urlscan.io logo urlscan.io
SecurityTrails logo

butteredholdings.com Open in urlscan Pro
13.41.153.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blabla-poc.theloyaltyco.app/
Effective URL: https://butteredholdings.com/
Submission: On April 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 31 HTTP transactions. The main IP is 13.41.153.149, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is butteredholdings.com.
TLS certificate: Issued by R3 on April 16th 2024. Valid for: 3 months.
This is the only time butteredholdings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
22 13.41.153.149 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.159.138.60 13335 (CLOUDFLAR...)
1 172.217.16.132 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 7
1    2606:4700:20::681a:c5 (United States)

ASN13335 (CLOUDFLARENET, US)
blabla-poc.theloyaltyco.app
22    13.41.153.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: tlc2.sh-ec2-host.net
butteredholdings.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f132.1e100.net
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
22 butteredholdings.com
butteredholdings.com
1 MB
2 gstatic.com
fonts.gstatic.com
95 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
166 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2026
1 theloyaltyco.app
blabla-poc.theloyaltyco.app
453 B
31 7
Domain Requested by
22 butteredholdings.com butteredholdings.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com butteredholdings.com
2 cdnjs.cloudflare.com butteredholdings.com
cdnjs.cloudflare.com
1 www.google.com butteredholdings.com
1 player.vimeo.com butteredholdings.com
1 blabla-poc.theloyaltyco.app 1 redirects
31 7

This site contains no links.

Subject Issuer Validity Valid
butteredholdings.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
player.vimeo.com
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://butteredholdings.com/
Frame ID: A8FA44537A1E9FAC78FE7E0299A31F2F
Requests: 29 HTTP requests in this frame

Frame: https://player.vimeo.com/video/691707986?h=2517accf38&dnt=1&app_id=122963
Frame ID: BF6B8D4DC5552A782F9BD680704F0A42
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d7219.557220052434!2d55.272635295664806!3d25.210687517722402!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3e5f428f0d45e889%3A0x5c0e0c234547d18!2sTrade%20Centre%20-%20DIFC%20-%20Dubai%20-%20United%20Arab%20Emirates!5e0!3m2!1sen!2sin!4v1686811318149!5m2!1sen!2sin
Frame ID: 977C52E3842E3895A7E605CBFCA60B29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

home - butteredholdings

Page URL History Show full URLs

  1. https://blabla-poc.theloyaltyco.app/ HTTP 301
    https://butteredholdings.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

1466 kB
Transfer

1637 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blabla-poc.theloyaltyco.app/ HTTP 301
    https://butteredholdings.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
butteredholdings.com/
Redirect Chain
  • https://blabla-poc.theloyaltyco.app/
  • https://butteredholdings.com/
38 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
a8dd4bec60f32e33a95e1fe8801363ffe079f81fdbc5c6fed0149b3d4f49a722

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Apr 2024 09:34:20 GMT
Keep-Alive
timeout=5
Link
<https://butteredholdings.com/wp-json/>; rel="https://api.w.org/", <https://butteredholdings.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://butteredholdings.com/>; rel=shortlink
Server
Apache
Transfer-Encoding
chunked

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
875b6b304bf41c19-FRA
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 09:34:20 GMT
location
https://butteredholdings.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCrrQXekfLlAjzIiT8lkuOPFDBIB8pwmU11MHKhrEvoNS777L%2FBPw0Z5vJ1tx94kmGWflsnQccKGVo2gby1FwjMWe2A8V%2FWa1UrTjdhykr5v2GIZjlaHDPXnkTQuEP7a4RglITe7eDjYc4mIXG8Me8AsyN41MUc0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 09:34:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
121722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6QS2%2FE%2FaP6Kk4C%2Bdzhc2s7nTof1%2BNCTTe1qKWBb6BjWZMIVVL7bVe7XLSOMSjxjbgpi1LF5MG%2BSP%2FjDbgGM78Qmj7zMoFtmwPKkMlAA7Odz2mx6FUhn86fwgNyzdF0Qh3UqsuUO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875b6b32997c37fb-FRA
expires
Mon, 07 Apr 2025 09:34:20 GMT
bootstrap.min.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		141 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/bootstrap.min.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 13:27:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
144877
owl.carousel.min.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/owl.carousel.min.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 14:05:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3351
owl.theme.default.min.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		1013 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/owl.theme.default.min.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 14:05:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1013
custom.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/custom.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
85b5a86e6246655d9d10c8378fd61e6060d2e3eb1db1d430d480590666174284

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Thu, 15 Jun 2023 06:55:33 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
11001
responsive.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/responsive.css
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://butteredholdings.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5
Expires
Wed, 11 Jan 1984 05:00:00 GMT
style.min.css
butteredholdings.com/wp-includes/css/dist/block-library/ 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 02 Apr 2024 23:47:39 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
113381
style.css
butteredholdings.com/wp-content/themes/butteredholdings/ 		52 B
283 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/style.css?ver=6.5.2
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
3e68c186bdabe66063a688b46dd6ac868e15af49bbbe2b8fc2baceb9ca8dba47

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 13 Jun 2023 11:09:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
52
js_composer.min.css
butteredholdings.com/wp-content/plugins/js_composer/assets/css/ 		452 KB
452 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Thu, 13 Oct 2022 18:27:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
462565
logo.png
butteredholdings.com/wp-content/uploads/2023/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butteredholdings.com/wp-content/uploads/2023/06/logo.png
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
464a6389b5f57cc9c23d8f66db258d7c3f1c98ebbfe45e85073db861c041f30a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 13 Jun 2023 12:41:17 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
9910
banner-logo.png
butteredholdings.com/wp-content/uploads/2023/06/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butteredholdings.com/wp-content/uploads/2023/06/banner-logo.png
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
763ae97f51dcfc8da23b6e4aff7ed8ba5263f453397d11d5656dd66c78d81cbe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 13 Jun 2023 12:47:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
62668
qtq_57.webp
butteredholdings.com/wp-content/uploads/2023/06/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butteredholdings.com/wp-content/uploads/2023/06/qtq_57.webp
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
ad65879c415210d054e7071111f545fa9b824922cd146ebf8a3e2c0f191f331b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 13 Jun 2023 13:30:57 GMT
Server
Apache
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
64478
jquery-3.2.1.slim.min.js
butteredholdings.com/wp-content/themes/butteredholdings/assets/js/ 		68 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/js/jquery-3.2.1.slim.min.js
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 13:27:44 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
69597
popper.min.js
butteredholdings.com/wp-content/themes/butteredholdings/assets/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/js/popper.min.js
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 13:28:16 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
19188
bootstrap.min.js
butteredholdings.com/wp-content/themes/butteredholdings/assets/js/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/js/bootstrap.min.js
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 13:28:42 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
48944
owl.carousel.min.js
butteredholdings.com/wp-content/themes/butteredholdings/assets/js/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/js/owl.carousel.min.js
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 26 Jan 2021 14:05:20 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
44342
responsive-embeds.js
butteredholdings.com/wp-content/themes/butteredholdings/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/js/responsive-embeds.js?ver=6.5.2
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Thu, 17 Dec 2020 14:57:08 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1127
jquery.min.js
butteredholdings.com/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Wed, 08 Nov 2023 00:29:57 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
87553
js_composer_front.min.js
butteredholdings.com/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Thu, 13 Oct 2022 18:27:52 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
20050
css2
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99d1eeea1f044ed76be5d7d98ce42275bcdd6f5f3058e431b39c38177212d023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 09:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 08:36:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 09:34:20 GMT
css2
fonts.googleapis.com/ 		68 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 09:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 09:20:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 09:34:20 GMT
print.css
butteredholdings.com/wp-content/themes/butteredholdings/assets/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/print.css?ver=6.5.2
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Wed, 18 Jan 2023 14:52:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2897
691707986
player.vimeo.com/video/ Frame BF6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/691707986?h=2517accf38&dnt=1&app_id=122963
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://butteredholdings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
875b6b341acf3aa2-FRA
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Apr 2024 09:34:21 GMT
Server
cloudflare
Transfer-Encoding
chunked
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-88fc95646-cw7b7
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-88fc95646-cw7b7
x-player-backend
g
x-served-by
cache-fra-eddf8230115-FRA
x-timer
S1713346461.825538,VS0,VE424
x-xss-protection
1; mode=block
11794142-1572-4c08-867c-35c6a3ac48ed
https://butteredholdings.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://butteredholdings.com/11794142-1572-4c08-867c-35c6a3ac48ed
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
embed
www.google.com/maps/ Frame 977C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d7219.557220052434!2d55.272635295664806!3d25.210687517722402!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3e5f428f0d45e889%3A0x5c0e0c234547d18!2sTrade%20Centre%20-%20DIFC%20-%20Dubai%20-%20United%20Arab%20Emirates!5e0!3m2!1sen!2sin!4v1686811318149!5m2!1sen!2sin
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Xg21-BTcIq8ImRO52up37w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://butteredholdings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1010
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Xg21-BTcIq8ImRO52up37w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 09:34:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://butteredholdings.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:42:03 GMT
x-content-type-options
nosniff
age
341537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:42:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://butteredholdings.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
384504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 22:45:56 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://butteredholdings.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 09:34:20 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
118696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150124
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-24a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poq9wBW7QxEIN4VG%2BTNRWMiFQlIia9FTqnAhuf9BKi1Z8wfgWg346EenRVouZrkD5kBFmLhWHlsojZaEfmGGOB9Pm1SAEAfN%2FXkC%2BwcdA%2BoF3F%2BYx3zNTl7DWfAEZiYdJrsoO30H"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875b6b3419011997-FRA
expires
Mon, 07 Apr 2025 09:34:20 GMT
wp-emoji-release.min.js
butteredholdings.com/wp-includes/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: butteredholdings.com
URL: https://butteredholdings.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:20 GMT
Last-Modified
Tue, 02 Apr 2024 23:47:39 GMT
Server
Apache
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
18726
rsw_16h_16m.webp
butteredholdings.com/wp-content/uploads/2023/06/ 		382 B
616 B 		Other
General
Check archive.org
Download Go to
Full URL
https://butteredholdings.com/wp-content/uploads/2023/06/rsw_16h_16m.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.153.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
tlc2.sh-ec2-host.net
Software
Apache /
Resource Hash
fd6997c2967a4da4fbec8e6cd813a3bd4f4194feff2533f110f40ccf85356007

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://butteredholdings.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 09:34:21 GMT
Last-Modified
Wed, 14 Jun 2023 04:58:46 GMT
Server
Apache
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
382

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| $ function| jQuery function| Popper object| bootstrap function| twentytwentyoneResponsiveEmbeds function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| twemoji object| wp

3 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: _cfuvid
Value: jrCdS12ofMcdpKWSdvQwLExcBwbdeAi3B.lEWpTG1iI-1713346461252-0.0.1.1-604800000
.vimeo.com/ Name: __cf_bm
Value: BB8seaHy4BpSXWg_M3uzNFda0wvffrpS9s2kkimD_s0-1713346461-1.0.1.1-8sk7ZhppG1pmDN1VS9eT7YntRZ3xNZOh7UQ060PHYGu3YfGwGLD3V8rQIczDSQtLwFsV__MGoIyC2aD28rrNjQ
.vimeo.com/ Name: cf_clearance
Value: d46CYT8jzWMOcZe0U7Q3tb_ZH.bmZcvwBX7bxOPvzZA-1713346461-1.0.1.1-aQvQ1wptKVZtTpeUe1mPcxfpCxkLmzxiVf0fWmMZureBAPVc4drDcI1tti7A6TNiOurCAOtuTyBsYqGHo0MuVg

12 Console Messages

Source Level URL
Text
network error URL: https://butteredholdings.com/wp-content/themes/butteredholdings/assets/css/responsive.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://butteredholdings.com/(Line 158)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://butteredholdings.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blabla-poc.theloyaltyco.app
butteredholdings.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
player.vimeo.com
www.google.com
104.17.25.14
13.41.153.149
162.159.138.60
172.217.16.132
2606:4700:20::681a:c5
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e68c186bdabe66063a688b46dd6ac868e15af49bbbe2b8fc2baceb9ca8dba47
464a6389b5f57cc9c23d8f66db258d7c3f1c98ebbfe45e85073db861c041f30a
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
763ae97f51dcfc8da23b6e4aff7ed8ba5263f453397d11d5656dd66c78d81cbe
85b5a86e6246655d9d10c8378fd61e6060d2e3eb1db1d430d480590666174284
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99d1eeea1f044ed76be5d7d98ce42275bcdd6f5f3058e431b39c38177212d023
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a8dd4bec60f32e33a95e1fe8801363ffe079f81fdbc5c6fed0149b3d4f49a722
ad65879c415210d054e7071111f545fa9b824922cd146ebf8a3e2c0f191f331b
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
fd6997c2967a4da4fbec8e6cd813a3bd4f4194feff2533f110f40ccf85356007