urlscan.io logo urlscan.io
SecurityTrails logo

www.upswingcapital.com Open in urlscan Pro
35.152.104.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://upswingcapitalplan.com/
Effective URL: https://www.upswingcapital.com/
Submission: On September 18 via api from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 29 HTTP transactions. The main IP is 35.152.104.113, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.upswingcapital.com.
TLS certificate: Issued by R10 on August 10th 2024. Valid for: 3 months.
This is the only time www.upswingcapital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 35.152.104.113 16509 (AMAZON-02)
11 104.18.160.117 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 52.222.232.144 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.105 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
29 9
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
upswingcapitalplan.com
1    35.152.104.113 (Milan, Italy)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
www.upswingcapital.com
11    104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.112.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-105.fra56.r.cloudfront.net
uploads-ssl.webflow.com
12    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 gstatic.com
fonts.gstatic.com
215 KB
11 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6185
877 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 407
fonts.googleapis.com — Cisco Umbrella Rank: 31
7 KB
1 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 21826
103 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215
27 KB
1 upswingcapital.com
www.upswingcapital.com
14 KB
1 upswingcapitalplan.com
upswingcapitalplan.com
499 B
29 8
Domain Requested by
12 fonts.gstatic.com fonts.googleapis.com
11 cdn.prod.website-files.com www.upswingcapital.com
cdn.prod.website-files.com
1 uploads-ssl.webflow.com cdn.prod.website-files.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.upswingcapital.com
1 cdnjs.cloudflare.com www.upswingcapital.com
1 ajax.googleapis.com www.upswingcapital.com
1 www.upswingcapital.com
1 upswingcapitalplan.com 1 redirects
29 9

This site contains links to these domains. Also see Links.

Domain
form.jotform.com
www.trustpilot.com
www.mcarocket.com
Subject Issuer Validity Valid
www.upswingcapital.com
R10		 2024-08-10 -
2024-11-08		 3 months crt.sh
prod.website-files.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2024-06-28 -
2025-07-26		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.upswingcapital.com/
Frame ID: 2F88A06AEE4F05479A9E694A5111C62F
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Upswing Capital

Page URL History Show full URLs

  1. http://upswingcapitalplan.com/ HTTP 307
    https://upswingcapitalplan.com/ HTTP 301
    https://www.upswingcapital.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

9
IPs

5
Countries

1276 kB
Transfer

4488 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://upswingcapitalplan.com/ HTTP 307
    https://upswingcapitalplan.com/ HTTP 301
    https://www.upswingcapital.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.upswingcapital.com/
Redirect Chain
  • http://upswingcapitalplan.com/
  • https://upswingcapitalplan.com/
  • https://www.upswingcapital.com/
53 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.upswingcapital.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.152.104.113 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
Software
/
Resource Hash
f64cd22dd857003e102ca97cc284bf4db38e148021dec60df6dff22c345c72a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
13952
content-type
text/html
date
Wed, 18 Sep 2024 11:35:26 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-cluster-name
eu-south-1-prod-hosting-red
x-lambda-id
92a8f757-ea65-4d45-93eb-199a006b7366
x-served-by
cache-lin1730077-LIN
x-timer
S1726659326.059837,VS0,VE513

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8c510852be3fb8e5-AMS
content-length
167
content-type
text/html
date
Wed, 18 Sep 2024 11:35:25 GMT
expires
Wed, 18 Sep 2024 12:35:25 GMT
location
https://www.upswingcapital.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTuIPVeneEx6w24n%2BLrnAdp65Bet6wLKGZb%2F378R7hsoSCv1QgZWVBpPm7XylxtMWeMuRepgjTh6MJ%2BFyYF%2BBrrlkYKP1LsgTOb9SNmWW1w6h%2Bio3npsLU%2F7eBo29hc6KFry0PhhM9mw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
salutions-exceptional-sit-10d8a95b1f3e2.webflow.bd56bd199.css
cdn.prod.website-files.com/65e6818de368b4334cafb806/css/ 		250 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/css/salutions-exceptional-sit-10d8a95b1f3e2.webflow.bd56bd199.css
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da68ed51e850c0fbaa631fd106aad444df39a66da5eb6b6c79ba30ea499a5535

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"b13b85c23d16fe34ba64a38696589d22"
x-amz-version-id
EV6EzB9P6Gd0EI3PKTD_3xLSZbHaCkEs
age
921262
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
text/css
last-modified
Mon, 01 Jul 2024 17:47:19 GMT
vary
Accept-Encoding
x-amz-id-2
cSqbM970WsJAlxI4cS5A37h/BFe/ts7DtTQF0X34HrdC8JISfuZI1Bt+Klzi/l0fc/5bUE6s/JQ=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
8B8T180FRK9R3BS6
cf-ray
8c5108586fd4671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
37733
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
gzip
age
80414
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 13:15:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 13:15:12 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"659afac8-6b2d"
age
64674
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXPxx%2B7okkaCJ59DMKMhnz0y9Wr1gJZUljFpJJOLn9ulgSyiKz1zI40HTZMCuip7WDXiwKaLlZQpYOF1JMTMotm7NcO3TVpj7HpEnsge3IpAesQgNhyS2HtUXGG0vfprPERYEzoO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Sep 2025 11:35:26 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 07 Jan 2024 20:26:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8c510858798d0e84-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
27437
server
cloudflare
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65e6818de368b4334cafb806
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-144.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://www.upswingcapital.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
28236
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
KX5cup0yeUdK5JqoWfTxx-0qUCKGkMbFC7oppkFFWhAz_HgyT3-0RA==
date
Wed, 18 Sep 2024 03:44:51 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
Accept-Encoding
cache-control
max-age=84600, must-revalidate
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
webflow.d644faf91.js
cdn.prod.website-files.com/65e6818de368b4334cafb806/js/ 		3 MB
517 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/js/webflow.d644faf91.js
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7dc7ee5e2e807eb01e2100870d477a73d7a345119ec01f3a705da206711d6c

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"e15c313e2dc47d7cc0f29593401c0a3f"
x-amz-version-id
DCHYDs0p5rSgQsjP.us0cAzTCf444zUb
age
921262
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
text/javascript
last-modified
Mon, 01 Jul 2024 17:47:19 GMT
vary
Accept-Encoding
x-amz-id-2
95i+DKNbGpsPlVw0XwXwMTtOtlZYCwsPl4E9+cZ2sNxQCEjksTrdg+rpz3koaXLPIpDXLVdPeSE=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
8G7V2CPRYZ4262BJ
cf-ray
8c5108586fd8671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
528517
server
cloudflare
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c319b1fa9d3c6bfcd85453bbcffff119ad5018a8409141190ea59b6cf08b250d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 11:35:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 11:35:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
65e7fb5b0b452dbfac7ef24b_65e6818de368b4334cafb918_64d16fef632c0db88758c35d_LooperGroup%20New%20Color.webp
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7fb5b0b452dbfac7ef24b_65e6818de368b4334cafb918_64d16fef632c0db88758c35d_LooperGroup%20New%20Color.webp
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47179f7621c8623e5eeb68daa4323b76e5a1b97c3807ffdf38ab605efa5e498

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

cf-cache-status
HIT
etag
"ab222bcb993a282ca4b4a6dd35896933"
x-amz-version-id
aJw.mQtvNowZhLIVpGMEyYpKETLTB_SA
age
78044
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/webp
last-modified
Wed, 06 Mar 2024 05:13:00 GMT
vary
Accept-Encoding
x-amz-id-2
+cORU2wKM3qTyK2KXILVPDVCeogP3yWDUbfCwzcXt/8ARnHjTwiZsNJvksrZTxD2Z+nIKcVnXoA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MB9T3FSA1ABJHZ91
cf-ray
8c5108593903671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
77496
server
cloudflare
x-amz-server-side-encryption
AES256
65e7fadd170eb39ed515a209_65e6818de368b4334cafb970_64d16fef632c0db88758c364_LooperGroup3%20New%20color.webp
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7fadd170eb39ed515a209_65e6818de368b4334cafb970_64d16fef632c0db88758c364_LooperGroup3%20New%20color.webp
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/65e6818de368b4334cafb806/css/salutions-exceptional-sit-10d8a95b1f3e2.webflow.bd56bd199.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f94a317d917d71155d5bd315d2da95831d52776c45d44705244a9facdba428

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/css/salutions-exceptional-sit-10d8a95b1f3e2.webflow.bd56bd199.css

Response headers

cf-cache-status
HIT
etag
"300b71c95dfef29eda9eebabf85ef82f"
x-amz-version-id
PDSskzjdabwJsLhSvHuP234lhnb1ErVJ
age
2139892
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/webp
last-modified
Wed, 06 Mar 2024 05:10:55 GMT
vary
Accept-Encoding
x-amz-id-2
zM2KqzKTcAytJqCcEcwGYvpiEmXK167zR6EzNsWPv8/gKKXHzWioj+/pSu+WQc3VVoJQaKxiwj0=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
0Y4MBG0VH9FCHWGX
cf-ray
8c5108593907671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
138422
server
cloudflare
x-amz-server-side-encryption
AES256
65e6818de368b4334cafb860_fa-solid-900.ttf
uploads-ssl.webflow.com/65e6818de368b4334cafb806/ 		199 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/65e6818de368b4334cafb806/65e6818de368b4334cafb860_fa-solid-900.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/65e6818de368b4334cafb806/css/salutions-exceptional-sit-10d8a95b1f3e2.webflow.bd56bd199.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-105.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af849952e881b92cf7206540a91c5feefe23ff5910af83097cbb2eaff614ba20

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://cdn.prod.website-files.com/

Response headers

content-encoding
gzip
x-amz-version-id
2I72J7Ox9QWPkb98WDB06moYDIWO6ier
etag
W/"781e85bb50c8e8301c30de56b31b1f04"
age
12811713
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
i7X2KpGEj2ZL3XgZ-UzVBXi6JoLsTjvSP6yhydLNcfCRXbnZAsDBmg==
date
Tue, 23 Apr 2024 04:46:54 GMT
content-type
application/x-font-ttf
vary
Accept-Encoding
last-modified
Tue, 05 Mar 2024 02:21:02 GMT
cache-control
max-age=31536000, must-revalidate
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
65e7f86c363f1d3c609ad597_upswing-cap-logo%201.png
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7f86c363f1d3c609ad597_upswing-cap-logo%201.png
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2816e5d14094ab9ca6aad7d1bec4f883908b9a626c8ad86520d9e139a8a3165c

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

cf-cache-status
HIT
etag
"4a2e3ade5ec323ffba3e98039b9c7171"
x-amz-version-id
dGAIL4dhUVM2NPhfY6SbLWc.AxBGkRHA
age
6765726
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/png
last-modified
Wed, 06 Mar 2024 05:00:29 GMT
vary
Accept-Encoding
x-amz-id-2
ou1uDyaoYP7GR+nqpW73Wg1jcn0rfscfKje1XbKMaLXQxBijWF5sn/7eshwqUp5laBWxvBjx0GrXsjZAtxvaOg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
5GHFZXZQJ658MGA3
cf-ray
8c5108596953671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
19587
server
cloudflare
x-amz-server-side-encryption
AES256
65e6818de368b4334cafb847_arrow%20green%20white.svg
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		417 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e6818de368b4334cafb847_arrow%20green%20white.svg
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75edc03a1674a31c7f1813e698be9430e3248c6c62b9fc1e2258aec7e7489c61

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b0dff36f4304283bc8aa148d1201e05d"
x-amz-version-id
HrUFL65tnzYBeYiV7VzKw8thdau.YaNU
age
921260
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/svg+xml
last-modified
Tue, 05 Mar 2024 02:21:02 GMT
vary
Accept-Encoding
x-amz-id-2
K36jfCMYPVrk5s/V7Dixac64ho6/edv4HSHWLn2/FP4GHD5bXucmSkhNNgQXPmc+RhKNYhw+3bY=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
H5GDM1T9VASRS6J5
cf-ray
8c5108596956671f-AMS
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65e7f93db7a8fce764b10920_64d16fef632c0db88758c411_arrow%20green%201.svg
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		605 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7f93db7a8fce764b10920_64d16fef632c0db88758c411_arrow%20green%201.svg
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e280e48ddf6483da5bbd056aaa9bedb509e5ace3c45e581fa6c91defa731e653

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9d58ef1174196e5f54b51a849011d7ef"
x-amz-version-id
ryGU.SW2vIKtSmPTaxGo.k3weO0AgjB.
age
921260
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/svg+xml
last-modified
Wed, 06 Mar 2024 05:03:58 GMT
vary
Accept-Encoding
x-amz-id-2
f13pNeCCEVnt8M0PqF07SwHk3muHaP7Sbb2FnMqX80jMSj0vH3yf8r8LQDtCCIvPgnzASqDZ5Dk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
H5G3BR5WT3047RDZ
cf-ray
8c510859695a671f-AMS
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65e89ed3a623f68c25a59295_shakinghands-p-800.jpg
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e89ed3a623f68c25a59295_shakinghands-p-800.jpg
Requested by
Host: www.upswingcapital.com
URL: https://www.upswingcapital.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f16461e4af6dc561eb51c5174a5dbd2450698ce83a5e874b99a4124c231440c

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

cf-bgj
h2pri
etag
"f47fe84cd2460d28ebc2f7b6ee772817"
x-amz-version-id
ZQidmrNjM6NMDm9bUaR..b0MsMzJf4WU
cf-cache-status
HIT
age
921260
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:26 GMT
content-type
image/jpg
last-modified
Wed, 06 Mar 2024 17:05:06 GMT
vary
Accept-Encoding
x-amz-id-2
MQUcGlI9Cjq99fEYwSWuZZf9Ahk2G8RxoI4/dxESbK6hFtrOQPoQIZeevGIJysfyVT3S3vQ6kJQ=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
D88R35P20EB8X0K6
cf-ray
8c510859695b671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
46559
server
cloudflare
x-amz-server-side-encryption
AES256
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z9mXg.woff2
fonts.gstatic.com/s/dmsans/v15/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z9mXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8905a3719ff792d3b18a7c40ae820c9fce92782bb7696abc29d6987ebc93cd82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
313479
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 20:30:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 20:30:48 GMT
last-modified
Thu, 21 Mar 2024 23:59:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36772
x-xss-protection
0
server
sffe
S6u8w4BMUTPHh30AXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v24/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-qNiXg7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5010c0df836d8c80e36d7fd2ef00de4d7b5b34d359c330489d8b1a695665a719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
84419
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:08:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 12:08:28 GMT
last-modified
Tue, 02 May 2023 15:21:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13284
x-xss-protection
0
server
sffe
S6u-w4BMUTPHjxsIPx-oPCLC79U1.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCLC79U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d04f44613eb8cce1613f0b31dc5de9050b6695c5c80e6c01fe3239d97efce3f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
395216
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Sep 2025 21:48:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Sep 2024 21:48:31 GMT
last-modified
Tue, 02 May 2023 15:31:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14104
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bb29c58eadc0f0c7b704f5fce2490d10cb62efa55797a09c9b8f91b3b54cb34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
333391
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 14:58:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 14:58:56 GMT
last-modified
Tue, 02 May 2023 15:08:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13912
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557b2ebbaa821105e39de764e480f0bc8641993863c8133fdecdfb85bf69fcc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
382255
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 01:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 01:24:32 GMT
last-modified
Tue, 02 May 2023 15:19:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14752
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
299291
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 15 Sep 2025 00:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Sep 2024 00:27:16 GMT
last-modified
Tue, 02 May 2023 15:17:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13980
x-xss-protection
0
server
sffe
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3360f8439a1a3f48e8b58fcb6f3a3cbaaa76488a1b846acfe1e3b623c0562f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
294196
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 15 Sep 2025 01:52:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Sep 2024 01:52:11 GMT
last-modified
Tue, 02 May 2023 15:10:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14860
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
85467
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:51:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:51:00 GMT
last-modified
Tue, 02 May 2023 15:29:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14168
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b833d8ce706a334bf1349ac9e8a424d2754604bdc412ee1ea0ae75e1379ea92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
382473
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 01:20:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 01:20:54 GMT
last-modified
Tue, 02 May 2023 15:12:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14868
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
313487
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 20:30:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 20:30:40 GMT
last-modified
Tue, 02 May 2023 15:20:27 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13724
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a30702089e10a3f6b7c78c481dd59ee05d0ea77dac4a484146ae6a62be0acb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
385388
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 00:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 00:32:19 GMT
last-modified
Tue, 02 May 2023 15:11:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14496
x-xss-protection
0
server
sffe
rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58UfivUw.woff2
fonts.gstatic.com/s/dmsans/v15/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2Wp2ywxg089UriCZaSExd86J3t9jz86MvyyKy58UfivUw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDM+Sans:regular,italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e8bfe82c58708c7b59e23b8272486856b3e2f050c151528544e6042306e0bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://www.upswingcapital.com
Referer
https://fonts.googleapis.com/

Response headers

age
84323
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:10:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 12:10:04 GMT
last-modified
Fri, 22 Mar 2024 00:00:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39632
x-xss-protection
0
server
sffe
65e7fe59ab4cd903e5d3190b_65e6818de368b4334cafb912_64d16fef632c0db88758c35c_OuYhC6XdqQ%20(1)%20(1).json
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		196 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7fe59ab4cd903e5d3190b_65e6818de368b4334cafb912_64d16fef632c0db88758c35c_OuYhC6XdqQ%20(1)%20(1).json
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/65e6818de368b4334cafb806/js/webflow.d644faf91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcb40b07220e8a324020c2874fd0b54a45e97c565f13246874ebb43a2fa8a8d

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
HIT
etag
W/"fcd1d688443c643610623f7c3118b77f"
x-amz-version-id
4IcbOoOqQdkxM3vT4PE4f.QEUgDpGppw
age
921256
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:27 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 06 Mar 2024 05:25:46 GMT
x-amz-id-2
3W4LcEl2f2fCYFKhbSHhOoVu3ym/HMMal2uRuWiA6AydnW++KxTCNQFJdwu9NiAff1Q0yYfTSbMiAwJ6NSrSfg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
7RNS8Q7RXGT8BD21
cf-ray
8c51085b28ed0e39-AMS
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65e7fe59ab4cd903e5d3190b_65e6818de368b4334cafb912_64d16fef632c0db88758c35c_OuYhC6XdqQ%20(1)%20(1).json
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		196 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e7fe59ab4cd903e5d3190b_65e6818de368b4334cafb912_64d16fef632c0db88758c35c_OuYhC6XdqQ%20(1)%20(1).json
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/65e6818de368b4334cafb806/js/webflow.d644faf91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcb40b07220e8a324020c2874fd0b54a45e97c565f13246874ebb43a2fa8a8d

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
HIT
etag
W/"fcd1d688443c643610623f7c3118b77f"
x-amz-version-id
4IcbOoOqQdkxM3vT4PE4f.QEUgDpGppw
age
921256
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:27 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 06 Mar 2024 05:25:46 GMT
x-amz-id-2
3W4LcEl2f2fCYFKhbSHhOoVu3ym/HMMal2uRuWiA6AydnW++KxTCNQFJdwu9NiAff1Q0yYfTSbMiAwJ6NSrSfg==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
7RNS8Q7RXGT8BD21
cf-ray
8c51085b28ed0e39-AMS
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
65e8d554c99ff8fe20570e78_Frame%204.png
cdn.prod.website-files.com/65e6818de368b4334cafb806/ 		771 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/65e6818de368b4334cafb806/65e8d554c99ff8fe20570e78_Frame%204.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5100129cf7c2daa65f0dcf90f774b9af6abbae9c338d9b185430ba7b6599c6e4

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://www.upswingcapital.com/

Response headers

cf-cache-status
HIT
etag
"d2634d6d96f442f508ef2c23f9e82b86"
x-amz-version-id
Mf5as8ji_C6IDCMxtvh72YdmhKZnpdWl
age
10865
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 11:35:27 GMT
content-type
image/png
last-modified
Wed, 06 Mar 2024 20:43:01 GMT
vary
Accept-Encoding
x-amz-id-2
9lRJNRk387PxtE1xchQ/EQVCmlUUsfT30+7jPwqWis7q07avJswaXXCp6eX18d+xy27j36dAF+3rCi7kERvmhwwOjbWtmvUr
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
8ZK9T0Q4TZG24F2M
cf-ray
8c51085cffb9671f-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
771
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont function| $ function| jQuery object| __WEBFLOW_CURRENCY_SETTINGS function| tram object| Webflow

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.prod.website-files.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
uploads-ssl.webflow.com
upswingcapitalplan.com
www.upswingcapital.com
104.17.25.14
104.18.160.117
18.66.112.105
188.114.97.3
2a00:1450:4001:800::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81d::200a
35.152.104.113
52.222.232.144
1e8bfe82c58708c7b59e23b8272486856b3e2f050c151528544e6042306e0bdd
22f94a317d917d71155d5bd315d2da95831d52776c45d44705244a9facdba428
2816e5d14094ab9ca6aad7d1bec4f883908b9a626c8ad86520d9e139a8a3165c
4b833d8ce706a334bf1349ac9e8a424d2754604bdc412ee1ea0ae75e1379ea92
5010c0df836d8c80e36d7fd2ef00de4d7b5b34d359c330489d8b1a695665a719
5100129cf7c2daa65f0dcf90f774b9af6abbae9c338d9b185430ba7b6599c6e4
557b2ebbaa821105e39de764e480f0bc8641993863c8133fdecdfb85bf69fcc7
5c3360f8439a1a3f48e8b58fcb6f3a3cbaaa76488a1b846acfe1e3b623c0562f
5f16461e4af6dc561eb51c5174a5dbd2450698ce83a5e874b99a4124c231440c
75edc03a1674a31c7f1813e698be9430e3248c6c62b9fc1e2258aec7e7489c61
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7bb29c58eadc0f0c7b704f5fce2490d10cb62efa55797a09c9b8f91b3b54cb34
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8905a3719ff792d3b18a7c40ae820c9fce92782bb7696abc29d6987ebc93cd82
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9fcb40b07220e8a324020c2874fd0b54a45e97c565f13246874ebb43a2fa8a8d
a30702089e10a3f6b7c78c481dd59ee05d0ea77dac4a484146ae6a62be0acb22
a47179f7621c8623e5eeb68daa4323b76e5a1b97c3807ffdf38ab605efa5e498
af849952e881b92cf7206540a91c5feefe23ff5910af83097cbb2eaff614ba20
bc7dc7ee5e2e807eb01e2100870d477a73d7a345119ec01f3a705da206711d6c
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
c319b1fa9d3c6bfcd85453bbcffff119ad5018a8409141190ea59b6cf08b250d
d04f44613eb8cce1613f0b31dc5de9050b6695c5c80e6c01fe3239d97efce3f0
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
da68ed51e850c0fbaa631fd106aad444df39a66da5eb6b6c79ba30ea499a5535
e280e48ddf6483da5bbd056aaa9bedb509e5ace3c45e581fa6c91defa731e653
f64cd22dd857003e102ca97cc284bf4db38e148021dec60df6dff22c345c72a0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d