <span class="visually-hidden" id="desc-theme-dark"  data-i18n="linkdesc.theme_dark">Switch to the dark appearance</span></li>
      </ul>

    </div>

  </div>
</footer>
<!-- body · print edition -->
<div class="print-trust-sheet print-only" data-print-sheet="security" hidden aria-hidden="true">
  <header class="print-trust-header">
    <p class="print-trust-kicker" data-i18n="security.print.kicker">Security &amp; Threat Model</p>
    <p class="print-trust-title" data-i18n="security.print.title">Static, self-managed, verification-led</p>
    <p class="print-trust-lede" data-i18n="security.print.lede">The public site is static HTML, CSS and vanilla JavaScript, with strict headers, no runtime server logic, no public database and no third-party scripts.</p>
    <p class="print-trust-meta" data-i18n="security.print.meta">Edition 2026-05-17 · trentpower.fr/security/</p>
  </header>

  <figure class="print-trust-diagram" aria-hidden="true">
    <img src="/images/architecture/architecture.svg" alt="" class="print-trust-diagram-image">
  </figure>

  <div class="print-trust-grid">
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">01</span> <span data-i18n="security.print.card.01.title">Architecture</span></p>
      <p data-i18n="security.print.card.01.body">Static HTML, CSS, vanilla JavaScript. Self-managed deployment on Apache (Gandi, Paris). No public database.</p>
    </div>
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">02</span> <span data-i18n="security.print.card.02.title">Security headers</span></p>
      <p data-i18n-html="security.print.card.02.body"><abbr title="Content Security Policy">CSP</abbr> default-deny. <abbr title="HTTP Strict Transport Security">HSTS</abbr>. <abbr title="Cross-Origin Opener Policy">COOP</abbr> / <abbr title="Cross-Origin Embedder Policy">COEP</abbr> / <abbr title="Cross-Origin Resource Policy">CORP</abbr>. Referrer-Policy no-referrer. Locked-down Permissions-Policy.</p>
    </div>
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">03</span> <span data-i18n="security.print.card.03.title">Assets protected</span></p>
      <p data-i18n="security.print.card.03.body">Identity. Published content. Public verification files. Source integrity.</p>
    </div>
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">04</span> <span data-i18n="security.print.card.04.title">Threat model</span></p>
      <p data-i18n="security.print.card.04.body">Content injection. Hosting credential compromise. Spoofed identity. Stale or tampered files.</p>
    </div>
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">05</span> <span data-i18n="security.print.card.05.title">Controls</span></p>
      <p data-i18n="security.print.card.05.body">No third-party scripts. No public forms. Signed integrity manifest. Restricted file exposure. Service-worker-controlled cache.</p>
    </div>
    <div class="print-trust-card">
      <p class="print-trust-label"><span class="num">06</span> <span data-i18n="security.print.card.06.title">Residual risk</span></p>
      <p data-i18n="security.print.card.06.body">Hosting and registrar risk remain. Static-site exposure is reduced, not eliminated. Responsible disclosure route is published.</p>
    </div>
  </div>

  <footer class="print-trust-footer">
    <div class="print-trust-footer-text">
      <p class="print-proof" data-i18n="security.print.footer.proof">Private · Static · Signed · No tracking</p>
      <p data-i18n="security.print.footer.edition">Edition 2026-05-17 · trentpower.fr/security/</p>
    </div>
    <div class="print-qr-block" aria-hidden="true">
      <img class="print-qr-image" src="/images/qr/qr-security.svg" width="144" height="144" loading="lazy" decoding="async" alt="">
      <p class="print-qr-url">trentpower.fr/security/</p>
    </div>
  </footer>
</div>

<!-- body · behaviour -->
<script src="/i18n-core.js?v=2026-05-17.6e98e889" integrity="sha384-hlHSdRI6KckQljSDECHv+YDTCS8/wboE2Cpj+fdWbvbAj5ZseNghX/zYq0q5qCLW" defer></script>
<script src="/app.js?v=2026-05-17.6e98e889" integrity="sha384-i8I6EF83/NEUhPK6uITS63Mtf+AGky9aZnDFbyLZgV55dNtsIxTmVzhU4H1xMiv0" defer></script>
<script src="/app-enhance.js?v=2026-05-17.6e98e889" integrity="sha384-nyFedKd06EN9LqTUpl41Ln9bJvrfivawSLNQXsWeHNV0GoZBdeVoZByRtUkUbQVR" defer></script>
<script src="/verify/verification-data.2026-05-17.06468e3a.js" integrity="sha384-yzCX3Ahac4tvve5Gaxw/3GIJdgAcz3xdGOCMwcVvh8QSJTTDGAPFVZdcy5xRY0XW" defer></script>
<script src="/cite.js?v=2026-05-17.6e98e889" integrity="sha384-4I/E86WaRL6S/DO7gBHEtZOUB21AOnoRdstWR+v3SsCxrqE9el8PrFHyC03JUqPD" defer></script>

</body>
</html>
