urlscan.io logo urlscan.io
SecurityTrails logo

wintermute.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wintermute.com/
Effective URL: https://wintermute.com/
Submission: On September 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 28 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is wintermute.com.
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time wintermute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 151.139.128.10 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.211.55 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:26d... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2600:1901:0:7... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
28 16
10    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
wintermute.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.186.211.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.211.186.35.bc.googleusercontent.com
collection.passfort.com
1    2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2600:9000:26db:c400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2606:4700::6812:1d78 (United States)

ASN13335 (CLOUDFLARENET, US)
api.coingecko.com
Apex Domain
Subdomains		 Transfer
10 wintermute.com
wintermute.com
730 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
www.linkedin.com — Cisco Umbrella Rank: 951
px4.ads.linkedin.com — Cisco Umbrella Rank: 7048
5 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 1095
97 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 9369
forms.hscollectedforms.net — Cisco Umbrella Rank: 9513
26 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1593
9 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
307 B
1 coingecko.com
api.coingecko.com — Cisco Umbrella Rank: 37377
1010 B
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 4798
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079
376 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 4608
20 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 4629
21 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 4897
1 KB
1 passfort.com
collection.passfort.com
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
87 KB
28 16
Domain Requested by
10 wintermute.com 1 redirects wintermute.com
3 px.ads.linkedin.com 3 redirects
2 sessions.bugsnag.com wintermute.com
2 snap.licdn.com wintermute.com
snap.licdn.com
2 region1.google-analytics.com www.googletagmanager.com
1 api.coingecko.com wintermute.com
1 track.hubspot.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 px4.ads.linkedin.com wintermute.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com wintermute.com
1 js.hs-scripts.com wintermute.com
1 collection.passfort.com wintermute.com
1 www.googletagmanager.com wintermute.com
28 19
Subject Issuer Validity Valid
wintermute.com
R3		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.passfort.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
api.coingecko.com
E1		 2023-08-02 -
2023-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wintermute.com/
Frame ID: 1B45CD6630A0F3565AF9EFFE8F8F69EF
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wintermute

Page URL History Show full URLs

  1. http://wintermute.com/ HTTP 301
    https://wintermute.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

28
Requests

96 %
HTTPS

82 %
IPv6

16
Domains

19
Subdomains

16
IPs

2
Countries

946 kB
Transfer

4017 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wintermute.com/ HTTP 301
    https://wintermute.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5057692%26time%3D1695271012791%26url%3Dhttps%253A%252F%252Fwintermute.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLltHMtjcBTeAAAAYq2Bsy8ijJLMFXPkcnXFIa2T6MgA4tpkiZweL7f8QlIIhJrfZWorIA

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wintermute.com/
Redirect Chain
  • http://wintermute.com/
  • https://wintermute.com/
72 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wintermute.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
8d05448b2615528c03d26c4d068adb12c2ba60e138eebf32fd966b5f9fd5fff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private max-age=20
Connection
keep-alive
Content-Encoding
gzip
Content-Length
23193
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 04:36:51 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Authorization
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-HW
1695271010.cds219.fr8.hn,1695271011.cds055.fr8.sc,1695271011.cds055.fr8.p
X-XSS-Protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 04:36:50 GMT
Location
https://wintermute.com/
X-HW
1695271010.cds275.fr8.h2,1695271010.cds327.fr8.c
bundle.css
wintermute.com/build/css/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wintermute.com/build/css/bundle.css
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
4db07a76a6ebfddf0c34300536c0b29daabb5d55ba210c6e939e9411c0cb9ea5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermute.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
Connection
keep-alive
Content-Length
10280
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Aug 2023 11:27:33 GMT
Server
Apache
ETag
"1692098853"
Vary
Authorization
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
X-HW
1695271011.cds219.fr8.hn,1695271011.cds232.fr8.sc,1695271012.cds232.fr8.pr
Cache-Control
max-age=20
Accept-Ranges
bytes
js
www.googletagmanager.com/gtag/ 		254 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-37QWEE4R8M
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54e2cf7a416f1de3322f128484dc6bdd247f0151b564b27ec192d79c316d942a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Sep 2023 04:36:51 GMT
line_marker@2x.png
wintermute.com/assets/images/ 		395 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/assets/images/line_marker@2x.png
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
b846be82efcefe00923d75c5c266606971b6cefddf57ca7491e073d482a1698f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
Connection
keep-alive
Content-Length
395
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Aug 2023 11:27:33 GMT
Server
Apache
ETag
"1692098853"
Vary
Authorization
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1695271012.cds219.fr8.hn,1695271012.cds278.fr8.sc,1695271012.cds278.fr8.pr
Cache-Control
max-age=20
Accept-Ranges
bytes
embed.js
collection.passfort.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collection.passfort.com/embed.js
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.211.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.211.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
de6dd7c96e5b81ca3fd768ad649456cbdc05ba41cddc92a7b5953231a9669203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1692796824
x-guploader-uploadid
ADPycdv8AZVCCP3ZGi5Foav-AcvzuWYEgNoFT6hQMdGTSsTck1WGClAuS-L_Augnm2vGYhmHP9wUJkjo7aSG-VHKVH-leQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 23 Aug 2023 13:32:07 GMT
server
nginx
etag
W/"1558ed0d76b274fa8f3e7e2ef80d49d8"
vary
Accept-Encoding
x-goog-generation
1692797527675462
content-type
application/javascript
x-goog-hash
crc32c=z3u4qQ==, md5=FVjtDXaydPqPPn4u+A1J2A==
x-goog-meta-mtime
2023-08-23T13:20:24Z
cache-control
public, max-age=3600
x-goog-stored-content-length
2031
expires
Thu, 21 Sep 2023 05:36:52 GMT
main.js
wintermute.com/build/js/ 		3 MB
680 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wintermute.com/build/js/main.js
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
d502b6922493e5fd32719149fa5c4edd94c68ef10d8c513d3739fc6a44b102d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermute.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
Connection
keep-alive
Content-Length
695273
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Aug 2023 11:27:33 GMT
Server
Apache
ETag
"1692098853"
Vary
Authorization
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1695271011.cds120.fr8.hc,1695271011.cds155.fr8.sc,1695271012.cds155.fr8.pr
Cache-Control
max-age=20
Accept-Ranges
bytes
4902551.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4902551.js
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539436b68cbcb8fbeebf4c1c368d05aea7b7a47d36933c8a819de8cb05ce815e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fb463675-dfa5-41b3-8e4e-5ed5e74e74f6
x-envoy-upstream-service-time
11
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fb463675-dfa5-41b3-8e4e-5ed5e74e74f6
last-modified
Wed, 20 Sep 2023 11:49:29 GMT
server
cloudflare
x-trace
2B9A617EE27936A5F78CF79F59D39123ADDCB2AB9F000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://wintermute.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-wtl6x
cf-ray
809f9c14ea561e14-FRA
expires
Thu, 21 Sep 2023 04:37:52 GMT
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: wintermute.com
URL: https://wintermute.com/build/css/bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Sep 2023 04:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 03:27:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Sep 2023 04:36:52 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-37QWEE4R8M&gtm=45je39i0&_p=1380078073&cid=1117143130.1695271012&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695271012&sct=1&seg=0&dl=https%3A%2F%2Fwintermute.com%2F&dt=Wintermute&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37QWEE4R8M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 04:36:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wintermute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:27:54 GMT
x-content-type-options
nosniff
age
554938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:27:54 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=66910
accept-ranges
bytes
content-length
3822
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=62851
accept-ranges
bytes
content-length
4862
4902551.js
js.hs-analytics.net/analytics/1695270900000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1695270900000/4902551.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4902551.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1de5a8a9d8f7cc324f08be5951e1352674cea98cfe5be1424c28fa552e4ba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
NT05W1YSS3GCK54D
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4f7129f7-9238-44ad-928d-f873f29b4bb5
x-envoy-upstream-service-time
46
x-amz-id-2
NrFUHnp7d8lXIvAIO+CyIeP9UoYcsi2lBgCKgekRI4QWE6NLE8Cg9rjVJ/KKFQGGZqhEHhoR65zpulxBWfvnsaAqenIkB/ob
x-evy-trace-listener
listener_https
x-request-id
4f7129f7-9238-44ad-928d-f873f29b4bb5
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 15 Sep 2023 17:59:23 GMT
server
cloudflare
etag
W/"c23df0ff83020fd34939bb3d229eb660"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-wrchw
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
809f9c16acd13654-FRA
expires
Thu, 21 Sep 2023 04:41:53 GMT
banner.js
js.hs-banner.com/v2/4902551/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/4902551/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4902551.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21177b3baa8ebea343c42e8b1a6e81cbcd098b082e1cb77c2aefce94d7c4ba51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:53 GMT
x-amz-version-id
po4vG09B5WIOqV7dAo7HNN44LXkrWcpL
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
9E24WE547FVEFE6S
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6b181027-58f6-429e-89bc-54cc70660acf
x-envoy-upstream-service-time
51
x-amz-id-2
OACHY1xG26lclkvHcY7ZLZ8oL7hyN1F4fcHi38joO0oy7NW0i85YqEp/VoiKVnhnh/v+Yw0qB6c=
x-evy-trace-listener
listener_https
x-request-id
6b181027-58f6-429e-89bc-54cc70660acf
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 05 Sep 2023 16:21:45 GMT
server
cloudflare
etag
W/"7d0ce7c681b2a4af8f222dbdeeeaf5ab"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://wintermute.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
809f9c16aab63a49-FRA
expires
Thu, 21 Sep 2023 04:41:53 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4902551.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wintermute.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:53 GMT
x-amz-version-id
EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
e14e03aa-7174-4be0-9eca-7778416148c4
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=809f9c169bde380f-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e14e03aa-7174-4be0-9eca-7778416148c4
last-modified
Wed, 09 Aug 2023 09:05:38 UTC
server
cloudflare
etag
W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-v9tfr
cf-ray
809f9c169bde380f-FRA
x-amz-cf-id
dtmNzb_JyTSu0GeeZ8UbpAGKHyNeI2UCV0NQ1bjHR_FlPw2LzS2bzQ==
x-hs-target-asset
collected-forms-embed-js/static-1.394/bundles/project.js
token
cdn.linkedin.oribi.io/partner/5057692/domain/wintermute.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/5057692/domain/wintermute.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:c400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://wintermute.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 03:37:25 GMT
content-encoding
gzip
via
1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
3567
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
9vsSZ67hium1iF3kAMpBQeqozVL6JqG65FCpy6seDIfL4X46TRY3vA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5057692%26time%3D1695271012791%26url%3Dhttps%253A%252F%252Fwintermute.com%252F%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLltHMtjcBTeAAAAYq2Bsy8ijJLMFXPkcnXFIa2T6MgA4...
0
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLltHMtjcBTeAAAAYq2Bsy8ijJLMFXPkcnXFIa2T6MgA4tpkiZweL7f8QlIIhJrfZWorIA
Requested by
Host: wintermute.com
URL: https://wintermute.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:53 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D4DFD576CF3C4919823A8CCA7472D9A0 Ref B: DUS30EDGE0817 Ref C: 2023-09-21T04:36:53Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYF1wqT+5Nn8W4RnBhDKw==

Redirect headers

date
Thu, 21 Sep 2023 04:36:53 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 548650AD30464425AD5A764FB7A2DFA4 Ref B: DUS30EDGE0705 Ref C: 2023-09-21T04:36:53Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5057692&time=1695271012791&url=https%3A%2F%2Fwintermute.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLltHMtjcBTeAAAAYq2Bsy8ijJLMFXPkcnXFIa2T6MgA4tpkiZweL7f8QlIIhJrfZWorIA
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYF1wqPqUD56drRwGjZFg==
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=4902551&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f329a42940e4e384ca80780c21314cbb7947698b7ffaafa94d746352d91f16d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://wintermute.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6def716a-71a4-4065-bf95-1af4cdf4f74e
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6def716a-71a4-4065-bf95-1af4cdf4f74e
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wintermute.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-6vqnb
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
809f9c17dd28380f-FRA
/
sessions.bugsnag.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://wintermute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 21 Sep 2023 04:36:54 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: wintermute.com
URL: https://wintermute.com/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://wintermute.com/
Bugsnag-Sent-At
2023-09-21T04:36:53.941Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
ebe90cb2f56ad4c2ae1f390742f10c70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 04:36:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
cell_glow_strong.png
wintermute.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/assets/images/cell_glow_strong.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
0be4eca9bc3f2fd9c1310bf724209bf27d6766e9a25362292e4fd8afce51bd0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermute.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
Connection
keep-alive
Content-Length
1668
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Aug 2023 11:27:33 GMT
Server
Apache
ETag
"1692098853"
Vary
Authorization
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1695271014.cds219.fr8.hn,1695271014.cds214.fr8.sc,1695271014.cds214.fr8.pr
Cache-Control
max-age=20
Accept-Ranges
bytes
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3298999280&v=1.1&a=4902551&rcu=http%3A%2F%2Fwintermute.com%2F&pu=https%3A%2F%2Fwintermute.com%2F&t=Wintermute&cts=1695271014084&vi=1851c8be80800e338ab5e5bae9077ca2&nc=true&u=179865467.1851c8be80800e338ab5e5bae9077ca2.1695271014080.1695271014080.1695271014080.1&b=179865467.1.1695271014080&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
f47deeab-c50d-4827-bb4c-6a22884f4935
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
f47deeab-c50d-4827-bb4c-6a22884f4935
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH0NA3GSBRgnJHKRdWfiudCXQjzlwQRmN9X8VLdG5VU4pTJBaOroNehgx1k6wgQJFYj4N7p73iO61FVX1S7r4Dc92JI8bAEtHcYP9LWlJMrOuR4fKxrQ06oXTGwHF5JrQDnx2VTV2hwfiTzzAPFG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-c4jbk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
809f9c1ecf205b9e-FRA
x-robots-tag
none
Logo_1-1.svg
wintermute.com/wp-content/uploads/2021/05/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/wp-content/uploads/2021/05/Logo_1-1.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
d7a51d54c4bb23226319ed498c81ad2c3d076c77457c36bc5795fe4acb3413bc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:54 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish, 1.1 vegur
Strict-Transport-Security
max-age=300
Last-Modified
Thu, 06 May 2021 09:10:20 GMT
Server
Apache
Age
0
ETag
W/"6093b27c-84a"
X-HW
1695271014.cds120.fr8.hc,1695271014.cds057.fr8.c
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1003
Bybit_logo.png
wintermute.com/wp-content/uploads/2023/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/wp-content/uploads/2023/05/Bybit_logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
ae65e219bac962db0b989db92a579475e5d11168cb1a58654dd30b8ffd8f827d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:54 GMT
Strict-Transport-Security
max-age=300
Via
1.1 varnish, 1.1 varnish, 1.1 vegur
Last-Modified
Fri, 19 May 2023 16:51:33 GMT
Server
Apache
Age
0
ETag
"6467a915-220e"
X-HW
1695271014.cds342.fr8.hc,1695271014.cds129.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8718
Logo_3-1.svg
wintermute.com/wp-content/uploads/2021/05/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/wp-content/uploads/2021/05/Logo_3-1.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
2fa0a8184d0d2308f937370b15c1b38614243b7801aebabd07de0992e2666715
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:54 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish, 1.1 vegur
Strict-Transport-Security
max-age=300
Last-Modified
Thu, 06 May 2021 09:10:38 GMT
Server
Apache
Age
0
ETag
W/"6093b28e-e45"
X-HW
1695271014.cds120.fr8.hc,1695271014.cds252.fr8.c
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1638
line_marker@2x.png
wintermute.com/assets/images/ 		395 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintermute.com/assets/images/line_marker@2x.png
Requested by
Host: wintermute.com
URL: https://wintermute.com/build/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
b846be82efcefe00923d75c5c266606971b6cefddf57ca7491e073d482a1698f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermute.com/
Origin
https://wintermute.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 04:36:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
Connection
keep-alive
Content-Length
395
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Aug 2023 11:27:33 GMT
Server
Apache
ETag
"1692098853"
X-Frame-Options
SAMEORIGIN
Vary
Authorization
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1695271014.cds120.fr8.hc,1695271014.cds278.fr8.c
Cache-Control
max-age=20
Accept-Ranges
bytes
price
api.coingecko.com/api/v3/simple/ 		195 B
1010 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.coingecko.com/api/v3/simple/price?vs_currencies=usd&ids=bitcoin,ethereum,dogecoin,dydx,optimism,aave,uniswap,arbitrum
Requested by
Host: wintermute.com
URL: https://wintermute.com/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388bc2ac36b0e42c768e4d7e4715397b45935e50f3b76d02fb03c8ce5bf2df16
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 04:36:54 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubdomains
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
content-encoding
br
alternate-protocol
443:npn-spdy/2
x-xss-protection
0
x-request-id
22c799ac-ccf3-4967-a53a-728abfd5ce43
x-runtime
0.005062
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"664fba3291f68bcb3a04922fa44bf621"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
link, per-page, total
cache-control
public, max-age=120
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
cf-ray
809f9c203e06bb8c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Thu, 21 Sep 2023 04:38:54 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-37QWEE4R8M&gtm=45je39i0&_p=1380078073&cid=1117143130.1695271012&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695271012&sct=1&seg=0&dl=https%3A%2F%2Fwintermute.com%2F&dt=Wintermute&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37QWEE4R8M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wintermute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 04:36:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wintermute.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| PassFortCollect string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| lazySizesConfig object| lazySizes object| gsapVersions function| setImmediate function| clearImmediate object| process object| _hsp boolean| _already_called_lintrk object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hspb_ran object| Main boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _gsap

15 Cookies

Domain/Path Name / Value
.wintermute.com/ Name: _ga
Value: GA1.1.1117143130.1695271012
.wintermute.com/ Name: _ga_37QWEE4R8M
Value: GS1.1.1695271012.1.0.1695271012.0.0.0
wintermute.com/ Name: ln_or
Value: eyI1MDU3NjkyIjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: 65f0cf47-35d7-4d4d-a4f7-ae42008873e2
.linkedin.com/ Name: bcookie
Value: "v=2&79d7e039-4a19-4ea3-85f1-7a4f2503afc1"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2597:u=1:x=1:i=1695271012:t=1695357412:v=2:sig=AQGjHuf9k1Z7V-fr53BBcdhYUkd9pljf"
.linkedin.com/ Name: UserMatchHistory
Value: AQIt1TYgz5kXuAAAAYq2Bss3P_tPpXRX1wtEWG0z4mGC7GXmiYNXE8VEk5lVZXjgeInax2BsruV49A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIIz1q8iPXQaQAAAYq2Bss3t3q875qWuu5LBmF2HQjK4hFLfkr2XaEdDj59GwtmyJJMcSLu_FcaxsMPd6DmBA
.www.linkedin.com/ Name: bscookie
Value: "v=1&202309210436533fa00e90-698e-4ced-8603-f2c4a5c8b319AQH6m6tvgMeIfGFUdWi_IiSe9HIMeklq"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTUyNzEwMTM7MjswMjFsiluD5iAzr7uGfE/laCYrlEKFfCSlPzAofruKoT0XuA==
wintermute.com/ Name: __hstc
Value: 179865467.1851c8be80800e338ab5e5bae9077ca2.1695271014080.1695271014080.1695271014080.1
wintermute.com/ Name: hubspotutk
Value: 1851c8be80800e338ab5e5bae9077ca2
wintermute.com/ Name: __hssrc
Value: 1
wintermute.com/ Name: __hssc
Value: 179865467.1.1695271014080
.hubspot.com/ Name: __cf_bm
Value: vInbjGCwlNnS6_gtzbf0iRmsUEbyifGv4WP6UqEASSg-1695271014-0-AcrUjQA3A6Vyu4RBwewt3ikB/xSwckfoOLuj2Ws7gMX/JOFxgAuvEF4wxZJR1l1gyri0ICHMTaxvTPeCqbkKImM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.coingecko.com
cdn.linkedin.oribi.io
collection.passfort.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sessions.bugsnag.com
snap.licdn.com
track.hubspot.com
wintermute.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
151.139.128.10
2001:4860:4802:34::36
2600:1901:0:7a0b::
2600:9000:26db:c400:2:53b2:240:93a1
2606:4700:4400::6812:22e5
2606:4700::6810:50ba
2606:4700::6810:bd59
2606:4700::6811:579a
2606:4700::6812:1d78
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:829::2003
2a02:26f0:480:f::213:7ec6
35.186.211.55
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0be4eca9bc3f2fd9c1310bf724209bf27d6766e9a25362292e4fd8afce51bd0a
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
21177b3baa8ebea343c42e8b1a6e81cbcd098b082e1cb77c2aefce94d7c4ba51
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2fa0a8184d0d2308f937370b15c1b38614243b7801aebabd07de0992e2666715
388bc2ac36b0e42c768e4d7e4715397b45935e50f3b76d02fb03c8ce5bf2df16
4db07a76a6ebfddf0c34300536c0b29daabb5d55ba210c6e939e9411c0cb9ea5
539436b68cbcb8fbeebf4c1c368d05aea7b7a47d36933c8a819de8cb05ce815e
54e2cf7a416f1de3322f128484dc6bdd247f0151b564b27ec192d79c316d942a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8d05448b2615528c03d26c4d068adb12c2ba60e138eebf32fd966b5f9fd5fff8
ae65e219bac962db0b989db92a579475e5d11168cb1a58654dd30b8ffd8f827d
b846be82efcefe00923d75c5c266606971b6cefddf57ca7491e073d482a1698f
d502b6922493e5fd32719149fa5c4edd94c68ef10d8c513d3739fc6a44b102d0
d7a51d54c4bb23226319ed498c81ad2c3d076c77457c36bc5795fe4acb3413bc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd1de5a8a9d8f7cc324f08be5951e1352674cea98cfe5be1424c28fa552e4ba0
de6dd7c96e5b81ca3fd768ad649456cbdc05ba41cddc92a7b5953231a9669203
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f329a42940e4e384ca80780c21314cbb7947698b7ffaafa94d746352d91f16d2
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25