urlscan.io logo urlscan.io
SecurityTrails logo

wellspring-investment.ltd Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://wellspring-investment.ltd/
Submission: On October 25 via api from TR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 136 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wellspring-investment.ltd.
This is the only time wellspring-investment.ltd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

57    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
wellspring-investment.ltd
capital-traders.ltd
buxlainvestment.com
10    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
12    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2606:4700:3030::6815:48ee (United States)

ASN13335 (CLOUDFLARENET, US)
www.muladev.online
muladev.online
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
27    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
49 wellspring-investment.ltd
wellspring-investment.ltd
2 MB
27 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8818
va.tawk.to — Cisco Umbrella Rank: 8452
221 KB
17 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
translate.googleapis.com — Cisco Umbrella Rank: 866
jnn-pa.googleapis.com — Cisco Umbrella Rank: 276
124 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
311 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
756 KB
7 buxlainvestment.com
buxlainvestment.com
139 KB
4 muladev.online
www.muladev.online
muladev.online
9 KB
4 google.com
translate.google.com — Cisco Umbrella Rank: 1255
www.google.com — Cisco Umbrella Rank: 2
41 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 323
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
39 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 113
18 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
4 KB
1 capital-traders.ltd
capital-traders.ltd
719 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
33 KB
136 14
Domain Requested by
49 wellspring-investment.ltd wellspring-investment.ltd
22 embed.tawk.to muladev.online
embed.tawk.to
12 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 fonts.googleapis.com wellspring-investment.ltd
buxlainvestment.com
8 www.youtube.com wellspring-investment.ltd
www.youtube.com
7 buxlainvestment.com www.muladev.online
buxlainvestment.com
5 va.tawk.to embed.tawk.to
4 jnn-pa.googleapis.com www.youtube.com
3 translate.googleapis.com translate.googleapis.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com wellspring-investment.ltd
www.youtube.com
2 www.gstatic.com translate.googleapis.com
wellspring-investment.ltd
2 muladev.online wellspring-investment.ltd
muladev.online
2 www.muladev.online wellspring-investment.ltd
www.muladev.online
2 translate.google.com 1 redirects wellspring-investment.ltd
1 cdn.jsdelivr.net embed.tawk.to
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 capital-traders.ltd wellspring-investment.ltd
1 code.jquery.com wellspring-investment.ltd
136 21

This site contains links to these domains. Also see Links.

Domain
beta.companieshouse.gov.uk
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-09 -
2023-10-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.buxlainvestment.com
E1		 2022-09-24 -
2022-12-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://wellspring-investment.ltd/
Frame ID: C21C486E8AC4038C48CE1C861580CF9E
Requests: 71 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Frame ID: ACD87D031F27D07DEAD97D78A429BCA8
Requests: 18 HTTP requests in this frame

Frame: https://www.muladev.online/worldfinance/deposit.php
Frame ID: DEEF9152CD01E18AF7471660D879A788
Requests: 15 HTTP requests in this frame

Frame: https://muladev.online/wellspring.html
Frame ID: CBCC3B7DC5B27EC61000CEF903F790A4
Requests: 22 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7B4DBD1C38F0803919E51BDCEA5538A5
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 7D562BF58A8F53DC4FF62BE1676E28A7
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Frame ID: 0D5330BB44C9E13211C298AE3D72C9C0
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/message-preview.css
Frame ID: 3A77C223D8438C606E420BFD2BDB7962
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/min-widget.css
Frame ID: C4AA15E6ECA0C46688ECA15A1B74EAC4
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63258f417d7/css/max-widget.css
Frame ID: 8673213060AF27B1D8F550F248C72C44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wellspring Investment

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

136
Requests

63 %
HTTPS

100 %
IPv6

14
Domains

21
Subdomains

19
IPs

3
Countries

3622 kB
Transfer

7586 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 90
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wellspring-investment.ltd/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490ffbf5a2a3e344ffc7bbdb9f11179721738d25b2d96fd43494223171871fa1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
75fba1b17caab83d-AMS
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Oct 2022 14:27:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuGTbgA5aWAfauCKY5Uz%2FSbXG3ikMemwJzP2JkAV5AF3514Xe4jg7i6g5Q9ErT5bduAFokiH%2BKBQL%2F0iVA%2B3g%2FfIzqyJeW5ZC63yrqs4QEDBRza4micn6LZ1Nf38DnG8VayYxf9lDrO4aYmxFRW2zI5P6Ofq%2BOUF"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
wellspring-investment.ltd/hustydesigns/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/style.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004f72bbf4ca0a427ff8ee91897c33c981a5b92a7b657d9730fd81f603dc8cac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 06:46:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc42T5EIvaY8%2F36lZWkkSpv3fZzFWZfI7sgpd5%2FBzwhCxQ2%2BQnA7RyLtBh6SvXsar6f44mKEggXjkldViCkhn%2BdDd3xW%2BtPLz0KTZl%2BRE95scjEJp%2BBSXW%2BnLTpEf1W9C7slZN1ons9owHGdB3rTrZ%2B2ku4FbFDe"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1b62c9bb790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hd_animate.css
wellspring-investment.ltd/hustydesigns/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/hd_animate.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68cb22b34799d24e6526232d7aab4eeee4f815c544cb047fad6a6ade96c51fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfqK%2BsoFvcpoPs%2FrvUupjO5H3EKbP0zI2ns%2FDlsdnbLve1V%2BNwh6KjwLLCGDy%2F0M%2FWsPRFYIKsW1wS%2BZNGqywrU2R7czy8wM%2B6MeaDWn5LANrbV40VO8WcniPLqYCaeHwT69AEjQXMPH2iC5fgJjdkrhOBdBnVQ5"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1b62a0db8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hd_animate.js
wellspring-investment.ltd/hustydesigns/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/hd_animate.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86a8130565079071f13bda6aea29a6a6868c37a1bba1a14015b91f1bc653b75

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idPDpWVvxGpPkHr78KPOcy59kgIVwwYzX%2FqTQgbMxjZc8EtxTqIvFIgS36Is0lOm8%2Fmbrggfen5KaMmZjceXmOPqmAizpGG7JA28HzlrpNqQs2cwDZXNSTvvf5zhXst3p6FjTM9oJW1iugC2MpZsh4j0r72E4Mgb"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1b62b74b82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
wellspring-investment.ltd/jquery/2.2.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/jquery/2.2.2/jquery.min.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4h6gmptbIFW9xHbV2tW76Jbv%2FIphZQWxknKApjTkVMBsvLRcM1EUPkogVad95VIFmWOtGyt1oVCp9nt5I2G1DXj8m8hxowoagc%2B7fnxlu3FkPSa00mHjNXBXS8xTlwo9E%2BaEmii8PfBCaCTtld30wJzN76fdocs"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1b62863b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
wellspring-investment.ltd/font-awesome/4.6.1/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/font-awesome/4.6.1/css/font-awesome.min.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e6d32956b1b5220bb7e98693eeea116e54bacc54866b6151e51a50487b2d6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U309JVLcx14xGWOarJuggWDw1boepyjHYNX6o%2BtSrg6lNFWMHd5Wp46xVwsEDy38ww5tLL3kkCKTWleW5gi35xgBmMcBo83C%2Bk4i7jxfpHSiYJpZoyKnUzdWamAJKwNyIKNkO48rND%2BagPUJc3daOwSvRj5Uzle7"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1b628deb986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 14:27:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
css
fonts.googleapis.com/ 		8 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 13:55:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
235daf842c0895344d56927dff2613ac68ce15d37a9691dbfc7920809fd5ecc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 14:27:13 GMT
X-Content-Type-Options
nosniff
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
log.png
wellspring-investment.ltd/hustydesigns/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/log.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e93e1095719e1c5217bb7da3603ba13d056ee108a8e4389805466bfe3d8858

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcoSkTTLEAq3Yjq0vcdCKNb6oi9N2VnuRqe81J3GkMe2svOXDFlvjXoytckQveVq4mIZ026TObl1wYDETaNfN1l5d5DeP9jI3ViV7FFIfJjJys4ulsoWJazGQvbtsTaWLNI0rhZ%2BHsBwlZRP%2Bh3nVV4CfU64m8NQ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1bdea77b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1064
logo.png
wellspring-investment.ltd/hustydesigns/graphics/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/logo.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36ff336f2dc276c4507e56d8f051a991d83e9913ae7e60b80cf5e1d2f919bd9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 07:09:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74s5%2Bn1eJVY9mh6EavFw6CUnxkh9brCTC548hGsV86rvWE%2B9jQZZv6DVej%2FSt8byBDQNc3gdD9zSz5GurIAHvK61l089yYG8Okf9VH6qFgOiOH5vXO4qfLPdupHG6IBblvb07Ib6sZ7qoZjneOjm600VOZL7dtmo"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1bdef04b82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8812
reveal.css
wellspring-investment.ltd/hustydesigns/popup/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/popup/reveal.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a8238cb2e33932cf8df60aa973d9fb648ed9df70fb8da931fa736b1da2c373

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwIOFX1EjaEG%2FJT%2BX93oiH1dKGv37F6PAoMc%2BAbKbv%2BmGWExRZPvJsK%2B%2BgVYhPQjUVGJPZ78loufJNrU4RRD7Ea%2Fa3nCL6iUdmMzEQHm2NUy%2B%2Bzn9X%2BJ3EeUvnr3prHvOmZeqV7Ajv43BOzlwvoXfTHXGVXacUbQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1badcc3b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.7.min.js
code.jquery.com/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.min.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-16f44"
vary
Accept-Encoding
x-hw
1666708033.dop117.am5.t,1666708033.cds306.am5.hn,1666708033.cds292.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33254
jquery.reveal.js
wellspring-investment.ltd/hustydesigns/popup/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/popup/jquery.reveal.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b33aca37588f3e7ef9464b80c65c3fdc593bd9c1b38f6eae8c8506a1e644321

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY8t0i1JoLq2YdFHlSN5XB%2FzTbpxG7XOC%2BhyoTPCgv%2F9KoBFZ5cYgALLMmMcF16LpG1NsZuGqhHXWNmHGAQzyFZplhnT3G3r8aGAUxGaYchXKKprAmlk6BBtynWu1QmF1kxlqTWaTTV1%2FR0HLUO0jb4OF%2BF5TmaB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bb9857b8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
html5.js
wellspring-investment.ltd/calc/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/js/html5.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86fbfe313672eea1721475598ca81e520c6d1f788ec4ef7726c7af3cd987e560

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIqeSjxPKyp2EH4FbVc3TXsAoASQmaVWdnTJWJdPi%2Fgz2nMzSkxGl9BHjbQih7EBtKm35nzCJaCcjlWF77ScPXOIqNasqrY1SLEtJekz4lgwNFOVhxlGAXVmD7nttc%2FabdXzQKOrfviqV6psyBzNdO3MvToqT%2BKD"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bbabeeb82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scripts.js
wellspring-investment.ltd/calc/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/js/scripts.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b25ae8925aecee7f1c3494dd73ab7f9ec62b3f71c11548e089c3508d0bc2fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 09 Aug 2020 07:23:41 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydh0YxWGT0LIKC6RCYptyWrs05DEJ%2F6XqQmMuaCCnuP3xzSv2IfutrEtYnRNlq6zivzTk9fub3dmSmTGtgys6vxZzC0hKeKbf%2BJrMxGNpnnqgFA%2B02He%2FXk8h3YHaJt2ILGwsnCQBCy5ukaFx5%2Fv1TMtiXBLxW36"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bbadd6b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.min.js
wellspring-investment.ltd/calc/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/js/jquery.bxslider.min.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD%2F3p8jWLa6t3V%2FtqoAZ%2B8Z5owl5N9ZnHiXoxhBmpFCGbRv49GUPNC9rTTy13CDRTxITcmkmihGrqAlkCAg8%2BIP8WN%2F1nvr6eHjti9S4k0b9S4WBmsRf%2FlTxZOz9rKdnWMr1SQfDvCQGJ%2F%2BZ%2F3jSVjiyLuwxuvrp"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bba828b790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ui.js
wellspring-investment.ltd/calc/js/ 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/js/jquery-ui.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc6666eac1ed163f3933de764fabf80eb7d218aed8ce1fb471567c18b03a262

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRRINjKQzSE7hTPKL0qdUcIzRXmNN1jOmOaoKg6GtuIATci6gPVdUSTYEu5AJMR0NhgDJ%2FKliWdB%2FFD4HZ6M0Gp0yz1PkjxPVX0EM20XF38jLrmKZ%2FDCHt5n7h1vMsVPnqquxNmxoeU2PmBmrzFZEBXPA5cwdGoH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bbac10b83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.fancybox.js
wellspring-investment.ltd/calc/source/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/source/jquery.fancybox.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpH8H7FiH1o9M4qWY2cp3nBMkTa5C77wkxrVHnD8EaAO7PyqlXHqprvnvtpGuw3Nysuk5MQ%2FseMGLmwX7ZVTrNoyu4z3mvb31MFYH9BQt%2Bq8ncE9%2F2feT9338zFxrOLP6Tc19kivuj9zjS5wb7oZXA%2FBWzA53xiq"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1bdfe39b8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.fancybox-media.js
wellspring-investment.ltd/calc/source/helpers/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/source/helpers/jquery.fancybox-media.js
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdsNH%2FFbkdby5feuYbqkCKKGFHK0nYVNpDADvkCM6R5e5a0WRhF0Tpm63rkis3CHwE97g%2F3raKq6Zd466j7NOSPHc%2FtrsBg3aBKXPNazI%2BHZiojZqlJGD9yn5Fom2JW42vVUU9xCgnA%2BZ0qaO09i%2BZ4Tccp%2Fgpay"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1beddafb790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
calc.css
wellspring-investment.ltd/calc/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/css/calc.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e17cbcab6ba215c9ea3aeb543e3a0bce2895767bd363adbb9212b87e9d3be9c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Bm7kFTr7kPDwT6gZMrRrRx14GdNhSISWUSqqd2mW15ZXY6a7dOvvIEmL79UmJZGF8%2Fb1Q4oD10Sea64HngDF10%2Fs8Kwfd12oJb1%2FeznOTc%2BIgb5D0qgeOlE7Ft3B4Gv95trYOFrh%2FGOXvXUFGIW1JgeJQ5MovWk"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c00eccb986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.css
wellspring-investment.ltd/calc/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/css/jquery.bxslider.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5751e4359c5f866c293540ad63e5f2b0505d637bdd567ad4d02c6564995acefe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFYiRmB3JdMzaq1CPGLlKzvyG2%2Fcty%2Fuf5chLljhAJBENBglbTXp5dTWyMt2cclFEgzm7VuSiOZGUJxP8BEwighznZ%2F39YiacPjnoPYfZ2dG9ek4lplCuuBDzH1eeS5ABkiYPVwO3ahRKNNxGqYhpTdGEmwFD7R1"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c04b36b82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ui.min.css
wellspring-investment.ltd/calc/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/css/jquery-ui.min.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a303dbfd719b1ba0dc6fcd7baf5fcb8fc9e65f036259b5b71e0cc6528741b1c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0sP6tgeUnHwlHbUw1f4AX1lsB3CRXCizP%2FqI%2FAoPSlx0x0gQemI3dgdERGWe%2BoukBQ5SuqjaJYrN%2F%2BXDk8v9wjrqedSwxRVvQP2COeo0D%2FnLYnnwev2m%2BDpyBKij2ToGLrly%2FCJc8wegcq9thZY7g1VBG6q00EK"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c05b0eb83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.css
wellspring-investment.ltd/calc/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/css/main.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49ee60a4685053dc50281db95d6303fa46f469b560a9f6e351dbb9e2ef7a39c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPXJ1sdCf88KdgFWJ%2FSQg02rLvosUrUzLC7DuNcdjshyWweymD6lla3%2BN86RjPQhyFvIrb4Z%2B79sVsPetD8R%2F%2BwYg6yS4Cma%2FFv6FXy3ByIrze%2BkMlPrx80N6v5ooTBykGzEomCfkbBNFplp3%2F9T1cgsmijiBcXM"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c1194cb790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
modal.css
wellspring-investment.ltd/calc/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/css/modal.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64c323908cc4868749112c9072cafa1e5c3f2d5ee991551515cfb57ad5fb022

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENl8FTnxWzUZD5gkzMeFxdPdt%2B2heAEPpUc8kGEllt4p8saCCGydCVIynpTi02PyfKgojOM7IBUz8gQ%2FKHBzlY8lCU4eFg%2FERrqnU8rKb3Vb2rFBhuv6DOdaHJ5bLv0ZnUaH%2F2wwC54Ick%2Bs6R0m1YzcPCkeHW2o"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c20950b8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.fancybox.css
wellspring-investment.ltd/calc/source/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/calc/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxSYEEwIZVqlHCYr8wPBPQCIZO1BFWbsPJMzsZKtZ9FmM371%2BzdDFg6dk6Y%2BzpwGxpCd9tToFVgh%2BizHs9dAN0XM2i5I1rrSEuhORrjFD18aD5lYG1uATcqs%2FrWZrXiSy5nXIiwO%2BEn3of%2BI95%2BmPeyfxCwfPsFy"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c23bf2b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/sIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b6d245ecfcf5dba8b32b1cc45ce8a883a35363fc586208f37debf99656daa8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QnnOJOFv7uyXjmkBYHC2cQ1kR2bwADddo66MOADocCJUPvcPt7qp3E7l8s8ghkJv4UL0Wm%2BlgcaUjjLwq6RUuDr%2FSnxkl2uwD0GjlFDoW3GWAp4GZcUCTyS5Zm0eb3%2FFXLAZO79di368H85WQ%2BFipJBG6TVWXKf"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c2aeeab83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8016
sIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/sIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9368b75b8b38eba9366cf5f81e65237de7d55d37f01745aff0048d86b7f9d78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU0bWiRqZhSS%2BqOf9nhmbS1VG3vOTWoWWzM%2FmIh90AVq5QdZm3nOGMwdbswLguxDfl5E6S%2FGPcpHO1sKHMlroI4UGmlAvEeXyNVqMjOaKd5mhO0s5nqtFgENXCXHcpBGytZVOvZ8%2FLqIYtPTF6pBZ2vl8GLUQWvg"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c2bf04b82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5861
sIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/sIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db20a61599446e107d9048cc4f70d648f129bd3ae839db885fd2b388569272e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qddj8PBZ6Kus58K3j2mSDXOJzZakCuulZ2ZhXEScw7H95gFDmIy6donCQjG%2Fh0Amy6uyKSJ4wRTOTVIDw22z3QQB07mRkg2pYbpV8f23jBppBwHnEUm4b2vq5JSoIvc6bC2o4fFETNHHLdEsyL0h1ZJWANXfnJkO"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c36cd9b790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5860
sIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/sIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313481039e7ac3e20f32662dbbaec9d6ddde196967cfdaffe50c8a317188a8eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3rbjcxNJeSMjLHVehKVZSPeEfSoQjpQN%2Bh2oQHivzq2TaxA8igbkQGb0rqZbwMHg9ArVfQiOPEm4o2eeylnEEIaXg4CD6tOVtYCAp8y25ouw5dL%2B%2BpkLxRlPzfYFMFDT%2F9iCAdn0O493foXDNDSohBQc7ug48SR"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c4482fb986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5278
calculator.png
wellspring-investment.ltd/hustydesigns/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/calculator.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b442bcbe1153f8856ed52732909da7dc281d5aee07e52f2d54b7f33ad24bd815

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riXEjfPqaVj1fkIxHcmnWL7MvkyKGV%2BklXcYv1yx0I%2Fv4TBhseAJUAtpgoFQl9w4shnDRPDJxVkrK9e6aZuKPMUMvgVy7CClLf7rGsa17MLPM20xTMMgTC9Uc5vl6s7X9KgVACHKVDevKdxaSxGb%2ByAhLfFoHylR"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c46f5ab8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1520
bIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b37ce57f1500ffe9fd4ab878134a3dbecaf2046adf4bea9631fdc3f45232f20d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9US84KE7U6MjpFKa%2Fw4EklnSxnF1bJdvEs1d6mAxcnNBYlh1xub0U3miONw7X2ZrFy6SCk5L3j0jgOn4ma%2F5aJ9%2FID3b7aX3AfwH8xtFKnLB%2BH2lB9NzbZndo2C8kurTKUFT2QKL%2F9cjnfkG%2Fxc1FyX4Cd96bg6J"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c46f07b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6615
bIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8b6c40ed29bdde4958c65710dec6be5e468974b2b678c398c9659246732971

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy%2F8SIJJA7cS3BUMVpVQahkraVjAlQ22fwKw5CbXKD1ZdcyhY6Cj6TVTwlz82nyOaHZSsiymxXERGEkZrSBTmrzW8X6D6EmYwyvlU77g9mT5GeTeftv1ja302zREtGz2cB%2FaC9USavS%2Bycl7%2BtzJq58FDzPXdIl2"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c51aafb82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
11351
bIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8896d3fe66a1b0a3481ac0ba6786afa3a76b81c55bce76dfb80de7200df833

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G6hFp0wuB9DQd%2BGhGqPZ1eTCTQ51gPMpi64L9mtg3Pdr4E%2Fl2snWwT9VWOOMroc8okMkhSJVJ4vHMGG%2FB1f9U%2BSa2NQboF1Ha3Rl0fObHtbIOoGOp0G2ZgyrqoUSnJzLTsoBfxJ9CaXYkz0mxbotn5oRvCfagNr"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c5aa42b790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5845
bIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b3babd188123187fbba4c4de3a80b2b79c01d1a6d9cbbbbd3145e52354a77d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9baaXgKIvJhBrjAO9paQbKhOSpkXIvMV2B%2Bx3FZjC0aNW4AgsLZL1RHce5kewHjPfxTFlrnt9CzX6VXziGpgHkYLzQ%2BeNVzKexp3SwmZGkj7q6eT0BASGcp558zxHCUjCwE5eE6t7OF%2F4ucGrBJZ6A0dcwLw%2FEm"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c67c54b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4737
bIcon5.png
wellspring-investment.ltd/hustydesigns/graphics/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon5.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7155b1a189fb6a5ce9e7286fa9a8d9b9dae4aa38add788a7b7b05507cdf0a162

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBCXlzJTpkOfz9rQG%2BatQUN7KHfHlOBJmh1mPDnIEnsDtaxiEl7OihyXIdl8D1wxP173%2BoauSi5vniJ3acWKPGX1PCMiC2ffMoSPpPEzgWDVn2MzpaV6TQGAdnVQgkiOwlkgUmGK%2Fq3tKDl%2B8r0rKb1hFWLKQuq6"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c6bf84b8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6318
bIcon6.png
wellspring-investment.ltd/hustydesigns/graphics/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/bIcon6.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81550e5c2d4927152f1349f20238792f8b902c73cf03c6fa2d291d4c17db672b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIMtPn72faTw6R0hzaEpiGWrRJ%2B4pPjiYRUTB19RJXTTf%2FFdV%2Fqc8f2SvwUvoJMMUDm4GqnsO%2F8PxGQyvYUm%2BWT8vBRbND6%2FLaCbNydYkN%2BWbyBC%2BHtd%2FdwNO%2BzOFP6nnFRRJNO0DJ9HLziEgCY%2BnJwSsJ5RjxE%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c6ad6bb89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6994
certificate.png
wellspring-investment.ltd/hustydesigns/graphics/ 		684 KB
685 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/certificate.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e469692b92bef29e59b4882536f7a05af9c82e1e5661f5f1f3f60fa6c4edf89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 07:15:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMrAufMMtZMKWjTO1uU04YY2Ce4Y2ZPJhVnZrFEaTK3u64J4OJ%2FLEg05%2BHo9oA3QPJAWpFUk2AtWZ9YP23TlxLt%2BRWuEVr7zXXLoM9I2eXgq1jLj%2B%2BJMPPhkfWGfEFUgNoA4wWmPVN7ju7VoIOQTD35sjnHoBUaB"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c76dfab82e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
700567
ssl.png
wellspring-investment.ltd/hustydesigns/graphics/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/ssl.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199dedd695d4401f987f4beb29dae237e9c43249e3afcdd7586ce9d6d2cff4e7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FwQ3xnWVi48xTvBNn7o2IxNWZD30FmNxMb1yVZ0SVG6qfNO7CXkWHsR%2FM8Q7UB6WVUQ5EAuySrSkuWWdp%2BIjxeDY7StqEvdsI4L1yMt%2BuLb8HZI9CQBF5Wu4EBP0P5x%2FlKSrMiusYYjvQzNuDItUHSwiRuNw1kX"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c7e8b8b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10208
badges.png
wellspring-investment.ltd/hustydesigns/graphics/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/badges.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fcba6eb6961f3e78a55fbc96c1400509488d8cc3248e9c79a80d947795d261f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGzFZ5yxPuI3C5eC1%2BeJ%2BhsIchiHbFTGCN70uk6I20qLKV9DA7EUupw5PnGnY4LeUGDckv7ozcEfBsh34HkhwDbBy501fQigvsdlRkrte%2Fw2J8WwtXYm2At3hzNHLIT75Fx4iDiWqABIRP9GIg6oc5eYXnjkYuBb"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c80fe3b790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
54041
fIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c499163d6604a5947d51ac60d68773bacc395956cac8eaae50e0584f5b06c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYwJuW6igDcexUmV4SSacOAqOzurlg5ArkwARj4zYtSvmWkcuoKQqEXRL6PxLLa1T%2BFqd5E9mW3RePWmaXW43dHCHJkISyEPpjfIuGmY1V525UL1d%2FvMK5IkZ7Gc7RLT23D7sugGf4PtsQBUmmqzAkvwGgmJd3Q6"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c8a8f7b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2639
fIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3a12e3de820feabb49c15f134108324bba21ea5e9cd99bd73f2954c91d84f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvyKO%2FygFhRZtXU81hp1FCX8WPF9ZFOrdBZPORWjEFf9ELUGSYqp5LDZmbwe5wFWpRvi1o74wM2O2JKDxMPjDK1u%2BB5SBMDeo9Sqgs9WGSUY2xZkRFwpTb89BKADz9WdFNfE7NEmlz908rwfnN%2FTX6X6YEHEZcbw"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c8ed7bb8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2785
fIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394b949800c735908e556daf89b23004bb637e04df0537efb223162c8852d21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16ppbDzJUWyPrNaFWuTWRzfTpsaEQTw9%2B5ZRJmsILgI6MPm6f54mccJve74YNc5StROmmUFGYJG%2FyVkPSQfobxANlnjkIMe1F9vo5qX9GNRXhwtJdcTI81SG1DFXcBv0%2FLWbNl9L76RLBF%2F6%2FJyWwLHodUgqutId"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1c97a2cb83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2172
fIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fe93122ecf91a97c2f0647077eacee1da2b6babf34d7f8cf04ec6f06abcebf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztC6JYqhQVNGkR5VAjTmO3DuC4c5RZLBZirtFfyHqHuoOapBaV9HpXZS94QFNDHnbEAZV8xp2qkiWM3%2FrO0ojAKIJUAdBJhIrvml88unr%2Fo8TX5C%2FGPRQSKTzFR2%2BUcmsVn0o8wwEiEQJzYgjaI3gPg57fYYy1%2Bh"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1ca1e36b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2046
fIcon5.png
wellspring-investment.ltd/hustydesigns/graphics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon5.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61eee51bbe4193a49327a29c9008cce5bb4bf4c47cf4f94e699c4329bfdee990

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPvX7hKrc9d8ipZKVxJypEUCJLx0xI0fwt01MVlrnO7YWnEWlyMD4xXeb1QttoZZ8Y7Lj0s6BAPv7Ucb7uQrS47NpK%2BrVM4lIvululFh9hsTKw6w%2FKOqcXeA5LkuQ646qQDGIMfCGdsc3kpwJuvM65Qry%2BEDuC4c"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cabe42b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2212
fIcon6.png
wellspring-investment.ltd/hustydesigns/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon6.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6198e6a8051f88043e4af3eb7b751350f3a1a2386e593dd48f0e707c2c8e111

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDNy8HvyrSp8u0mddkuzEeIiCkoRZDvNR0uPBFwOa56q9m2Hliy2NgYMNLrmKMrmMuLd6YBhjIzBB1oznYYOsgj30nEiAjItM82DY%2BZAArkmR8KlHdcoDSZmOQs%2Bm72EmRqXuPUCuSQOrqUsvLg6szMCLt8cwdaG"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cb4c4cb8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1790
fIcon7.png
wellspring-investment.ltd/hustydesigns/graphics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/fIcon7.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac515e10ad36f318a8a5224c072a16655f5f9c9fa1879212c94299bdc53fdf6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6V%2Blf0Ev8tD4CY9qdKc1825Zcy6XyRTNh3dDcXlz7TA8Wi6%2F4U8ceDBr4h9j8C9rXFN%2F6ZXyfpNAwl3UxdAlp29XgY20EHNt51RDI8qIMadbiuXkBTJzx%2FLZyacI%2FcX0ha3DSKTCoy%2B%2FZ9nDYzbCR4NohrOQmDZ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cbddd8b83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1998
tawkto.css
capital-traders.ltd/css/ 		463 B
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://capital-traders.ltd/css/tawkto.css
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c117872142d60bc8e79db145dc343f9be2adc51cf5633455c6758c9c316f25f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 17:23:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7041
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90I06JNAE4PN%2BOs82jqWWq8%2BJs2y9UhsESckgNr%2F2DfybJ8U0RpiBlvwrcRBEbiEWZJyyHoiUzekwGiunollrJ8rj294hyIKN7YL1K90FWi2fgsi4iWFHp6xbmd40Mrtp4hmQYwliiZuSKW9vHYlVLJs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75fba1bc2d42b713-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		110 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26258adf76e7c06ec59e801201596df9380b7e632b02a115ecc8acb3a4a36a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 14:27:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
css
fonts.googleapis.com/ 		13 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 13:41:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
css
fonts.googleapis.com/ 		8 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96934415f5f41e2fb2297e3bc7a2f4c55914ead4577e9d6b6238869f34549dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 13:32:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
css
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 12:47:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:13 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.RZ3oXfl-3IE.O/d=1/rs=AN8SPfpNURQmcb0ILwgDast3eAcw8FMBVQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:25:31 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.RZ3oXfl-3IE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpNURQmcb0ILwgDast3eAcw8FMBVQ/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.RZ3oXfl-3IE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpNURQmcb0ILwgDast3eAcw8FMBVQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.RZ3oXfl-3IE.O/d=1/rs=AN8SPfpNURQmcb0ILwgDast3eAcw8FMBVQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75091
x-xss-protection
0
last-modified
Sun, 23 Oct 2022 01:11:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 17:41:54 GMT
top.png
wellspring-investment.ltd/hustydesigns/graphics/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/top.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0657e514c21e694e747522f6e2cfda689cebdacaf8bd48122bc0df5b2cc056d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:14 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 06:38:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD5JHfNnLL6w36DDTpXWXpciMtQDq%2BYxInU6%2BT0PNVW07%2F%2B3gpO4OZhh0Q5sIStt1NyylKdRcFt%2BGxOThYWR%2BTFx8NvhRm4hKJJl9eMCMVXxSSTEkzIx9qYAO2SLvLp3bQHr%2BYhYt0rNVUbKKPTm67lhEI0eO1iJ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1bd5be6b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
242645
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 08:23:46 GMT
x-content-type-options
nosniff
age
367407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 08:23:46 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:10:25 GMT
x-content-type-options
nosniff
age
497808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options
nosniff
age
324293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 20:22:20 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 01:41:22 GMT
x-content-type-options
nosniff
age
391551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 01:41:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
349940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:14:53 GMT
Um63OQz3bjo
www.youtube.com/embed/ Frame ACD8 		69 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c88e248e342b90a2dc09230ab545f6e3e76d8edef2edaf8442d7317aa66d9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://wellspring-investment.ltd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 25 Oct 2022 14:27:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
deposit.php
www.muladev.online/worldfinance/ Frame DEEF 		3 KB
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.muladev.online/worldfinance/deposit.php
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
d64fef6465a659454d359d509bcc58a6b956e39a0812c9f6608a1a4de5e4a186

Request headers

Referer
http://wellspring-investment.ltd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fba1c52bc591fc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 14:27:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g38r923%2FPvQSHvFe0bIeaEY2uZmMYwqIVQWCR%2FRWqVe7yJeg4I%2Fn6g7JlvylJLX8AvEjOgUoRvGjNyFU4kvhSoQ2FzU7HKsb%2FSGkpvnRvShd75%2F4xh0Ibd5m0pzCO3Y%2BFRchqloJ53TxoN8CBP9mQnw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
wellspring.html
muladev.online/ Frame CBCC 		723 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://muladev.online/wellspring.html
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a259016ac171042a2d374c6e983f9011b3ae7f6818dddf91841b2cf4dfcc86

Request headers

Referer
http://wellspring-investment.ltd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fba1c53de59bf8-FRA
content-encoding
br
content-type
text/html
date
Tue, 25 Oct 2022 14:27:15 GMT
last-modified
Wed, 22 Dec 2021 07:47:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jjUMjSfw4l6Y%2FUJBieFQhGzIujvOiUJ62m%2FThzNn9wokaIJmivZpiy5D4fWtsI2%2Fobx9hkI15yYu0sF4HyQSSLRSzQToe6hCdoizezcemkJH%2B9t6j%2B9elmPBXgRfP%2BXBdOquI0dwW8rX%2F7JxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
aVideo-bg.png
wellspring-investment.ltd/hustydesigns/graphics/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/aVideo-bg.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc36a65ddab8b7baa694526a73f7f84b6a39fae84fe4243af29dc066d1ee55d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:17 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8QOMlb19irtTI2HS6C6WDkktfJuE%2BpPCzL4Z7NZXlJ7EyZSk8G26LnhnnRr8ThuUOh6nmRHy63tnYe60%2FNrUzEKUSL6Rj9jOOvytCpr%2Bwln%2FQdtx1hfMcR9tZ2FzrKzMs2hNQ9q5eDrUzC7p7SU7ONKGnNzxRgM"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cc5c13b89d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
47395
affiliate.png
wellspring-investment.ltd/hustydesigns/graphics/ 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/affiliate.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f70bdf7bcfe76c51589cd1c8c819cec8d740dddbc9f6a17d40f661f4ef4699

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:17 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 06:49:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H5wkuC6Y6jqKl5agI070SkUeYoQORAxHinWVPvHz8dqmu7Comt6sbs%2BQbd8JX7hFCi9%2F6DTniVTzKiXgfx2zmTequ6kRmgRhunTKtZ%2BuJmGFtI37G4T8xQz6Q6gBGj4cMnif75NqkjqY6oVadc5X5IqXFeEI71S"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cc9b48b790-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
348436
group.png
wellspring-investment.ltd/hustydesigns/graphics/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/group.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b10a51b0906f2c6479acf93dbf79ad790180ee75267368f09e31be81dbe4725

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:16 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqjYTfLSQO%2BHKisMCKkI3%2BQCq4FZvt2EQlYrh02rjBRi5PSdlTLqcVvELKdbPOS%2BqMm0HD2L%2BLdoOsepHQP384vwIzff8OKJw3utB8idbdUG2vXCBEhmBI%2BZEJv%2Fh%2F2fm%2BpnOM%2F7jE7NnH7DH4oLqJzAF4RevweM"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cceb83b986-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4881
certificate-bg.png
wellspring-investment.ltd/hustydesigns/graphics/ 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wellspring-investment.ltd/hustydesigns/graphics/certificate-bg.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e6bd744c69dd6e59525cff896e2bc804395db58d0dabf840e8431665fe7b3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:17 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 07 Aug 2020 06:48:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ymq3QUlVv7OHsudWN0kzmis2MJ%2BsbNYR8FEiiSp4bPFPXrPdUfX3QKcZCYMNgADPO7m%2FaRgtYm5v1rPg0fowo0ZpwUVbkjPbnw%2FJiqrNQOVDqf%2BroeAkFlPBzpe1PKcx0Dr1uSD1kCl%2FDnRE2w1NailxPittr3HN"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
75fba1cd8a30b8b5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
272344
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:28:13 GMT
x-content-type-options
nosniff
age
500342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:28:13 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:35:34 GMT
x-content-type-options
nosniff
age
499901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:35:34 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 08:45:00 GMT
x-content-type-options
nosniff
age
538935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 08:45:00 GMT
MyriadPro-Bold.otf
wellspring-investment.ltd/hustydesigns/fonts/ 		101 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://wellspring-investment.ltd/hustydesigns/fonts/MyriadPro-Bold.otf
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/hustydesigns/style.css
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3331f20f6280e65a55b7cdce8ac4d8ebacdbe1c278bf409af680361b8692c9c5

Request headers

Referer
http://wellspring-investment.ltd/hustydesigns/style.css
Origin
http://wellspring-investment.ltd
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 14:27:15 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 03 Aug 2020 10:04:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDYSP0sIOHZozL0wTvkr%2Bw2Gx%2FUP0yWIESalTb1lc0%2FjmltwLe78Ti1ea3%2Ff6W0FPccNG%2BOM1itsjbK0NjIMJOHUMPk7DF3qHMJHw5E3Dj0jB9YpLiNcjRQwptkI3ZcqJN7X%2Fun50in4AzGLiVHo%2BUemSlj8cSbo"}],"group":"cf-nel","max_age":604800}
Content-Type
font/otf
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
75fba1c4eaafb83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
www-player.css
www.youtube.com/s/player/4bbf8bdb/ Frame ACD8 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bbf8bdb/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ae0dfcf25c2f9834d99115b516449f16275e9519dd35dfcd22a620a68ae829f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:35:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
89477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49894
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:16:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Oct 2023 13:35:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACD8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:18:05 GMT
x-content-type-options
nosniff
age
11350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Oct 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACD8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 18:59:48 GMT
x-content-type-options
nosniff
age
588447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Oct 2023 18:59:48 GMT
www-embed-player.js
www.youtube.com/s/player/4bbf8bdb/www-embed-player.vflset/ Frame ACD8 		306 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bbf8bdb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a6ad756c9e259d9517b593219ab5c4cd372bf8425827a24a462b394453c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97405
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:16:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Oct 2023 09:16:58 GMT
base.js
www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/ Frame ACD8 		2 MB
573 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f841612a1acf0482dfde73aef91c9d1e2ab07d00f2edc618c42ffebcb222afb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
31476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586210
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:16:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Oct 2023 05:42:39 GMT
fetch-polyfill.js
www.youtube.com/s/player/4bbf8bdb/fetch-polyfill.vflset/ Frame ACD8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bbf8bdb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
30889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:16:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Oct 2023 05:52:26 GMT
truncated
/ Frame 7B4D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Referer
http://wellspring-investment.ltd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:16:03 GMT
x-content-type-options
nosniff
age
672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Oct 2023 14:16:03 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame 7D56 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.RZ3oXfl-3IE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpNURQmcb0ILwgDast3eAcw8FMBVQ/m=el_main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:25:31 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:15:44 GMT
x-content-type-options
nosniff
age
691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Oct 2023 14:15:44 GMT
cleardot.gif
www.google.com/images/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 14:27:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
buxlainvestment.com/hustydesigns/ Frame DEEF 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buxlainvestment.com/hustydesigns/style.css
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ec078d7c69bf429201543bd32132cb0a4f666c29a34033fab9deea4c4a7185

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Nov 2020 11:23:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApF%2FahBnDPxuzkmHe86g8BTASJb9MhMCeiCuhEk7sdgddaNvpO1PRTudXqL0UOrcwEAqXG7LMXF%2B1Lp%2B6NuQ65%2BVJm15CIgcKU%2FISKerYwuePGoG3T%2BTid%2ByWKjOCkU0GGDu%2FA%2Fz7swY%2FrOSwQxyJMrM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75fba1c84a17b734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hd_animate.css
buxlainvestment.com/hustydesigns/ Frame DEEF 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buxlainvestment.com/hustydesigns/hd_animate.css
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68cb22b34799d24e6526232d7aab4eeee4f815c544cb047fad6a6ade96c51fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt7u3IGEizYrva3iK%2FiuJ5jRVVH4Ufe1cgsplSLyAojxRUro4I%2FEtLqg05ZqybAImzDQD3giyLvuSYdlTHykjonfDVNuXEclegq9bviyBe4jta2GDMlTBtUR%2BbncFOIJXMaR9eyfroxrPbtrSpmMVXMS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75fba1c84a1cb734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hd_animate.js
buxlainvestment.com/hustydesigns/ Frame DEEF 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buxlainvestment.com/hustydesigns/hd_animate.js
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86a8130565079071f13bda6aea29a6a6868c37a1bba1a14015b91f1bc653b75

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvxefzyniVKHiyvp9Pvz%2Bfrj1YGW0IQOboju%2BP6nhitflHARaa9DJJlF6m2wz35Bnr4gGjksJSZAXYX7MgamtwYqSRK%2BB%2FHwfzvTeY3k4LAXIDFcZqiKlpuNq5TtEZaGSm3z%2FTedqlLJQFKZtfUpTJIO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75fba1c84a20b734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
buxlainvestment.com/jquery/2.2.2/ Frame DEEF 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buxlainvestment.com/jquery/2.2.2/jquery.min.js
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Fv5WnJ3cPv9DflGl5ty3wGt9WbUqVCz6fciPirarTifwKwBIQjaV7hLydXAQHs1Z5EHY256DToJL32WwC2fup%2F6DLEYaElZQHttpNQAzxhY7A64youAzTHhouk54eWZ95iubS106Pe2Sw81Hf3RiLSS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75fba1c84a28b734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
deposits.png
buxlainvestment.com/hustydesigns/graphics/ Frame DEEF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buxlainvestment.com/hustydesigns/graphics/deposits.png
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d10dd5864d600a60cccdd9364ae08092f79bed888b0aaec032b852f65d4308

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsesdgDwd9d66h4BNLZk9T0PP3LQ6HOPFL054%2BOZVM4mAC5cfOEKC8C1Y74xpS94TQ18eNbMlJr8jM2J5qvLAoOBj1V%2FF40HwkUShghPBPAW2HHwAtG2WqdnEwZaj3CTPJmwbIPHQ%2BHDEIbFdttTREXd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75fba1cdde0db7df-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2293
1000.gif
www.muladev.online/images/ Frame DEEF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.muladev.online/images/1000.gif
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93df46f4ed7eba161dcf1fe19f34b156e5ccbdf9e2bedb2c749365e91e2a4ca3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/worldfinance/deposit.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
cf-cache-status
MISS
last-modified
Mon, 11 May 2020 07:58:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6VAwG3kVLMbUpREgXDu78Erq%2BI%2Fotk869Sw9LiCjVvbcv9vFzKd3cYST%2BFWcbiNv0919%2BhXwcJYdf%2FcecI533kWdTVVWJ2EcTwlHNF224o0aiY9w6hEWnGVzgS1OI%2BTfQ6V6FbYFbxyo0ayF2Eyi3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75fba1cde98c995d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1736
withdrawals.png
buxlainvestment.com/hustydesigns/graphics/ Frame DEEF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buxlainvestment.com/hustydesigns/graphics/withdrawals.png
Requested by
Host: www.muladev.online
URL: https://www.muladev.online/worldfinance/deposit.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c56bfe3adc7ee66ccbf0db8a422a7a727099223976225b53dc443dd809df129

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABmHX%2BOBxiQTl8qaa9a1mw2NK2UeXbF%2BaKfEi8riCg562k83627XlEH4hEgoeWmJee2Tr8w1aCpLNFAy%2F%2B6nIzn77TMPT56XRnuVXEVsZzL9CRxctD5XEciEc%2FsPOoZSoJldexUPrwQhLNwWuTWrkgUr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75fba1cdfe34b7df-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2200
chat-with-us.png
muladev.online/ Frame CBCC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://muladev.online/chat-with-us.png
Requested by
Host: muladev.online
URL: https://muladev.online/wellspring.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72635335d2fb8dc9f9d4b873cbfd44acb805429d527b13132895a3475585a25f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/wellspring.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 13 May 2020 11:14:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKXoJ%2BwkU7%2BCazViKGId%2FSFm6XWeeiTh21Dri0EkT3joJku8F03K3WeQBqyUg%2F9G9ZSYTO2FMl%2BlwjdidOxpFuixPTVhQ2OMB3FBZHWdIOxSfH6B99YE2xGnxo9%2B4fBw4V%2BQ2jvvXByK4pgngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75fba1c7fc7c995d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4794
default
embed.tawk.to/5fb82ad8920fc91564c91954/ Frame CBCC 		2 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Requested by
Host: muladev.online
URL: https://muladev.online/wellspring.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1384e01964d47f5f3df914340abffc0fe2ccc01d0e34e57e55d546e74485a3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
server
cloudflare
etag
W/"stable-v4-63258f417d7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
75fba1c82f769bbf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
id
googleads.g.doubleclick.net/pagead/ Frame ACD8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
389622c527434d0c0b917742e8d115b456d83da6f6d362fa2d56b5a4d84e385a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Oct 2022 14:27:16 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame ACD8 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:17:23 GMT
x-content-type-options
nosniff
age
593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Oct 2022 14:32:23 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 25 Oct 2022 14:27:16 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ACD8 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed1d5cbc008b02a44fe8fb86e16d6a81a352bfc66a00e264ded740342286b20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30798
x-xss-protection
0
2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
www.google.com/js/th/ Frame ACD8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3af4787a74d88b45590e71f971f3705e5087a18f3ddacc17b58be57c389d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 09:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
362264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14247
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 09:49:32 GMT
embed.js
www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/ Frame ACD8 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8cc291c830536b91c2563486675c953046ba9a2455464836ad3d5fd8dba7d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
425699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8166
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:16:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Oct 2023 16:12:17 GMT
truncated
/ Frame ACD8 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_S0kstwSQgZsMPNre2IoYm3mMMVsLmzfIszqfu=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame ACD8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_S0kstwSQgZsMPNre2IoYm3mMMVsLmzfIszqfu=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f1fb67f403aca56f6e42b7643b589c2a4e1683a339c18bd7f76ce9fb393a5645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 12:07:18 GMT
x-content-type-options
nosniff
age
8398
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3811
x-xss-protection
0
server
fife
etag
"v34"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 31 Jul 2022 15:43:38 GMT
sddefault.jpg
i.ytimg.com/vi/Um63OQz3bjo/ Frame ACD8 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Um63OQz3bjo/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cc3f1b3aaa59dc52184ac66e2fc0cadc919730645906aa709d48bfdb801d264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 12:42:32 GMT
x-content-type-options
nosniff
age
6284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18307
x-xss-protection
0
server
sffe
etag
"1364135798"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 25 Oct 2022 14:42:32 GMT
generate_204
www.youtube.com/ Frame ACD8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?YXxyvA
Requested by
Host: wellspring-investment.ltd
URL: http://wellspring-investment.ltd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
twk-main.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		121 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9ee19a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9ee89a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"81c2642aac0b88b6b237d279f5f8ce67"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9ee99a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		192 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8aa8865f0996f9a34b51ec713b894bcd331308cf85a352a4f3c32d1f6364c98
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"c262969ff89da8a8b3994883a0f57085"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9ee39a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a380880c41d4cdd11dd066125259e83fcb3a7adcd43ef2a3c5a2f3524a75fd9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"31ca85b2b61bb42db4e40c2e9429f7dc"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9eee9a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		151 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb82ad8920fc91564c91954/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
content-encoding
br
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1cc9ef19a17-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame DEEF 		98 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Poppins:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Requested by
Host: buxlainvestment.com
URL: https://buxlainvestment.com/hustydesigns/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48dd6c0cccc3e797587b925f80deae4a42dc5404c8f21b4a4eadc17d5c7c98d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buxlainvestment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 14:27:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:16 GMT
css
fonts.googleapis.com/ Frame DEEF 		13 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: buxlainvestment.com
URL: https://buxlainvestment.com/hustydesigns/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buxlainvestment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 12:55:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:16 GMT
css
fonts.googleapis.com/ Frame DEEF 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins+Slab:100,300,400,700
Requested by
Host: buxlainvestment.com
URL: https://buxlainvestment.com/hustydesigns/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buxlainvestment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame DEEF 		28 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: buxlainvestment.com
URL: https://buxlainvestment.com/hustydesigns/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buxlainvestment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 14:14:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 14:27:16 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ACD8 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084cf14b7f439d65ed75fbc1436d3a4b34f969246f4b44ea1670fd405a78fd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 25 Oct 2022 14:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 25 Oct 2022 14:27:16 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
fBackground.png
buxlainvestment.com/hustydesigns/graphics/ Frame DEEF 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buxlainvestment.com/hustydesigns/graphics/fBackground.png
Requested by
Host: buxlainvestment.com
URL: https://buxlainvestment.com/hustydesigns/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4438b3672a0b0d8deadbb2f96e2865d51a91bfefb414881d227e5ffaca8834

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buxlainvestment.com/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWT3tDi2GkaDh7z9xq7V9b4TWuTGeiGdSj6Yx3hzF0djr0QIcG4U9zs4sRu2MaKyvAvhk8I45qkxYtbXOtVlfeAq3RET66JEoeBB4VpJ%2FZ5xjArWtOmxbZCxzQIO%2FU2TCwBq0YHLdnlb07eu%2BC%2BRkQWo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75fba1ce1e5ab7df-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92702
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame DEEF 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:35:34 GMT
x-content-type-options
nosniff
age
499902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:35:34 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame DEEF 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:27:16 GMT
x-content-type-options
nosniff
age
500400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:27:16 GMT
widget-settings
va.tawk.to/v1/ Frame CBCC 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5fb82ad8920fc91564c91954&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cb04177bba8f79fe725138ad61e707d1dcc5425f4ee5e2034331b3e135b2f5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-293z
server
cloudflare
etag
W/"2-3-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
75fba1cfa9989bbf-FRA
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ Frame CBCC 		992 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c69a0a084c83b4461675446ba2b0dfbdce8fca0caadb270d6e3cd1b2f4ab6e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://muladev.online
access-control-allow-credentials
true
cf-ray
75fba1d0f89a6993-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-k512
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://muladev.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://muladev.online
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fba1cfa9a09bbf-FRA
date
Tue, 25 Oct 2022 14:27:17 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-ft3s
en.js
embed.tawk.to/_s/v4/app/63258f417d7/languages/ Frame CBCC 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709327
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"585ba00b2c167b90c210161454f843b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d2ed706993-FRA
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4289a6993-FRA
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-696bc286.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48abd4d8ecd9dc9c337b14e080423d47f6f2b714f64bdaf921983dfbd7a7772
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"c81a87996906c622b790a270c6d55ad1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4289b6993-FRA
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1008daa24a6d7118d7fe965e27c87c59712d82b7a086dbd650abb7d39e022a70
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709327
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"58caeed4847c71d5d56ff03a611a735e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4289c6993-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa50ebeb92ccf6186dae94ac83247865552a11b3a047434b79c773db1c91cbba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"9d3c0030a62cf4f69093a0aea511a136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4289f6993-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		942 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d428a16993-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		546 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d428a36993-FRA
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"a92075fd9ac5ba130387a80453676099"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d428a56993-FRA
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/63258f417d7/js/ Frame CBCC 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-32507910.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edf7ed3d497d8bc99ab6a4433739664726da6423c0a4f9c7686c83296666703
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"f10a53c04ef8191d522983c590674d5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d428a66993-FRA
bubble-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 0D53 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709323
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4ba396993-FRA
message-preview.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 3A77 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709327
cf-polished
origSize=38268
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 17 Sep 2022 09:12:03 GMT
server
cloudflare
etag
W/"949ecc85ac578750ec9a03e5680f7b0e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4ca6f6993-FRA
min-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame C4AA 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709327
cf-polished
origSize=24960
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"80df9814fe6b98404ccc1df3c455ceaa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d4daa16993-FRA
max-widget.css
embed.tawk.to/_s/v4/app/63258f417d7/css/ Frame 8673 		74 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/63258f417d7/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-2c78ba82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
709327
cf-polished
origSize=75771
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 17 Sep 2022 09:12:02 GMT
server
cloudflare
etag
W/"0158db159e8967dbda5865ed6b2e435d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d50b696993-FRA
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 0D53 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:17 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1206683
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
75fba1d50b6d6993-FRA
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 0D53 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.tawk.to/_s/v4/app/63258f417d7/css/bubble-widget.css
Origin
https://muladev.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:18 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10520
last-modified
Sat, 22 May 2021 07:25:13 GMT
server
cloudflare
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
accept-ranges
bytes
cf-ray
75fba1d50b9d9a17-FRA
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame CBCC 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://muladev.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:27:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
12010227
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-iad-kiad7000101-IAD
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75fba1d5afa51e79-AMS
v3
va.tawk.to/log-performance/ Frame CBCC 		5 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://muladev.online/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 25 Oct 2022 14:27:18 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://muladev.online
access-control-allow-credentials
true
cf-ray
75fba1d99e3b9a17-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
visitor-application-preemptive-519f
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://muladev.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://muladev.online
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75fba1d7ea099a17-FRA
date
Tue, 25 Oct 2022 14:27:18 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-d4tg
log_event
www.youtube.com/youtubei/v1/ Frame ACD8 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4bbf8bdb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Goog-Request-Time
1666708038392
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
X-YouTube-Client-Version
1.20221019.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtyN2VtLVZ5b3AyayjD5N-aBg%3D%3D
X-YouTube-Ad-Signals
dt=1666708035767&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C280&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 25 Oct 2022 14:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 25 Oct 2022 14:27:18 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| WOW function| $ function| jQuery function| googleTranslateElementInit function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| html5 object| wow object| closure_lm_452566

6 Cookies

Domain/Path Name / Value
.wellspring-investment.ltd/ Name: PHPSESSID
Value: 751ae0e76b816a0a21d56ffd2fe4a12a
.youtube.com/ Name: YSC
Value: iXP2PaBLfSA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: r7em-Vyop2k
muladev.online/ Name: twk_idm_key
Value: kTx0j-jXLoYSm7nfmP0M3
muladev.online/ Name: TawkConnectionTime
Value: 0
.muladev.online/ Name: twk_uuid_5fb82ad8920fc91564c91954
Value: %7B%22uuid%22%3A%221.7xX0ZoCvg7cSPxTiTlSi2a9CSQsuoSl6NqOxAhQpGN34UdjKBhhpYg5r7OCDw972gjTIrnvYDJHaGuVjXxsDvEFDYiUIdPUOdkSooFqBFX3ve8MJsV7iztqR%22%2C%22version%22%3A3%2C%22domain%22%3A%22muladev.online%22%2C%22ts%22%3A1666708037763%7D

4 Console Messages

Source Level URL
Text
rendering warning URL: http://wellspring-investment.ltd/(Line 8)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: http://wellspring-investment.ltd/calc/source/helpers/jquery.fancybox-media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://wellspring-investment.ltd/calc/source/jquery.fancybox.css?v=2.1.5
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fonts.googleapis.com/css?family=Poppins+Slab:100,300,400,700
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buxlainvestment.com
capital-traders.ltd
cdn.jsdelivr.net
code.jquery.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
muladev.online
static.doubleclick.net
translate.google.com
translate.googleapis.com
va.tawk.to
wellspring-investment.ltd
www.google.com
www.gstatic.com
www.muladev.online
www.youtube.com
yt3.ggpht.com
2001:4de0:ac18::1:a:3b
2606:4700:10::6816:1883
2606:4700:3030::6815:48ee
2606:4700::6810:5614
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a06:98c1:3121::3
004f72bbf4ca0a427ff8ee91897c33c981a5b92a7b657d9730fd81f603dc8cac
00fe93122ecf91a97c2f0647077eacee1da2b6babf34d7f8cf04ec6f06abcebf
0657e514c21e694e747522f6e2cfda689cebdacaf8bd48122bc0df5b2cc056d2
084cf14b7f439d65ed75fbc1436d3a4b34f969246f4b44ea1670fd405a78fd5b
0e17cbcab6ba215c9ea3aeb543e3a0bce2895767bd363adbb9212b87e9d3be9c
1008daa24a6d7118d7fe965e27c87c59712d82b7a086dbd650abb7d39e022a70
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
15e93e1095719e1c5217bb7da3603ba13d056ee108a8e4389805466bfe3d8858
199dedd695d4401f987f4beb29dae237e9c43249e3afcdd7586ce9d6d2cff4e7
1ae0dfcf25c2f9834d99115b516449f16275e9519dd35dfcd22a620a68ae829f
20c69a0a084c83b4461675446ba2b0dfbdce8fca0caadb270d6e3cd1b2f4ab6e
235daf842c0895344d56927dff2613ac68ce15d37a9691dbfc7920809fd5ecc7
26258adf76e7c06ec59e801201596df9380b7e632b02a115ecc8acb3a4a36a01
2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182
26b25ae8925aecee7f1c3494dd73ab7f9ec62b3f71c11548e089c3508d0bc2fe
29a6ad756c9e259d9517b593219ab5c4cd372bf8425827a24a462b394453c3cf
2b10a51b0906f2c6479acf93dbf79ad790180ee75267368f09e31be81dbe4725
2b33aca37588f3e7ef9464b80c65c3fdc593bd9c1b38f6eae8c8506a1e644321
2cc3f1b3aaa59dc52184ac66e2fc0cadc919730645906aa709d48bfdb801d264
2d3a12e3de820feabb49c15f134108324bba21ea5e9cd99bd73f2954c91d84f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
313481039e7ac3e20f32662dbbaec9d6ddde196967cfdaffe50c8a317188a8eb
3331f20f6280e65a55b7cdce8ac4d8ebacdbe1c278bf409af680361b8692c9c5
389622c527434d0c0b917742e8d115b456d83da6f6d362fa2d56b5a4d84e385a
3c88e248e342b90a2dc09230ab545f6e3e76d8edef2edaf8442d7317aa66d9b9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40cb04177bba8f79fe725138ad61e707d1dcc5425f4ee5e2034331b3e135b2f5
41b3babd188123187fbba4c4de3a80b2b79c01d1a6d9cbbbbd3145e52354a77d
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
48dd6c0cccc3e797587b925f80deae4a42dc5404c8f21b4a4eadc17d5c7c98d1
490ffbf5a2a3e344ffc7bbdb9f11179721738d25b2d96fd43494223171871fa1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e469692b92bef29e59b4882536f7a05af9c82e1e5661f5f1f3f60fa6c4edf89
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
55a8238cb2e33932cf8df60aa973d9fb648ed9df70fb8da931fa736b1da2c373
5751e4359c5f866c293540ad63e5f2b0505d637bdd567ad4d02c6564995acefe
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5a4438b3672a0b0d8deadbb2f96e2865d51a91bfefb414881d227e5ffaca8834
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc6666eac1ed163f3933de764fabf80eb7d218aed8ce1fb471567c18b03a262
5fcba6eb6961f3e78a55fbc96c1400509488d8cc3248e9c79a80d947795d261f
61eee51bbe4193a49327a29c9008cce5bb4bf4c47cf4f94e699c4329bfdee990
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69f70bdf7bcfe76c51589cd1c8c819cec8d740dddbc9f6a17d40f661f4ef4699
6a8b6c40ed29bdde4958c65710dec6be5e468974b2b678c398c9659246732971
6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7155b1a189fb6a5ce9e7286fa9a8d9b9dae4aa38add788a7b7b05507cdf0a162
72635335d2fb8dc9f9d4b873cbfd44acb805429d527b13132895a3475585a25f
7a380880c41d4cdd11dd066125259e83fcb3a7adcd43ef2a3c5a2f3524a75fd9
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
81550e5c2d4927152f1349f20238792f8b902c73cf03c6fa2d291d4c17db672b
86fbfe313672eea1721475598ca81e520c6d1f788ec4ef7726c7af3cd987e560
8c56bfe3adc7ee66ccbf0db8a422a7a727099223976225b53dc443dd809df129
8db20a61599446e107d9048cc4f70d648f129bd3ae839db885fd2b388569272e
8edf7ed3d497d8bc99ab6a4433739664726da6423c0a4f9c7686c83296666703
90d10dd5864d600a60cccdd9364ae08092f79bed888b0aaec032b852f65d4308
90e6bd744c69dd6e59525cff896e2bc804395db58d0dabf840e8431665fe7b3b
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
93df46f4ed7eba161dcf1fe19f34b156e5ccbdf9e2bedb2c749365e91e2a4ca3
96934415f5f41e2fb2297e3bc7a2f4c55914ead4577e9d6b6238869f34549dcf
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
99e6d32956b1b5220bb7e98693eeea116e54bacc54866b6151e51a50487b2d6f
a2ec078d7c69bf429201543bd32132cb0a4f666c29a34033fab9deea4c4a7185
a303dbfd719b1ba0dc6fcd7baf5fcb8fc9e65f036259b5b71e0cc6528741b1c1
a36ff336f2dc276c4507e56d8f051a991d83e9913ae7e60b80cf5e1d2f919bd9
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a5b6d245ecfcf5dba8b32b1cc45ce8a883a35363fc586208f37debf99656daa8
a68cb22b34799d24e6526232d7aab4eeee4f815c544cb047fad6a6ade96c51fe
a6a259016ac171042a2d374c6e983f9011b3ae7f6818dddf91841b2cf4dfcc86
ac515e10ad36f318a8a5224c072a16655f5f9c9fa1879212c94299bdc53fdf6d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b18c499163d6604a5947d51ac60d68773bacc395956cac8eaae50e0584f5b06c
b37ce57f1500ffe9fd4ab878134a3dbecaf2046adf4bea9631fdc3f45232f20d
b394b949800c735908e556daf89b23004bb637e04df0537efb223162c8852d21
b442bcbe1153f8856ed52732909da7dc281d5aee07e52f2d54b7f33ad24bd815
b86a8130565079071f13bda6aea29a6a6868c37a1bba1a14015b91f1bc653b75
b8aa8865f0996f9a34b51ec713b894bcd331308cf85a352a4f3c32d1f6364c98
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bb8896d3fe66a1b0a3481ac0ba6786afa3a76b81c55bce76dfb80de7200df833
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
c117872142d60bc8e79db145dc343f9be2adc51cf5633455c6758c9c316f25f7
c49ee60a4685053dc50281db95d6303fa46f469b560a9f6e351dbb9e2ef7a39c
c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6
c64c323908cc4868749112c9072cafa1e5c3f2d5ee991551515cfb57ad5fb022
c9368b75b8b38eba9366cf5f81e65237de7d55d37f01745aff0048d86b7f9d78
cdc36a65ddab8b7baa694526a73f7f84b6a39fae84fe4243af29dc066d1ee55d
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d48abd4d8ecd9dc9c337b14e080423d47f6f2b714f64bdaf921983dfbd7a7772
d64fef6465a659454d359d509bcc58a6b956e39a0812c9f6608a1a4de5e4a186
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8cc291c830536b91c2563486675c953046ba9a2455464836ad3d5fd8dba7d8d
da3af4787a74d88b45590e71f971f3705e5087a18f3ddacc17b58be57c389d25
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
de1384e01964d47f5f3df914340abffc0fe2ccc01d0e34e57e55d546e74485a3
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ed1d5cbc008b02a44fe8fb86e16d6a81a352bfc66a00e264ded740342286b20b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f1fb67f403aca56f6e42b7643b589c2a4e1683a339c18bd7f76ce9fb393a5645
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6198e6a8051f88043e4af3eb7b751350f3a1a2386e593dd48f0e707c2c8e111
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f841612a1acf0482dfde73aef91c9d1e2ab07d00f2edc618c42ffebcb222afb4
fa50ebeb92ccf6186dae94ac83247865552a11b3a047434b79c773db1c91cbba
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce