wellspring-investment.ltd Open in urlscan Pro
2606:4700:3032::ac43:9e47  Public Scan

Submitted URL: http://wellspring-investment.ltd/
Effective URL: https://wellspring-investment.ltd/
Submission: On February 02 via manual from PH

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3032::ac43:9e47, located in United States and belongs to CLOUDFLARENET, US. The main domain is wellspring-investment.ltd.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.
This is the only time wellspring-investment.ltd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
52 wellspring-investment.ltd 1 redirects wellspring-investment.ltd
8 fonts.gstatic.com fonts.googleapis.com
6 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
wellspring-investment.ltd
6 fonts.googleapis.com wellspring-investment.ltd
2 www.gstatic.com translate.googleapis.com
wellspring-investment.ltd
1 www.google.com wellspring-investment.ltd
1 coin-pay.org wellspring-investment.ltd
1 www.muladev.online wellspring-investment.ltd
1 www.youtube.com wellspring-investment.ltd
1 capital-traders.ltd wellspring-investment.ltd
1 code.jquery.com wellspring-investment.ltd
1 translate.google.com wellspring-investment.ltd
81 12

This site contains links to these domains. Also see Links.

Domain
beta.companieshouse.gov.uk
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-07 -
2021-08-07
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
muladev.online
Sectigo RSA Domain Validation Secure Server CA
2020-05-11 -
2021-05-11
a year crt.sh
coin-pay.org
R3
2021-01-20 -
2021-04-20
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh

This page contains 6 frames:

Primary Page: https://wellspring-investment.ltd/
Frame ID: 60DDE04874DA650A3B997C47118DC079
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Frame ID: 7246BADA32CF448FB46425F411540138
Requests: 1 HTTP requests in this frame

Frame: https://www.muladev.online/worldfinance/deposit.php
Frame ID: 345CBFDAB8BA625DF35A2D6642A88059
Requests: 1 HTTP requests in this frame

Frame: https://coin-pay.org/wellspring.html
Frame ID: 2B863A9C254B7136F91BEBCF5578AFDA
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: C5543A023F4D76042EBCED8C5FB6FCD3
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: B52601DA05678F678D57ED84500DD160
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://wellspring-investment.ltd/ HTTP 301
    https://wellspring-investment.ltd/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

81
Requests

99 %
HTTPS

85 %
IPv6

9
Domains

12
Subdomains

14
IPs

3
Countries

2174 kB
Transfer

2906 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wellspring-investment.ltd/ HTTP 301
    https://wellspring-investment.ltd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wellspring-investment.ltd/
Redirect Chain
  • http://wellspring-investment.ltd/
  • https://wellspring-investment.ltd/
18 KB
5 KB
Document
General
Full URL
https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
0c79eedcbe4a87c8866078f352ffdc6c66e44e3e5c629cb5ad52fde685b62ca5

Request headers

:method
GET
:authority
wellspring-investment.ltd
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d3bb838447b9dbdd2899089e32a81c38b1612245946
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
CameFrom=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 PHPSESSID=b86dd333688da18d3ab8563f13497962; path=/; domain=wellspring-investment.ltd; HttpOnly
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0802f1e95500004a80e31e3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5dDXEslRJsebK7Yb6L1DTC1vS3ZNakWJ%2FFcfklmWljOX9D8BEnTg%2FBHNyj5qYA6E9%2F63eynSQe2RRM6jPpzsaqHOCvyafY08mOQTl%2FLl0dhmAGvwwkU5i6hnU7KrtKq4%2FELwi4uR"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61b1b8eeeb1e4a80-FRA
content-encoding
br

Redirect headers

Date
Tue, 02 Feb 2021 06:05:46 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d3bb838447b9dbdd2899089e32a81c38b1612245946; expires=Thu, 04-Mar-21 06:05:46 GMT; path=/; domain=.wellspring-investment.ltd; HttpOnly; SameSite=Lax
location
https://wellspring-investment.ltd/
CF-Cache-Status
DYNAMIC
cf-request-id
0802f1e7db0000dfe304b52000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q5XcpEnZjkh8jZOPwUhoKTrwBNFaP7Nw4PcBA%2BO8c2Q4AA8wXZfGJ9GxFSfP41CDDr4E4LtRRh1Ivy2eltiEWd1PskIohSIkCq5L991hp%2BfuHoOeeI0JLJekd7ujA%2BL%2FzeGb8cHT"}],"max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
61b1b8ec9c8adfe3-FRA
style.css
wellspring-investment.ltd/hustydesigns/
12 KB
3 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/hustydesigns/style.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004f72bbf4ca0a427ff8ee91897c33c981a5b92a7b657d9730fd81f603dc8cac

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 06:46:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i8QGSBIysbRGI6KcxGN9LBLs5NJwazHViC1TUNZ1Dl8IlaItJvVPXXdWC6HSR4p%2FSL%2FYNwdzzDc85dBzvm5pq5w23o9ZPO8flvYc8YhoxKAsCtG0VhPzqaFCpK7lxTNn30WnmHBe"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8f76c674a80-FRA
cf-request-id
0802f1ee9d00004a800f19e000000001
hd_animate.css
wellspring-investment.ltd/hustydesigns/
54 KB
4 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/hustydesigns/hd_animate.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68cb22b34799d24e6526232d7aab4eeee4f815c544cb047fad6a6ade96c51fe

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YUyexcn1jTVnT5krxNb4rUDCt%2BIELwLGmqe8PsEyQ2feUGDJNcWjQdKCaDicOGlmKc41TwU%2BUtVUgnTV9FumNkQqdY1l5bNNRvritx1H7wPgr5BwUa2owlFlq5lSFNOv3zCbvZSV"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8f76c684a80-FRA
cf-request-id
0802f1ee9d00004a80190b9000000001
hd_animate.js
wellspring-investment.ltd/hustydesigns/
15 KB
3 KB
Script
General
Full URL
https://wellspring-investment.ltd/hustydesigns/hd_animate.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86a8130565079071f13bda6aea29a6a6868c37a1bba1a14015b91f1bc653b75

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PmWxOF%2FZAeLLj2xEY%2Fm0L3%2Fd%2BbGqU42%2BjG8gVoammkDeWEjWdkB%2FtHYhThfDGq5F8ELIla%2FpmFW05BqKemXoS1rcXKsx87x%2B5T9%2FbNab7axntBwIUgNgFXbtnl55oNEwpRibXN73"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8f76c6b4a80-FRA
cf-request-id
0802f1ee9d00004a80d734f000000001
jquery.min.js
wellspring-investment.ltd/jquery/2.2.2/
84 KB
29 KB
Script
General
Full URL
https://wellspring-investment.ltd/jquery/2.2.2/jquery.min.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zREAS9F7aIWMOLS3O9iBxiw734mQSO6D0rmtALj6q9W3AeLRyBwLg4ztCVeBdL%2F6z9j4F%2FViWZNNS9FC%2BiUEIdedehixkf5lmiOdr8gwjZ%2B5HctUtYnJZzLlPz9CBM7mcHjzJd%2FE"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8f76c6d4a80-FRA
cf-request-id
0802f1ee9d00004a803f9ff000000001
font-awesome.min.css
wellspring-investment.ltd/font-awesome/4.6.1/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/font-awesome/4.6.1/css/font-awesome.min.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e6d32956b1b5220bb7e98693eeea116e54bacc54866b6151e51a50487b2d6f

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qW0T9h3HtuF3JiB9CCJdbzND5zhqYYAeG8cv0c2LUIZUTKUanyKHhWonr3KOVNEpBmBvwuLInhx1pKmopQTAnMAmxVZQphVznznJP1HKllSiF6UOUxTxRaiduuLrrEzyoQrG7tAB"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8f76c6a4a80-FRA
cf-request-id
0802f1ee9d00004a80d2384000000001
icon
fonts.googleapis.com/
574 B
466 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79badf5d90265492a34381241a85b38131c6400dd115aae01b3299ec5d11b3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 06:05:48 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
css
fonts.googleapis.com/
8 KB
798 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 05:55:43 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
element.js
translate.google.com/translate_a/
4 KB
2 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
3138ff443154acc302f37169f8d89efe5e11866a64a674a9c057f45ca65d16f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1875
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log.png
wellspring-investment.ltd/hustydesigns/graphics/
1 KB
1 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/log.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e93e1095719e1c5217bb7da3603ba13d056ee108a8e4389805466bfe3d8858

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9621zha%2FN%2Bkk%2FErUZUg%2BzdTgSzm348L2uXKKklsIbrzM%2BPc%2B6kmsIPcBdDVP5dSNs2dglDr2vyCxQgUxJB0HfebsKCQ%2BOJ0p%2BYQktFTN4OV%2FjaPKME6yNU7LxS9%2BC%2BgEzqCSF1OO"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d894a80-FRA
content-length
1064
cf-request-id
0802f1f19200004a80269b5000000001
logo.png
wellspring-investment.ltd/hustydesigns/graphics/
9 KB
9 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/logo.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36ff336f2dc276c4507e56d8f051a991d83e9913ae7e60b80cf5e1d2f919bd9

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 07:09:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Al%2FMzearWcD16tR6v5wR5IAvzk72X0JZAkKz764gBm9Nrc6VYKUV0COo3USuWGS%2BzGI0%2BNz2V8TrSbbC36P8PDtQ7KAqqE66VgEbsl6Loa5gGB1ZIeTAyEPTKeK%2F85Fp%2Byg%2FoqqS"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d8a4a80-FRA
content-length
8812
cf-request-id
0802f1f19500004a80269b6000000001
reveal.css
wellspring-investment.ltd/hustydesigns/popup/
2 KB
973 B
Stylesheet
General
Full URL
https://wellspring-investment.ltd/hustydesigns/popup/reveal.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a8238cb2e33932cf8df60aa973d9fb648ed9df70fb8da931fa736b1da2c373

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HM7qeHZUPEvbqE5MNgG3j%2F5juV9DMdabYZba1pEPQHnLPv1cTGyt2JhJC9xWSdP2mfXeh4tHlEOT5bXS4nCR53gHG2XESJUgTdgse6iAaMQ2%2BevQD%2BNqDpnIomNpqrPWhK5vloVp"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fb5bcf4a80-FRA
cf-request-id
0802f1f11600004a80f914c000000001
jquery-1.7.min.js
code.jquery.com/
92 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.7.min.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:48 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
W/"54499a47-16f44"
vary
Accept-Encoding
x-hw
1612245948.dop215.fr8.t,1612245948.cds260.fr8.hn,1612245948.cds220.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33254
jquery.reveal.js
wellspring-investment.ltd/hustydesigns/popup/
5 KB
2 KB
Script
General
Full URL
https://wellspring-investment.ltd/hustydesigns/popup/jquery.reveal.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b33aca37588f3e7ef9464b80c65c3fdc593bd9c1b38f6eae8c8506a1e644321

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WXUZNLYdNADxmEl%2B6lXTrOgmz5IBnMFl6azlfb425m%2FvtKPUq6cLm3pop%2BIGzIr6rSRV0%2FJl8bn7vFmwdgcaO3atWPBlzREWib8IhfChLGumg%2Fu1OFYCXd8JvFP29oYpIqWm11aN"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d744a80-FRA
cf-request-id
0802f1f18f00004a803832a000000001
html5.js
wellspring-investment.ltd/calc/js/
2 KB
1 KB
Script
General
Full URL
https://wellspring-investment.ltd/calc/js/html5.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86fbfe313672eea1721475598ca81e520c6d1f788ec4ef7726c7af3cd987e560

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3q23ls10ZOy2bUR%2FwmmTR%2F0vPQPQYe5osnAW0HLFmh7JMXBUUIpaPFYmAd%2FTSY3%2FOjOS4h69UGXl9adr%2FsjL2pvVBwV5n0mRmipyc0WwdZvljl843Yqkyn3Lg3JgG66P2LTe8Sfs"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d754a80-FRA
cf-request-id
0802f1f18f00004a80e9b22000000001
scripts.js
wellspring-investment.ltd/calc/js/
6 KB
2 KB
Script
General
Full URL
https://wellspring-investment.ltd/calc/js/scripts.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b25ae8925aecee7f1c3494dd73ab7f9ec62b3f71c11548e089c3508d0bc2fe

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 09 Aug 2020 07:23:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bXewxdesTsxhbRyvyo2ocDJG8cji7nroU%2FHnuRLCKFcWKGcM2phENzSLY4efF%2FsxVhinJcBMlY1Wd33I4LwycYN8H2PY2UZitzTCKechi1VrTl%2Bg2BWsOqgHh79esthM0j9h0UHW"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d774a80-FRA
cf-request-id
0802f1f18f00004a80f607b000000001
jquery.bxslider.min.js
wellspring-investment.ltd/calc/js/
19 KB
5 KB
Script
General
Full URL
https://wellspring-investment.ltd/calc/js/jquery.bxslider.min.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T7ZlsuKthWPbsh3VY1tmIY8i8U7E2c3qwzT8DqM5b2mK%2FJEKTscIq3ae7uHaxkx2NUmJRswFWQxBAzsZdepaOwj0jDeZrOwCmHAuZppgooEhqYEoXPjIjQkyH3XgwiYILkuJ3iAP"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d784a80-FRA
cf-request-id
0802f1f19000004a80f190f000000001
jquery-ui.js
wellspring-investment.ltd/calc/js/
80 KB
19 KB
Script
General
Full URL
https://wellspring-investment.ltd/calc/js/jquery-ui.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc6666eac1ed163f3933de764fabf80eb7d218aed8ce1fb471567c18b03a262

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iegBhuikRTKNXPGADis2Ke1vinuukZUhzO7ua3JAdAa7pOtAlU0Jla0ENTmACXUpxyhuM9OuuGKNKeCSKYxzGrSrDt0OS5WNJqV3ThvQgqGLCZpfuy21FYJoYlpuFTL9g%2BDB%2BG5M"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d7a4a80-FRA
cf-request-id
0802f1f19000004a80429ce000000001
jquery.fancybox.js
wellspring-investment.ltd/calc/source/
48 KB
13 KB
Script
General
Full URL
https://wellspring-investment.ltd/calc/source/jquery.fancybox.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fBdYmgumicjxzVdQqZ3U%2BykDyztX0DCQC%2Frvre6q1sIpgmKrJlj8Qr%2BmFomjJJIeudgvqZr69wbj2WgkGxqSDTlfvk5XD%2Bhup5JOzRHfNM7xXJEilJMD%2Booid0llJfajd8T170If"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d7c4a80-FRA
cf-request-id
0802f1f19000004a8032252000000001
jquery.fancybox-media.js
wellspring-investment.ltd/calc/source/helpers/
0
0
Script
General
Full URL
https://wellspring-investment.ltd/calc/source/helpers/jquery.fancybox-media.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SLmPHOn%2BDkijcKurjyzNzbM6%2FAbOm%2Fy5XPHRKgu97B%2FtsUaSQifp8f1HLrKAD5iP%2B6ZQLasRt262ZCRxH8xXthzHYbks2jciaK79q%2B7wHkloDQ8Dh6tSU%2BV2kAQhHB8vE6uT1tjc"}],"group":"cf-nel"}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
61b1b8fc1d7e4a80-FRA
cf-request-id
0802f1f19200004a80ea0cf000000001
calc.css
wellspring-investment.ltd/calc/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/css/calc.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e17cbcab6ba215c9ea3aeb543e3a0bce2895767bd363adbb9212b87e9d3be9c

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vH3%2BTB9jacJAulAUV1N92LrkP0v7YG%2FHeKj3HUmSo8cVgnRgGOSXmRvQbq%2FuuWKYZvxfik%2B1Wy5rVBJ8ZqBbYNWEG3uEw185xeBWae91zsBzDJ6vpjuHK35fLR2j%2BEA2XRV1kv2Q"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d804a80-FRA
cf-request-id
0802f1f19100004a801e3cf000000001
jquery.bxslider.css
wellspring-investment.ltd/calc/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/css/jquery.bxslider.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5751e4359c5f866c293540ad63e5f2b0505d637bdd567ad4d02c6564995acefe

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zxa71q2QJ%2BN64cAwn8NG2y19PAKd7eXywWfbu4M3QCJlo7Y7qn7LhIjGO5SsHyPTVUV8xVbA%2B0Fiv5Z8xLYq029J0bJrmO0f2wnXikF3RF1q7CGhHOT54ye1p5eW%2F%2FoRdm56mg2G"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d814a80-FRA
cf-request-id
0802f1f19100004a803fa40000000001
jquery-ui.min.css
wellspring-investment.ltd/calc/css/
2 KB
850 B
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/css/jquery-ui.min.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a303dbfd719b1ba0dc6fcd7baf5fcb8fc9e65f036259b5b71e0cc6528741b1c1

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2LwsnL7F7xvNxqKqUbcTBv4XaOO1Gah79mR8OvOe4gkP6d7nHQTq4vgOsI3Fq6GlxJjMMM6eGS7kOmqQQvH%2FGyXpQCgEUSLkcldMlpX21mDpSrsH8fhY6%2BTyUsj4J3VR9yq0WyDu"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d834a80-FRA
cf-request-id
0802f1f19200004a80eea02000000001
main.css
wellspring-investment.ltd/calc/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/css/main.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49ee60a4685053dc50281db95d6303fa46f469b560a9f6e351dbb9e2ef7a39c

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ff590Hw5DdNtGltv%2BFOUsKFAScuaj0fUzEt08Bp7hydPyqHm4oN7icLj%2BI%2BD3IUWBIPNdDCMX4FzdjI8FeK2YpBqv9LTN9F9GENoK63kQJpxC6mW5N8Ck6v%2FTzh%2FL760sOkShvZj"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d844a80-FRA
cf-request-id
0802f1f19200004a8035b7e000000001
modal.css
wellspring-investment.ltd/calc/css/
2 KB
951 B
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/css/modal.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64c323908cc4868749112c9072cafa1e5c3f2d5ee991551515cfb57ad5fb022

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zIs16THBOuk%2B19s3bo8ApHCXPWqCw6z6k1tdHByRyNasdmCmdLjJW2wTobmdClRefQ23p9U1fQoIZLY50OlJx271in95x%2FIAOvYPEG1cdvKD4lbBOzpIBFTYvu2GUUsUvj8hfFSW"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc1d854a80-FRA
cf-request-id
0802f1f19200004a80d030c000000001
jquery.fancybox.css
wellspring-investment.ltd/calc/source/
0
0
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lw70coItYu8faVrBcrTfzkOpYpExaDcwH0Wt1ttmDNZq7hrHb0slrNI5oU6%2FrHLGo7OSw2Tv0S1aUHyEfYtkP5Str6X7H2sqVUjkkkBIU18XbB2pg2v%2BgyHDQmYG8Tu3MpUOTm8o"}],"group":"cf-nel"}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
61b1b8fc1d864a80-FRA
cf-request-id
0802f1f19200004a800f1d9000000001
sIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/
8 KB
8 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/sIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b6d245ecfcf5dba8b32b1cc45ce8a883a35363fc586208f37debf99656daa8

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GAtaqYCYXN7KuFuLnbm2GW1JThZ8PxYcmKOIPfig08Sr4PUY8aD7JB2doyqo%2FtH4aF%2BSq8zv2jGvIJfoJ5KT9G3A1wG7Z0CN4ZX56vTP7tPpllPwo%2FDl33zxIU%2Fgbs4pqSIx7qgc"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d8b4a80-FRA
content-length
8016
cf-request-id
0802f1f19500004a803a85d000000001
sIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/
6 KB
6 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/sIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9368b75b8b38eba9366cf5f81e65237de7d55d37f01745aff0048d86b7f9d78

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vk6UilvAPxnqGOdB3jQMTa4D96RYnkJADzCI3zg7djRGc6FMfq8docklANxuwN84tVE7oxSyDZtkyhTHVNyMegbaCR99m8ptAX4xEvZQOr57gpaw3iEHDM4ifBkstkv%2B3kyUjVXC"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d8d4a80-FRA
content-length
5861
cf-request-id
0802f1f19200004a80d5170000000001
sIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/
6 KB
6 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/sIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db20a61599446e107d9048cc4f70d648f129bd3ae839db885fd2b388569272e

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7bRHwtXaksa2V1VLEA%2FJBsftCwG1al9JDuE7pe7y4SB8Kz%2FO9mkei5S37gDQa%2BEVaaBMkiarEKDCrQx3yRAfF%2BkoX9zGQvszO9pT5UqlRRNRzMtuTOustt1ir2sqnWzv9Km67N6"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d8e4a80-FRA
content-length
5860
cf-request-id
0802f1f19300004a80e2bbf000000001
sIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/
5 KB
5 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/sIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313481039e7ac3e20f32662dbbaec9d6ddde196967cfdaffe50c8a317188a8eb

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ocAAHvIe5MjRyiUGPt8%2BtJ%2FKT3wSwoHmNGpPcB3JNs9%2FoUdlE39T1v0SMlFq6I84iuAn9jiDoEPs3mPioO2F7uk7ulP7aWVtOej9xw4dmwWDKOOwmcUlSVi8l2gnuqoF51ippl6Q"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d8f4a80-FRA
content-length
5278
cf-request-id
0802f1f19300004a80219b9000000001
calculator.png
wellspring-investment.ltd/hustydesigns/graphics/
1 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/calculator.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b442bcbe1153f8856ed52732909da7dc281d5aee07e52f2d54b7f33ad24bd815

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=llv%2FmOvzppiwPwgkKNJcY0nOsCt4Jsb5GJ65pxD5XHyeusxxOt58rHz8LXrrNnYkI5WIrQ%2BSVAbs0S4SOIQHb2Mk5KAoqiJ%2FH0UelhSEWJ6is6p%2F4cGflX1tGTzmvf%2BOGRE3FpA1"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d904a80-FRA
content-length
1520
cf-request-id
0802f1f19300004a80ea807000000001
bIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/
6 KB
7 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b37ce57f1500ffe9fd4ab878134a3dbecaf2046adf4bea9631fdc3f45232f20d

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JXm%2B279xGH%2FJ4pp52pw9tDafcSxQxGq%2B1KBH1iNf8soRLXl7cc1W39eiOHY2hQHacBuB1gA1OkNHIQf5IVdd3XovL3uyXWkbG%2BD6P3%2FbUKdphhs0lZppSDzNwNfZGWKWtADzToGZ"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d914a80-FRA
content-length
6615
cf-request-id
0802f1f19300004a80d23be000000001
bIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/
11 KB
11 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8b6c40ed29bdde4958c65710dec6be5e468974b2b678c398c9659246732971

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bKjZYwRtOz3gek7%2FDU8zmOUmZZdzyZhEuAdMZ1D6RzLxQ8hPf5yWMZ1v53HvX01fqY2GCd6xauqcSebT5A09d7YQ3uPHlChXbhzc9Z1ZWLvW16Dg8Y4Yel8HBxqOYqq603t%2FaWUp"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d934a80-FRA
content-length
11351
cf-request-id
0802f1f19300004a8008b92000000001
bIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/
6 KB
6 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8896d3fe66a1b0a3481ac0ba6786afa3a76b81c55bce76dfb80de7200df833

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VAdVQn3%2FUCRVPXkvOoJUe6Bo8w8IihS202HwWe8jQKxSjHdmMXsyky8sSpS3TqJHrkS3p8Dp5FHPbHSNETdsD2qM%2FJuLStS4%2FRgOqnlnAYImhgrb4940lPxSZnc9nUsvel8ChgfC"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d944a80-FRA
content-length
5845
cf-request-id
0802f1f19400004a80fc2b0000000001
bIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/
5 KB
5 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b3babd188123187fbba4c4de3a80b2b79c01d1a6d9cbbbbd3145e52354a77d

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6PlEm2TkBzyKc3OLSVbuaGAnv%2FP%2FeWRWP3hyw5yvcP4HCtIblysEO1%2FITgB0%2F54QorNRfRg14piZXvkzcUEmv%2FXc4l8V9FDdT1D2uYMbO6YZDV%2F%2BxDUvXyY5MPkUbIOXFzQknJ6Y"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d954a80-FRA
content-length
4737
cf-request-id
0802f1f19400004a8003212000000001
bIcon5.png
wellspring-investment.ltd/hustydesigns/graphics/
6 KB
6 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon5.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7155b1a189fb6a5ce9e7286fa9a8d9b9dae4aa38add788a7b7b05507cdf0a162

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CCxRyYy4CqpyGpF5rpJIJAK8iB375QimhXJdPPE3GTCZnPAZ3TMEBP%2FhK4H7gv4SVXwZBmIqBW0Z%2FmsUDPAxq3UYqBTV6smAoD9vBHn2eheb5qneL5Ei1DYcuayYdTlzUbUagOi5"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d974a80-FRA
content-length
6318
cf-request-id
0802f1f19400004a8000356000000001
bIcon6.png
wellspring-investment.ltd/hustydesigns/graphics/
7 KB
7 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/bIcon6.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81550e5c2d4927152f1349f20238792f8b902c73cf03c6fa2d291d4c17db672b

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QcseLX8dRgnzVxjxBOjTg%2B2XS9rYAqCZ5lhlZUOYT2vpiZEk7PTFgNpUT4zXSBz7b68pbzhBwle9WKfnveaFBaDmyXi%2FUJ%2FNKna5TT6SoDKNDWfPTD%2FrTkeobo5QGiho8Tb1wYRZ"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d9a4a80-FRA
content-length
6994
cf-request-id
0802f1f19400004a803832b000000001
certificate.png
wellspring-investment.ltd/hustydesigns/graphics/
684 KB
685 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/certificate.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e469692b92bef29e59b4882536f7a05af9c82e1e5661f5f1f3f60fa6c4edf89

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:50 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 07:15:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4l8ACxMnjF2aV5Lb%2Fpvjsl0el4ZrZueoDkZSjF%2B%2Bzt5vj5YDPWVADVPYKVKtAdqDoEyyLs5aofVDwp%2FltbJIHmK0%2BMN3zugyfr8RUeLK12kiAn%2BoMiGcsoLQ5%2BGwALl8LXktNpIo"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d9b4a80-FRA
content-length
700567
cf-request-id
0802f1f19400004a80d738e000000001
ssl.png
wellspring-investment.ltd/hustydesigns/graphics/
10 KB
10 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/ssl.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199dedd695d4401f987f4beb29dae237e9c43249e3afcdd7586ce9d6d2cff4e7

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D4BcHW1X9MNKAyW5ibXv2n%2B4LGPdMeaI98H7E2%2FYpBVOrTjUaE%2BYx9qfW6bXupR91FYLJ6I8lYbQ23w1I5ezdNIivjCOPvoOEpkwyZ74exjD0xbdYtOnQuJVZjenS8OEEAR%2B2%2FZm"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d9c4a80-FRA
content-length
10208
cf-request-id
0802f1f19400004a80e9b23000000001
badges.png
wellspring-investment.ltd/hustydesigns/graphics/
53 KB
53 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/badges.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fcba6eb6961f3e78a55fbc96c1400509488d8cc3248e9c79a80d947795d261f

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ASruNS2Jjl8hrRJMCR4NhF1iRuXNUtzWn%2BIbhmVOneBdyS282kIH5Sg%2Fk7Nvd%2BXIilzHRy775Q%2F41a40eLWyv5%2FcHhwquXqvRaXxQdCaDe2MWKGErM46N5%2BnyJ%2FZdKNMogeJYdyo"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d9e4a80-FRA
content-length
54041
cf-request-id
0802f1f19400004a80f387b000000001
fIcon1.png
wellspring-investment.ltd/hustydesigns/graphics/
3 KB
3 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon1.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c499163d6604a5947d51ac60d68773bacc395956cac8eaae50e0584f5b06c

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o17bcqhnpkH%2BmanfuLLTfMfu9ReAx5%2BnAbBCV2vq7Vpc0HZvISOIyvs60nWTkP0D%2F0xjWorVKWqIqIUU0QrwCTz2QjxHIzp9BXbBaYlih5624NOvHRq6EDwksBl2gY6kWiVltwJB"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1d9f4a80-FRA
content-length
2639
cf-request-id
0802f1f19400004a80f607c000000001
fIcon2.png
wellspring-investment.ltd/hustydesigns/graphics/
3 KB
3 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon2.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3a12e3de820feabb49c15f134108324bba21ea5e9cd99bd73f2954c91d84f9

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uPNoQbs5POnsFuu81vDIMDeH1tsZUM%2FbawHFowl1DuBrq78VM%2FakVQK0VFf3aeHTbH3hMexACgFsSKmyGd8SIUY1lstsXQXSzlDQD%2FbZY4%2BLdDbfxre7uXTLuIzPkB0ra5CByNGd"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da04a80-FRA
content-length
2785
cf-request-id
0802f1f19500004a80df019000000001
fIcon3.png
wellspring-investment.ltd/hustydesigns/graphics/
2 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon3.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394b949800c735908e556daf89b23004bb637e04df0537efb223162c8852d21

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uGdmS8flwBy8WjKiqM%2BWLAZxYemK%2BBFo6Ek07XTSAjntKFsVPyxoOZ7n1SrhrYaUAIzAUnZ3Iz6YaRQh3oQDsARV8s7XeqdNzH0Z4TiCIUdZSGZOWUSBiki%2FgjTvKHz5vX%2FZYAGT"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da14a80-FRA
content-length
2172
cf-request-id
0802f1f19500004a80f1910000000001
fIcon4.png
wellspring-investment.ltd/hustydesigns/graphics/
2 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon4.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fe93122ecf91a97c2f0647077eacee1da2b6babf34d7f8cf04ec6f06abcebf

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=84Aj2X1FollQSnk%2FBX6op%2F8qSjuOlabF%2FoqiVl2dbqJ%2FkwC0iatJyQOqQok7wuq9kLxNek%2F2m9B%2F40dm8AZ1G8crxAqo9DHtsbusqhl%2BZ8RtxBSI7G%2BkK6YrO%2FKSSFc1b84aJ2cB"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da24a80-FRA
content-length
2046
cf-request-id
0802f1f19500004a80429cf000000001
fIcon5.png
wellspring-investment.ltd/hustydesigns/graphics/
2 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon5.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61eee51bbe4193a49327a29c9008cce5bb4bf4c47cf4f94e699c4329bfdee990

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=klyi5SREDHm66s7K7zgiqQwC7g06LYURYDqtJw9nkj6RlIaYWHBcRdS%2BrWEv2bwBHd9C0bQQrPN9%2BpvGKp6L6CEwDQNQqwYevkK3PNN41MwJGp1aqldmuqX5PbDYHmLJLqiNO5yJ"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da34a80-FRA
content-length
2212
cf-request-id
0802f1f19500004a8012ab9000000001
fIcon6.png
wellspring-investment.ltd/hustydesigns/graphics/
2 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon6.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6198e6a8051f88043e4af3eb7b751350f3a1a2386e593dd48f0e707c2c8e111

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5owJGyYQKtp8PxdAIZPFeM0yXS%2FFeFhMJH5Gkyl9RFLUs9iGMYd61DQdX%2BgZnvlokK88alJpn%2Fjnqa1A8GcM6YMRmvLfzpb75F9o%2FdUk0X9ZZvBW2gtCJmoEUPWWF84fO%2FgwskAx"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da54a80-FRA
content-length
1790
cf-request-id
0802f1f19500004a80ea0d0000000001
fIcon7.png
wellspring-investment.ltd/hustydesigns/graphics/
2 KB
2 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/fIcon7.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac515e10ad36f318a8a5224c072a16655f5f9c9fa1879212c94299bdc53fdf6d

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fqltr%2BZPP3dACuXX%2FqASONaR7UVN5mvGc0M8C3FiXa7GxThuhFObKlg0Ap6nqecJzJFGsoF9lKZOmQEuFGEDexr1nmgj8Wq58yMhEnH%2FufVPGNoZkTovF%2BpePsPTgae81o%2BlUB3n"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc1da74a80-FRA
content-length
1998
cf-request-id
0802f1f19600004a80061d9000000001
tawkto.css
capital-traders.ltd/css/
463 B
824 B
Stylesheet
General
Full URL
https://capital-traders.ltd/css/tawkto.css
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c117872142d60bc8e79db145dc343f9be2adc51cf5633455c6758c9c316f25f7

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:49 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Jul 2020 17:23:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sO1ghKM%2FUx9kKCuqD223TpYv%2BqS%2BGeP7WUxbfvxo6KV0OjhAtk2tozEtwGywvP7NkZ0dgR9buq6pUZrbZlCXWWY0u3X6ZQRBh%2F3T95lW7OT2mC5xHWO2dEYTI5trODM0"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b8fc696bc2ef-FRA
cf-request-id
0802f1f1c40000c2ef791ac000000001
css
fonts.googleapis.com/
106 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce11f18903c07813ff3aa7a6050703a97aefae57c28829f9a9597e69a4b391a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 06:05:48 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
css
fonts.googleapis.com/
14 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ac087baf9bf5669dcb7b966a9e3082cc65c7f50f11374d9cd04d028c2249de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 06:05:48 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
189acf6893645dc3f697decb870090968420ee847e0e65dda96184ea86aed538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 05:24:42 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
css
fonts.googleapis.com/
29 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 06:01:32 GMT
server
ESF
date
Tue, 02 Feb 2021 06:05:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Feb 2021 06:05:48 GMT
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 02 Feb 2021 06:56:15 GMT
main.js
translate.googleapis.com/translate_static/js/element/
4 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2238
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2029
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 02 Feb 2021 06:28:30 GMT
top.png
wellspring-investment.ltd/hustydesigns/graphics/
237 KB
238 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/top.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0657e514c21e694e747522f6e2cfda689cebdacaf8bd48122bc0df5b2cc056d2

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:50 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 06:38:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FkXYPE4GyEriysfA33AtGteftM5I5VylkKTz5cW7XI%2BXQtcqy1EtVQNLR7OMC1EKIvsMgWO9KSYPyhEd4gQWWXpEclx6uPvrbheb3GfSQ2%2FdFXDqPCRUwifdB5YsXUvjzKTEa4fD"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b8fc2db24a80-FRA
content-length
242645
cf-request-id
0802f1f19800004a80d5171000000001
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/
41 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 01:09:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:07 GMT
server
sffe
age
276950
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Sun, 30 Jan 2022 01:09:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:54:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
674
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:54:34 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:54:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
666
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:54:42 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 20:12:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:15 GMT
server
sffe
age
35604
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13612
x-xss-protection
0
expires
Tue, 01 Feb 2022 20:12:24 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:54:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
674
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:54:34 GMT
element_main.js
translate.googleapis.com/element/TE_20201130_00/e/js/element/
243 KB
87 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 16:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47327
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88693
x-xss-protection
0
last-modified
Mon, 30 Nov 2020 10:52:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Feb 2022 16:57:01 GMT
jquery.fancybox-media.js
wellspring-investment.ltd/calc/source/helpers/
0
0
Script
General
Full URL
https://wellspring-investment.ltd/calc/source/helpers/jquery.fancybox-media.js
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W4kIZiVRGeRy8HfBzZYnGl8osA1uY03JPBKUZw8oco%2B8DwJhrBgs1jBZj5xy%2BWDTytVo3%2FM6itV%2BEtrD%2FDrJaupFslz%2F6KZiEd90qBYNSgI4gI0s%2BxkQ6Me2PR7SkIiPirrZfFDp"}],"group":"cf-nel"}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
61b1b9049f034a80-FRA
cf-request-id
0802f1f6e400004a8026a2e000000001
jquery.fancybox.css
wellspring-investment.ltd/calc/source/
0
0
Stylesheet
General
Full URL
https://wellspring-investment.ltd/calc/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AnxoBr0q%2Ft4lGg4Ubdd2dGK3lh5qaLfKGmuuxgqiYulFLKbN3DpISsKARdrvyGHmkjtP1SrVLDdhIDnP3p9TzxZHyBa0afbgZhF1hggzP5%2BG9Qi75KfzCN8euGrSd%2BrTPukCXDn"}],"group":"cf-nel"}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
61b1b904bf294a80-FRA
cf-request-id
0802f1f6f300004a803a8cf000000001
Um63OQz3bjo
www.youtube.com/embed/ Frame 7246
0
0
Document
General
Full URL
https://www.youtube.com/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/Um63OQz3bjo?rel=0&controls=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wellspring-investment.ltd/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wellspring-investment.ltd/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache
content-length
22138
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 02 Feb 2021 06:05:50 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=pEgK-fnLL3s; path=/; domain=.youtube.com; secure; expires=Sun, 01-Aug-2021 06:05:50 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=pEgK-fnLL3s; path=/; domain=.youtube.com; secure; expires=Sun, 01-Aug-2021 06:05:50 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 02-Feb-2021 06:35:50 GMT YSC=04c8uvnbIyk; path=/; domain=.youtube.com; secure; httponly; samesite=None CONSENT=PENDING+540; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
deposit.php
www.muladev.online/worldfinance/ Frame 345C
0
0
Document
General
Full URL
https://www.muladev.online/worldfinance/deposit.php
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.75 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server33-1.web-hosting.com
Software
Apache / PHP/5.3.29
Resource Hash

Request headers

:method
GET
:authority
www.muladev.online
:scheme
https
:path
/worldfinance/deposit.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wellspring-investment.ltd/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wellspring-investment.ltd/

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
server
Apache
x-powered-by
PHP/5.3.29
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
592
content-type
text/html
wellspring.html
coin-pay.org/ Frame 2B86
0
0
Document
General
Full URL
https://coin-pay.org/wellspring.html
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.3.183.226 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
wgh14.whogohost.com
Software
Apache /
Resource Hash

Request headers

Host
coin-pay.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wellspring-investment.ltd/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wellspring-investment.ltd/

Response headers

Date
Tue, 02 Feb 2021 06:05:51 GMT
Server
Apache
Last-Modified
Fri, 20 Nov 2020 20:45:38 GMT
Accept-Ranges
bytes
Content-Length
723
Keep-Alive
timeout=5, max=1000
Connection
Keep-Alive
Content-Type
text/html
aVideo-bg.png
wellspring-investment.ltd/hustydesigns/graphics/
46 KB
47 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/aVideo-bg.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc36a65ddab8b7baa694526a73f7f84b6a39fae84fe4243af29dc066d1ee55d

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5sg4kkpvH5%2BGIWaVbJHN521AIdXQmhcxytIFET9x74mgG09oTpcm4GxYvTiCFyMLLanWSMMT2v77e07ayaDho3MtDQ9YdiWcOmVpO1N8PNvT55OJyk550DdBLpQQtl8CQkMn%2FrQ5"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b9082dba4a80-FRA
content-length
47395
cf-request-id
0802f1f91e00004a80f19a4000000001
affiliate.png
wellspring-investment.ltd/hustydesigns/graphics/
340 KB
341 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/affiliate.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f70bdf7bcfe76c51589cd1c8c819cec8d740dddbc9f6a17d40f661f4ef4699

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 06:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bHTM02DUweoDeAI8UruUKvtQYEWDhN0A6BISZp0wphT49mKn3391mf99pzGJFmoprSSjSzGBnJgqqATMO9V6wnmN9aqCZ%2F6yOjfKtrHfJAKB96T2Lm2ORVvQTCdZuMobPbthM5Uc"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b9083dc54a80-FRA
content-length
348436
cf-request-id
0802f1f91f00004a80f3910000000001
group.png
wellspring-investment.ltd/hustydesigns/graphics/
5 KB
5 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/group.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b10a51b0906f2c6479acf93dbf79ad790180ee75267368f09e31be81dbe4725

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=87CaxvsbiWnu%2BpjvsPDqpXz0Gy5EcNY8kXQJ1Y%2B4Sfhg%2B0g30W92oEdgb3hpUAudcu9C6iuH8bidivsZUW3tu2Frtmv4wbe5yJO6weqDqPmJCI%2FX18Sd1rz6ezpuK7CeBsX3qWY7"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b9083dc64a80-FRA
content-length
4881
cf-request-id
0802f1f91f00004a80e2854000000001
certificate-bg.png
wellspring-investment.ltd/hustydesigns/graphics/
266 KB
267 KB
Image
General
Full URL
https://wellspring-investment.ltd/hustydesigns/graphics/certificate-bg.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e6bd744c69dd6e59525cff896e2bc804395db58d0dabf840e8431665fe7b3b

Request headers

Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 06:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EC95tg4cGLb26kMk%2BRx%2BOoHIggGKUZZUG6I7RqxEXThrU87hB3BvHWtSVo%2BsIk1yVhPlG%2F3Za8Tt7nS%2Bu1ra4nei2nBOHA69pcPHvAvNKi2rv5FVptGpi1XwuhaWuDxG0oL3wqcT"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
61b1b9083dc84a80-FRA
content-length
272344
cf-request-id
0802f1f92000004a8003b79000000001
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 16:21:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:11 GMT
server
sffe
age
49454
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14096
x-xss-protection
0
expires
Tue, 01 Feb 2022 16:21:36 GMT
4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 16:19:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:49 GMT
server
sffe
age
49590
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13588
x-xss-protection
0
expires
Tue, 01 Feb 2022 16:19:20 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 15:39:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
483967
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Thu, 27 Jan 2022 15:39:43 GMT
MyriadPro-Bold.otf
wellspring-investment.ltd/hustydesigns/fonts/
101 KB
57 KB
Font
General
Full URL
https://wellspring-investment.ltd/hustydesigns/fonts/MyriadPro-Bold.otf
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/hustydesigns/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3331f20f6280e65a55b7cdce8ac4d8ebacdbe1c278bf409af680361b8692c9c5

Request headers

Origin
https://wellspring-investment.ltd
Referer
https://wellspring-investment.ltd/hustydesigns/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 06:05:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Aug 2020 10:04:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JvJN0KNRfj5Vja1htY3GHvyuyKVANtvlzCWq7FXh%2B8t17RWBdwhFR8D26rSfTNT3M3P%2Bw1mDHBVEjufFOI1uQWZICJJfjSe4k%2Bw%2BUuGbUJkERxBn2dMk18mImeeEEDshQsbC6zVv"}],"group":"cf-nel"}
content-type
font/otf
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
61b1b9083dcf4a80-FRA
cf-request-id
0802f1f92200004a801e06b000000001
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 00:17:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
20900
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Wed, 02 Feb 2022 00:17:30 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame C554
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 02 Feb 2021 06:56:15 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
914 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 16:14:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
49861
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Tue, 01 Feb 2022 16:14:49 GMT
cleardot.gif
www.google.com/images/
43 B
143 B
Image
General
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 06:05:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
translate.googleapis.com/translate_a/ Frame B526
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wpSKZb2AsbZxg787rjKcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-wpSKZb2AsbZxg787rjKcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Tue, 02 Feb 2021 06:05:50 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
te_ctrl3.gif
translate.googleapis.com/translate_static/img/
1 KB
1 KB
Image
General
Full URL
https://translate.googleapis.com/translate_static/img/te_ctrl3.gif
Requested by
Host: wellspring-investment.ltd
URL: https://wellspring-investment.ltd/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellspring-investment.ltd/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 09:21:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
420271
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1412
x-xss-protection
0
expires
Fri, 28 Jan 2022 09:21:19 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| WOW function| $ function| jQuery function| googleTranslateElementInit object| google object| html5 object| wow object| closure_lm_522261

0 Cookies

16 Console Messages

Source Level URL
Text
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <img>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <h1>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <p>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <a>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <li>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <li>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <li>
console-api log URL: https://wellspring-investment.ltd/(Line 462)
Message:
WOW: animating <li>

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capital-traders.ltd
code.jquery.com
coin-pay.org
fonts.googleapis.com
fonts.gstatic.com
translate.google.com
translate.googleapis.com
wellspring-investment.ltd
www.google.com
www.gstatic.com
www.muladev.online
www.youtube.com
192.3.183.226
198.54.126.75
2001:4de0:ac19::1:b:2b
2606:4700:3032::ac43:9e47
2606:4700:3035::6815:4cc9
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200a
004f72bbf4ca0a427ff8ee91897c33c981a5b92a7b657d9730fd81f603dc8cac
00fe93122ecf91a97c2f0647077eacee1da2b6babf34d7f8cf04ec6f06abcebf
0657e514c21e694e747522f6e2cfda689cebdacaf8bd48122bc0df5b2cc056d2
0c79eedcbe4a87c8866078f352ffdc6c66e44e3e5c629cb5ad52fde685b62ca5
0e17cbcab6ba215c9ea3aeb543e3a0bce2895767bd363adbb9212b87e9d3be9c
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
15e93e1095719e1c5217bb7da3603ba13d056ee108a8e4389805466bfe3d8858
189acf6893645dc3f697decb870090968420ee847e0e65dda96184ea86aed538
18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908
199dedd695d4401f987f4beb29dae237e9c43249e3afcdd7586ce9d6d2cff4e7
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
26b25ae8925aecee7f1c3494dd73ab7f9ec62b3f71c11548e089c3508d0bc2fe
2b10a51b0906f2c6479acf93dbf79ad790180ee75267368f09e31be81dbe4725
2b33aca37588f3e7ef9464b80c65c3fdc593bd9c1b38f6eae8c8506a1e644321
2d3a12e3de820feabb49c15f134108324bba21ea5e9cd99bd73f2954c91d84f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
313481039e7ac3e20f32662dbbaec9d6ddde196967cfdaffe50c8a317188a8eb
3138ff443154acc302f37169f8d89efe5e11866a64a674a9c057f45ca65d16f2
3331f20f6280e65a55b7cdce8ac4d8ebacdbe1c278bf409af680361b8692c9c5
41b3babd188123187fbba4c4de3a80b2b79c01d1a6d9cbbbbd3145e52354a77d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e469692b92bef29e59b4882536f7a05af9c82e1e5661f5f1f3f60fa6c4edf89
55a8238cb2e33932cf8df60aa973d9fb648ed9df70fb8da931fa736b1da2c373
5751e4359c5f866c293540ad63e5f2b0505d637bdd567ad4d02c6564995acefe
5bc6666eac1ed163f3933de764fabf80eb7d218aed8ce1fb471567c18b03a262
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fcba6eb6961f3e78a55fbc96c1400509488d8cc3248e9c79a80d947795d261f
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
61eee51bbe4193a49327a29c9008cce5bb4bf4c47cf4f94e699c4329bfdee990
69f70bdf7bcfe76c51589cd1c8c819cec8d740dddbc9f6a17d40f661f4ef4699
6a8b6c40ed29bdde4958c65710dec6be5e468974b2b678c398c9659246732971
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
7155b1a189fb6a5ce9e7286fa9a8d9b9dae4aa38add788a7b7b05507cdf0a162
79badf5d90265492a34381241a85b38131c6400dd115aae01b3299ec5d11b3f5
7ac087baf9bf5669dcb7b966a9e3082cc65c7f50f11374d9cd04d028c2249de1
81550e5c2d4927152f1349f20238792f8b902c73cf03c6fa2d291d4c17db672b
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
86fbfe313672eea1721475598ca81e520c6d1f788ec4ef7726c7af3cd987e560
8db20a61599446e107d9048cc4f70d648f129bd3ae839db885fd2b388569272e
90e6bd744c69dd6e59525cff896e2bc804395db58d0dabf840e8431665fe7b3b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
99e6d32956b1b5220bb7e98693eeea116e54bacc54866b6151e51a50487b2d6f
a303dbfd719b1ba0dc6fcd7baf5fcb8fc9e65f036259b5b71e0cc6528741b1c1
a36ff336f2dc276c4507e56d8f051a991d83e9913ae7e60b80cf5e1d2f919bd9
a5b6d245ecfcf5dba8b32b1cc45ce8a883a35363fc586208f37debf99656daa8
a68cb22b34799d24e6526232d7aab4eeee4f815c544cb047fad6a6ade96c51fe
ac515e10ad36f318a8a5224c072a16655f5f9c9fa1879212c94299bdc53fdf6d
b18c499163d6604a5947d51ac60d68773bacc395956cac8eaae50e0584f5b06c
b37ce57f1500ffe9fd4ab878134a3dbecaf2046adf4bea9631fdc3f45232f20d
b394b949800c735908e556daf89b23004bb637e04df0537efb223162c8852d21
b442bcbe1153f8856ed52732909da7dc281d5aee07e52f2d54b7f33ad24bd815
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
b86a8130565079071f13bda6aea29a6a6868c37a1bba1a14015b91f1bc653b75
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bb8896d3fe66a1b0a3481ac0ba6786afa3a76b81c55bce76dfb80de7200df833
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
c117872142d60bc8e79db145dc343f9be2adc51cf5633455c6758c9c316f25f7
c49ee60a4685053dc50281db95d6303fa46f469b560a9f6e351dbb9e2ef7a39c
c64c323908cc4868749112c9072cafa1e5c3f2d5ee991551515cfb57ad5fb022
c9368b75b8b38eba9366cf5f81e65237de7d55d37f01745aff0048d86b7f9d78
cdc36a65ddab8b7baa694526a73f7f84b6a39fae84fe4243af29dc066d1ee55d
ce11f18903c07813ff3aa7a6050703a97aefae57c28829f9a9597e69a4b391a5
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
f6198e6a8051f88043e4af3eb7b751350f3a1a2386e593dd48f0e707c2c8e111
f874e49abe428aded3ba65afd474956e72fed4fe833781b904c97f41dd71b2ce
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce