Report - steven-coldwellbth9965.web.app/

Report Overview

Visited public
2023-12-01 19:11:07
Tags
URL
steven-coldwellbth9965.web.app/
Finishing URL
steven-coldwellbth9965.web.app/
IP / ASN
199.36.158.100
#54113 FASTLY
Title
BANK

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s3.amazonaws.com	unknown	2005-08-18	2020-05-13 22:53:44	2023-11-20 03:46:36	506 B	507 B	52.217.231.160
www.bank1saar.de	unknown	unknown	2013-05-06 12:46:31	2023-06-13 06:47:22	638 B	125 kB	195.200.51.36
www.hangseng.com	235737	1995-10-24	2012-10-11 23:07:04	2023-11-19 04:05:39	489 B	30 kB	203.112.94.8
c8.alamy.com	15462	1999-10-15	2014-09-09 14:34:01	2023-11-30 20:55:35	525 B	178 kB	143.204.55.14
www.hayonlinewinkel.com	unknown	unknown	No data	No data	516 B	0 B	0.0.0.0
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	456 B	2.4 kB	142.250.74.42
scontent-iad3-1.cdninstagram.com	6500	2014-05-01	2015-05-21 14:33:19	2023-11-21 22:12:46	1.4 kB	3.6 kB	31.13.66.63
media.glassdoor.com	26560	2003-05-22	2012-11-09 07:15:43	2023-11-18 01:43:50	473 B	61 kB	104.17.152.86
196034-584727-raikfcquaxqncofqfm.stackpathdns.com	unknown	unknown	No data	No data	552 B	0 B	0.0.0.0
www.it-finanzmagazin.de	unknown	unknown	2017-02-03 08:14:24	2023-11-15 09:12:46	479 B	17 kB	194.97.156.111
upload.wikimedia.org	2215	2003-03-16	2012-05-21 11:39:45	2023-12-01 18:43:20	603 B	16 kB	185.15.59.240
media.xxxlutz.com	255771	2000-03-17	2018-01-19 13:41:19	2023-11-12 16:40:00	526 B	516 kB	104.18.32.90
www.paisabazaar.com	638768	2009-01-28	2014-02-05 16:03:34	2023-11-13 21:27:13	516 B	33 kB	104.110.11.188
www.vobakl.de	unknown	unknown	No data	No data	533 B	154 kB	195.200.51.47
i0.wp.com	3021	1997-03-28	2013-09-17 08:14:42	2023-12-01 05:09:54	526 B	186 B	192.0.77.2
ocsp.usertrust.com	899	1997-12-05	2012-05-21 17:43:18	2023-12-01 05:11:35	342 B	1.0 kB	172.64.149.23
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-01 08:06:52	505 B	16 kB	104.18.11.207
i2.wp.com	5618	1997-03-28	2017-01-30 06:03:40	2023-11-30 06:32:05	520 B	15 kB	192.0.77.2
encrypted-tbn0.gstatic.com	unknown	2008-02-11	2013-05-31 04:32:18	2023-12-01 16:57:32	518 B	3.2 kB	142.250.74.142
66.media.tumblr.com	42368	2006-06-08	2017-01-30 04:19:12	2023-11-17 14:23:57	510 B	147 kB	192.0.77.3
www.tagesschau.de	22556	unknown	2012-05-23 23:23:38	2023-11-09 13:44:32	496 B	43 kB	23.210.175.165
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22 20:08:50	2023-12-01 05:14:54	346 B	2.7 kB	192.124.249.24
templatelab.com	48788	2014-06-24	2015-05-29 16:04:41	2023-07-02 20:46:36	493 B	172 kB	104.26.12.36
www.deutsche-bank.de	266889	unknown	2013-09-23 00:40:21	2023-11-17 18:36:02	1.0 kB	1.8 kB	54.230.111.51
5.imimg.com	71219	2009-11-24	2018-06-19 19:16:36	2023-12-01 05:55:51	504 B	26 kB	143.204.55.83
assets.vccircle.com	unknown	unknown	No data	No data	466 B	303 kB	13.127.88.107
deavita.com	398510	2014-09-24	2014-10-17 16:14:49	2023-07-25 13:15:24	540 B	857 B	104.26.12.134
updategames.us	unknown	2019-08-27	2019-08-31 04:58:53	2023-11-12 11:00:14	432 B	1.3 kB	172.67.169.212
st4.depositphotos.com	66168	2009-02-07	2018-05-22 10:19:51	2023-10-27 10:13:29	563 B	224 kB	23.210.169.25
www.standort38.de	unknown	unknown	No data	No data	484 B	55 kB	132.145.233.116
ocsp.quovadisglobal.com	4610	2005-01-28	2012-10-10 02:35:30	2023-11-30 23:20:22	347 B	2.2 kB	152.195.13.36
www.bw-bank.de	unknown	unknown	2013-01-11 03:02:51	2023-10-14 23:38:04	587 B	89 kB	62.181.147.63
cdn.dribbble.com	45168	2008-03-19	2017-04-03 14:44:06	2023-12-01 08:46:29	487 B	548 B	192.229.220.206
businessday.ng	230696	2018-06-14	2018-12-03 20:50:05	2023-10-30 17:23:46	483 B	752 B	104.26.9.49
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-01 08:06:52	486 B	24 kB	151.101.2.137
cdn.corporatefinanceinstitute.com	87325	2015-10-29	2017-10-17 17:41:35	2023-09-13 15:23:38	502 B	60 kB	82.102.27.18
is4-ssl.mzstatic.com	1752	2010-07-12	2015-02-12 11:39:51	2023-11-22 05:57:50	538 B	43 kB	184.24.44.26
view.publitas.com	118786	2003-12-04	2016-03-23 07:20:29	2023-11-18 21:33:45	509 B	87 kB	54.230.111.83
s3.eu-central-1.amazonaws.com	unknown	2005-08-18	2014-11-23 19:35:48	2023-11-30 21:16:20	502 B	62 kB	52.219.75.179
www.hebelschule-bruchsal.de	unknown	unknown	No data	No data	488 B	380 B	92.204.55.169
image.isu.pub	44660	2015-02-05	2015-06-10 13:38:23	2023-11-30 09:33:05	508 B	8.9 kB	151.101.66.110
www.robotinvestmentcalculator.com	unknown	unknown	No data	No data	453 B	1.8 kB	199.59.243.225
ocsp.swisssign.ch	unknown	unknown	2023-01-12 01:56:27	2023-11-29 11:00:12	386 B	7.2 kB	23.36.79.11
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-01 06:54:36	524 B	23 kB	104.18.11.207
vulearning.pk	unknown	unknown	No data	No data	505 B	0 B	0.0.0.0
steven-coldwellbth9965.web.app	unknown	unknown	No data	No data	3.8 kB	85 kB	199.36.158.100
ssl-c3-ca1-ev-2009.ocsp.d-trust.net	100851	2000-09-07	2017-01-29 22:07:24	2023-11-30 02:00:11	359 B	3.1 kB	193.28.71.48

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	vulearning.pk	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	steven-coldwellbth9965.web.app/	ScriptElement	424 B	2024-08-20	2024-08-20
Pretty URL steven-coldwellbth9965.web.app/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash d104b9d77d438ff17148dd2e10893193 7af2b14dc4661f437d629aef3f383bd8003c4c21 5c6166ac1458820d5964f9947fc3ef0ca0752f3bc5e8563c8b2a46179abece9d Loading...

	unknown	EventHandler	134 B	2023-04-13	2025-04-13
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-13 04:47 Last Seen2025-04-13 06:21 Times Seen66 Hash 7ad5a10e33bf15a299499ade7762b03f ce1455d1508d122e6f79551a77c6c1c1600115fd 029136506b122dbe15c6b48451810a844d52a51fc3c06bc31fec403c8e214505 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-09
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 13:09 Times Seen74826 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 13:08 Times Seen57118 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	updategames.us/gam/arsae88.js	ScriptElement	401 B	2024-08-20	2024-08-20
Pretty URL updategames.us/gam/arsae88.js IP 172.67.169.212 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 5f0b5895104a546ee2e9ca9e238ca708 f53d4748cafa9831c555b91dcb4313b39dc2e647 a89a012233db25b58d37641fa44d180fdf0fe7ee184625a3d84ba6ef6436e950 Loading...

HTTP Transactions (56)

URL IP Response Size

steven-coldwellbth9965.web.app/

199.36.158.100

200 OK

5.8 kB

URL User Request GET HTTP/2
steven-coldwellbth9965.web.app/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2761), with CRLF, LF line terminators
Size
5.8 kB (5799 bytes)
Hash
132bf175f962f5b4d2dd0951c5e84f16
9b874021879fa901770ce9569aa1f8b385b500a1
49cdecb448f9230e962cbeabe2a09ae914cbcc7a239e9c43f63ef312eff4ce28

HTTP Headers

GET / HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "f3be7bab4783a96911d9cf57cd00afb59cdc487bf5d3779c25f44275667212d9-br"
last-modified: Tue, 21 Jul 2020 23:24:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:48 GMT
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701457848.954817,VS0,VE99
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5799
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.2.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steven-coldwellbth9965.web.app
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:48 GMT
age: 6554049
x-served-by: cache-lga21963-LGA, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 22, 33925
x-timer: S1701457848.422328,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

steven-coldwellbth9965.web.app/2

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /2 HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:48 GMT
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701457848.412705,VS0,VE39
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

steven-coldwellbth9965.web.app/u0-InVWDGkR9FM

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/u0-InVWDGkR9FM
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /u0-InVWDGkR9FM HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:48 GMT
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701457848.429955,VS0,VE43
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

steven-coldwellbth9965.web.app/rKCdlz0EHEsReM

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/rKCdlz0EHEsReM
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /rKCdlz0EHEsReM HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:48 GMT
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701457848.435134,VS0,VE42
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

st4.depositphotos.com/11578248/21744/i/1600/depositphotos_217449754-stock-photo-stuttgart-germany-january-2018-boersenplatz.jpg

23.210.169.25

200 OK

223 kB

URL GET HTTP/2
st4.depositphotos.com/11578248/21744/i/1600/depositphotos_217449754-stock-photo-stuttgart-germany-january-2018-boersenplatz.jpg
IP
23.210.169.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.depositphotos.com
Fingerprint3B:0D:21:42:21:34:F2:38:B6:EE:A9:27:F0:07:F0:52:9E:C7:42:B4
ValidityThu, 23 Nov 2023 00:00:00 GMT - Wed, 27 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 420x420, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, height=3722, bps=218, compression=none, PhotometricIntepretation=RGB, description=STUTTGART,GERMANY - JANUARY 27,2018: , manufacturer=SONY, model=ILCE-6000, orientation=upper-left, width=5093], baseline, precision 8, 1600x1269, components 3\012- data
Size
223 kB (223341 bytes)
Hash
e581f2441542bac4e9e3f7e7ab52e5ac
7519b935efc39776460b30599913073f80e0d056
903d3f3e60eb15354b79e8f7d322e812580dd9117647ad96a163611160c4705b

HTTP Headers

GET /11578248/21744/i/1600/depositphotos_217449754-stock-photo-stuttgart-germany-january-2018-boersenplatz.jpg HTTP/1.1
Host: st4.depositphotos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 223341
last-modified: Sat, 29 Sep 2018 15:40:20 GMT
access-control-allow-origin: *
accept-ranges: bytes
cache-control: public, max-age=63072000
expires: Sun, 30 Nov 2025 19:10:48 GMT
date: Fri, 01 Dec 2023 19:10:48 GMT
X-Firefox-Spdy: h2

scontent-iad3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/90434302_773693523037077_5628195159948664895_n.jpg?_nc_ht=scontent-iad3-1.cdninstagram.com&_nc_cat=109&_nc_ohc=YZBLZ4NcBq4AX_FISQr&oh=bb335cb6e4db5c924a03d96d7b7ea38b&oe=5ED3FBDB

31.13.66.63

403 Forbidden

21 B

URL GET HTTP/2
scontent-iad3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/90434302_773693523037077_5628195159948664895_n.jpg?_nc_ht=scontent-iad3-1.cdninstagram.com&_nc_cat=109&_nc_ohc=YZBLZ4NcBq4AX_FISQr&oh=bb335cb6e4db5c924a03d96d7b7ea38b&oe=5ED3FBDB
IP
31.13.66.63:443
ASN
#32934 FACEBOOK

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint03:EA:43:F3:47:40:9C:E0:53:82:89:16:69:49:A2:F1:58:CE:2F:37
ValiditySun, 10 Sep 2023 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

HTTP Headers

GET /v/t51.2885-15/sh0.08/e35/s640x640/90434302_773693523037077_5628195159948664895_n.jpg?_nc_ht=scontent-iad3-1.cdninstagram.com&_nc_cat=109&_nc_ohc=YZBLZ4NcBq4AX_FISQr&oh=bb335cb6e4db5c924a03d96d7b7ea38b&oe=5ED3FBDB HTTP/1.1
Host: scontent-iad3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/plain
content-length: 21
server: proxygen-bolt
proxy-status: http_request_error; e_clientaddr="AcIxmfHLRM7LaQ8OHV6B74hfV-uuttKi3McPg7ALw3ZweBVIuWbLz8cOcNO5qmL9bo5oCnTbnxQKMJ5g"; e_fb_vipport="AcJIZOPalafYmp1UGhuJKJbNyJPkpQqhKi7AcLsStNlqzLiTKG9-dy-roPU3"; e_fb_hostheader="AcIJW2fHNyaU7Xvfx_sTb2QSAHZ7BwmfpbzIZDHlHlZrmjbFPEg2b6x35V-hCbVcY3zXlgicMQbXi-Migzd7Ez758CWFregBN4o"; e_fb_vipaddr="AcKD6qQ1Ud-S5dAAOgS323xZnnk3xsDnmBc0cFtj_946l0yPhPU3ZON8QDdhhfyq4mkNPrc"; e_fb_requesthandler="AcIb9TvkjH_braea0Nf527XkVrssGw0vT4BhVexN4ciWpwhC8-j6gunIqHICZybVpIB-Kueed0IwB7EjIg"; e_fb_builduser="AcJqZ7A-Q2Xvm60hLpOzJ3mFibj5bmMawKZUc5g7ro6ypT8eDrezCGg3dXqleEyh14M"; e_fb_binaryversion="AcLFTxyi0swul7pAu9rMv-n59dmqVRyNhP9DqzVRhvCGLtfcu3XwUBeBRG49_yOwQr8994sHcQCKMmj0AoNjqaGemduBe3gdcYk"; e_proxy="AcILV4Vz7VXtcsHe81H-Pzz4iE1h4i8IIpjnbBcYidnE_yRy4WUqYiIp3u6ZnY4dToqH_HE6ukriK_RP", http_request_error; e_clientaddr="AcI3PwtA8hmSLqBktg-clIFDWj_IDOquYCfnaKNMC6TmI7p4IQAXA7lw-hB0zXy-iw6e6JwcHT2pbJxI"; e_fb_vipport="AcKTR52TPBVFvc5DT0k-R-UzmaQCrdf4scCi10CTO0ucLbhp8fSYGMHZoFgn"; e_fb_hostheader="AcI_JWJq88bWRuEbg6OIvyjYpOjZqtn_5V1i12sqw7XSoDCy5dfyYgJvostc1Ao7cFvJ5rG_8iPxu81WKkDpLW1S8U7hbyaq_VM"; e_fb_vipaddr="AcKRq3nHglZTAg1UBf3dABl1xyTeL39WKoiEvWY9m6_hBNgDCdnHbYaskGdgC1-czgpnh6Q"; e_fb_requesthandler="AcLiFkYl24TazlrBRKlERdjYDEGIvX1W0IelAuCQPGEinWvHFrfe56UjplePPPgv9YQog_H4HpdBT_sJLw"; e_fb_builduser="AcId2Pl_BAq6ctyltY2v9CWFhLAfHtqOvtIfPwAeiRd7x9gP3zK6FdroQyvnGIdwa4c"; e_fb_binaryversion="AcIbESreGw7uNGBrM35yVWzpvv2TAvMA3xV1_zGHfHxbfCi1fVe1dbOEXIsdUUtes0U-QicvWn8dQCdYQgr5xCeizSI5IQoGin8"; e_proxy="AcJvrDOSI5uxfNobM2xIQjw3qjnmVNV0lbz2H0cgT_xeB83SMLPJ5-UQ9VelxOM6DYA8j0wNFObLgag_"
date: Fri, 01 Dec 2023 19:10:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ssl-c3-ca1-ev-2009.ocsp.d-trust.net/

193.28.71.48

3.0 kB

URL
ssl-c3-ca1-ev-2009.ocsp.d-trust.net/
IP
193.28.71.48:0
ASN
#15404 COLT Technology Services Group Limited

File type
data
Size
3.0 kB (2993 bytes)
Hash
fb47c961233f5a4f98963f9fdbf2a23c
123c8ccca27f8ae12dd9a4f6891d9fdf21494974
bf3c0e26b0b5ab4a1ebebe5940286e0d74e5a9c7a24feeb7282b46d10e4a360a

HTTP Headers

POST / HTTP/1.1
Host: ssl-c3-ca1-ev-2009.ocsp.d-trust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-type: application/ocsp-response
Connection: close
Content-Length: 2993

cdn.corporatefinanceinstitute.com/assets/DCF-analysis-1024x469.png

82.102.27.18

200 OK

59 kB

URL GET HTTP/2
cdn.corporatefinanceinstitute.com/assets/DCF-analysis-1024x469.png
IP
82.102.27.18:443
ASN
#9009 M247 Ltd

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerLet's Encrypt
Subjectcdn.corporatefinanceinstitute.com
Fingerprint3D:9A:0C:76:48:24:C7:BA:22:1D:E9:93:64:1B:7C:55:70:2E:9F:25
ValidityWed, 15 Nov 2023 17:25:25 GMT - Tue, 13 Feb 2024 17:25:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x469, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
59 kB (59248 bytes)
Hash
84a0b701b4abf3a99c6e736f606ccdf2
63421b8748d414f6d37c759bf16e6c1cd0637476
88f52a57349e7f17b1bc12eee3d72595368cba306676b589ca3d4235efbe15d8

HTTP Headers

GET /assets/DCF-analysis-1024x469.png HTTP/1.1
Host: cdn.corporatefinanceinstitute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: keycdn
date: Fri, 01 Dec 2023 19:10:48 GMT
content-type: image/webp
content-length: 59248
vary: accept
x-ip: 1
x-ip-info: osz=59248 odim=1024x469 ofmt=webp
cf-ray: 80da8ba09dbf0a69-AMS
cf-cache-status: MISS
cache-control: max-age=604800
etag: "624d93dd-106b7"
expires: Fri, 08 Dec 2023 19:10:48 GMT
last-modified: Wed, 06 Apr 2022 13:21:33 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.1;mv=2.2.3
ki-edge-o2o: yes
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ig%2FHwSRSsHja6L1hN9QaTkBPzkgT%2B93JfPuk5QkNe37qgMpEx9%2BE3K6UEV%2BO%2F1tr5bS%2B%2Fus8MJrvPO5usGfkSgj9zNvBvcc6qcdQ5SrkQYx%2F8oWLi7cfGHCW89jf5D0hzk115oQLMx5nuOzC%2B7tY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-edge-location-klb: 1
alt-svc: h3=":443"; ma=86400
link: <https://corporatefinanceinstitute.com/assets/DCF-analysis-1024x469.png>; rel="canonical"
x-cache: MISS
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

steven-coldwellbth9965.web.app/2

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /2 HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:49 GMT
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1701457849.028576,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

steven-coldwellbth9965.web.app/u0-InVWDGkR9FM

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/u0-InVWDGkR9FM
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /u0-InVWDGkR9FM HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:49 GMT
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1701457849.028583,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

steven-coldwellbth9965.web.app/rKCdlz0EHEsReM

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/rKCdlz0EHEsReM
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /rKCdlz0EHEsReM HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:49 GMT
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1701457849.028557,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec

23.36.79.11

6.9 kB

URL
ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.9 kB (6901 bytes)
Hash
121d9df2fb8608e7fc376026dc2fe3f7
ae9330b8d82d90340a6c02a6938d3c51fc86eceb
0f73a35741afec0aad00ef065e86237b4b633ecad3fdd793eb8b7e8de609ed32

HTTP Headers

POST /sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec HTTP/1.1
Host: ocsp.swisssign.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 6901
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
Expires: Fri, 01 Dec 2023 20:10:49 GMT
Date: Fri, 01 Dec 2023 19:10:49 GMT
Connection: keep-alive

31.13.66.63

403 Forbidden

21 B

URL GET HTTP/2
scontent-iad3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/90434302_773693523037077_5628195159948664895_n.jpg?_nc_ht=scontent-iad3-1.cdninstagram.com&_nc_cat=109&_nc_ohc=YZBLZ4NcBq4AX_FISQr&oh=bb335cb6e4db5c924a03d96d7b7ea38b&oe=5ED3FBDB
IP
31.13.66.63:443
ASN
#32934 FACEBOOK

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint03:EA:43:F3:47:40:9C:E0:53:82:89:16:69:49:A2:F1:58:CE:2F:37
ValiditySun, 10 Sep 2023 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

HTTP Headers

GET /v/t51.2885-15/sh0.08/e35/s640x640/90434302_773693523037077_5628195159948664895_n.jpg?_nc_ht=scontent-iad3-1.cdninstagram.com&_nc_cat=109&_nc_ohc=YZBLZ4NcBq4AX_FISQr&oh=bb335cb6e4db5c924a03d96d7b7ea38b&oe=5ED3FBDB HTTP/1.1
Host: scontent-iad3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/plain
content-length: 21
server: proxygen-bolt
proxy-status: http_request_error; e_clientaddr="AcKp0b1n9kk6sjDUkPF1qXSGBVKxmS3OkuM3RpWbsX9LhJmMCpxQP7X5t7npJT8MYde0_-YEDY1UTUZj"; e_fb_vipport="AcIHK7qwat8HXC45a0XQItCo8Z6JA0MlgIKwvB8gSo0x9IehS_ubuMlNBLfX"; e_fb_hostheader="AcIKuRh8s2TGqjBuPw_b9wiwFMHIlUcMvcnv0WxZrh5um_uiMV_R6-w4KEj2X2AgA84aaJEyBJ6KLbVB5_Y5dtm9JxmiIW4-GxQ"; e_fb_vipaddr="AcI1uCuVXfBZgzKKcknimddDTSMJ9478OAkk2JqMt-_j45yO82CPTYChePmXW3SE-RrM8hk"; e_fb_requesthandler="AcI2Fp3mQ5vAzdAKLCG73sEpFbgFkbIhJE2cGehGa-KMApsRJYuin53zdeL2h9URVhWym4sfkTTsxDsmlA"; e_fb_builduser="AcJJ673Eqptt1S0tYIr9RrhANCwXvliA6ktK_qyP598u6B1vlgEqhMP2QCLibKjMRq4"; e_fb_binaryversion="AcLE3lsG769C4QMcxSUtsjX0-94umgGypjRQuaLFeAF0l9qz7oCrFowgFyAaMuhzthNpTByocvhRlkLGKmlUzPPb9wxPNFWzowA"; e_proxy="AcLMCE-qz8B3SaimwhEXrfE3j0S1Ygte6IqfYBfB_N-HBPrwRlE7Tk7UNY0rC-4a22qNLl_QrlmJN2M", http_request_error; e_clientaddr="AcKdzDJa6xpkfx5pqp65WRAca6geYlc3Y94rxvS27A8ceeaUxdr1rmB738W9j5eNu0a-SeJeAirks-zM"; e_fb_vipport="AcI_-KEOb6s6r4b_HLbVrsvKSBi72PJgK3wPVBcaCQmUbxW9EWe52AgTxMOP"; e_fb_hostheader="AcJxhBIrdmLFZnXo7_sas199RIrkLrn6iifiDc8Gjyv2Md0r7Fj6_zSVvWNpPCQIv1zM3XgwD5dlImBM5k2ytW9KzZSLe-UC3jo"; e_fb_vipaddr="AcKFoWpa3h3yXFTxeIGUo4c83TZJX2kPlDIqBjjygys4tLo_QWZQ-B1bHj5LXFrrPU3O5vc"; e_fb_requesthandler="AcJecnnCULzGhwLk6zE-uk1jr5cL4tAwLfGXVVex1lijiIm5idPh-TNVDB2_aj1HXzRDqzBvID8bxS07Xg"; e_fb_builduser="AcL7-RKbeNJHV6MNkgDs08uXcW_bSRRrDzV-gNBnS06SEoiIlaxWvExGnEJDx9GWsMo"; e_fb_binaryversion="AcIlXFqze7-bRl69vPIcu_EMqYGAmMa1L5QyJthpQx4dVKd56JvmROZt_oJY6nqVMZNeCDzAdhmR0SA0CBLH41QnvrB0Vh1bbAs"; e_proxy="AcIHu-Qozdl9q2tecgkzOeOKdSGRSuJCAWAAsFhnohs4lARLw3Kxc4GyPjyoHh2HskvHkxQwYw6rAPY"
date: Fri, 01 Dec 2023 19:10:49 GMT
alt-svc: h3=":443"; ma=86400
priority: u=4

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

22 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65324)
Size
22 kB (22520 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steven-coldwellbth9965.web.app
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:48 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:48:38
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: df61b211565073be3f954da43554437b
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82eda1e08e2856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

image.isu.pub/190325055643-dc52cc908957d50b5ecbc7fe932f96a5/jpg/page_1_thumb_large.jpg

151.101.66.110

200 OK

8.1 kB

URL GET HTTP/2
image.isu.pub/190325055643-dc52cc908957d50b5ecbc7fe932f96a5/jpg/page_1_thumb_large.jpg
IP
151.101.66.110:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGlobalSign nv-sa
Subject*.isu.pub
FingerprintE8:90:7B:36:F1:0A:1E:7B:04:33:A6:9A:73:42:7B:4B:34:32:43:51
ValidityTue, 04 Jul 2023 12:47:53 GMT - Sun, 04 Aug 2024 12:47:52 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 340x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.1 kB (8054 bytes)
Hash
310549a8127aca780089002207aa3c91
22bcbc1b3aa4fa264055482d2284afc48e7d5cdd
bbfde6f79f3beec12e0d3c2173ecd02228016a9f0149d580ccccc9fdeaab0e59

HTTP Headers

GET /190325055643-dc52cc908957d50b5ecbc7fe932f96a5/jpg/page_1_thumb_large.jpg HTTP/1.1
Host: image.isu.pub
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=31536000
content-type: image/webp
etag: "/CxnCUD3GR+K8uzqxOfc/P1dMvaIplE/+NMS2Cc7PPA"
fastly-io-info: ifsz=76512 idim=1059x1497 ifmt=jpeg ofsz=8054 odim=340x480 ofmt=webp
fastly-io-served-by: vpop-mnz1300706
fastly-stats: io=1
server: AmazonS3
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-cf-id: 3kxn7UEQWY4_ZVG0rkZBsAMXAE5VBdWyhGbtKHcmdLlIi8FiDPQSCw==
x-amz-cf-pop: IAD50-C2
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:49 GMT
age: 2572320
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200161-IAD, cache-bma1678-BMA
x-cache: Miss from cloudfront, MISS, HIT, MISS
x-cache-hits: 0, 74, 0
x-timer: S1701457849.150516,VS0,VE92
vary: Accept
content-length: 8054
X-Firefox-Spdy: h2

www.standort38.de/wp-content/uploads/sites/3/2018/04/11018.jpg

132.145.233.116

200 OK

54 kB

URL GET HTTP/1.1
www.standort38.de/wp-content/uploads/sites/3/2018/04/11018.jpg
IP
132.145.233.116:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSwissSign AG
Subject100aus38.de
FingerprintCE:C4:27:70:66:0C:98:E5:41:BC:EE:C3:BA:55:3F:0C:60:D3:9C:AA
ValidityThu, 16 Nov 2023 11:38:03 GMT - Sat, 16 Nov 2024 11:38:03 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x452, components 3\012- data
Size
54 kB (54336 bytes)
Hash
54024ebc60777a68a04eba68b86687df
995ae4b47ddcb04980befae7907161edef686145
f91cd853bf0c6952930e3af3f696cbea677e8185332e4de42a68b87b5ce15a12

HTTP Headers

GET /wp-content/uploads/sites/3/2018/04/11018.jpg HTTP/1.1
Host: www.standort38.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 19:10:49 GMT
Content-Type: image/jpeg
Content-Length: 54336
Connection: keep-alive
Last-Modified: Wed, 18 Apr 2018 10:39:08 GMT
ETag: "d440-56a1d108fab00"
Accept-Ranges: bytes

ocsp.usertrust.com/

172.64.149.23

472 B

URL
ocsp.usertrust.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1784b3637c70bb76768af2bc75aa687a
8a7380cc926bf60ca4b93efba22b17f9119a5f1b
904410047819b0c36f016fca8cd5384b8d1f19093eedd2032d6cb6e4236de9ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 19:10:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 28 Nov 2023 19:48:02 GMT
Expires: Tue, 05 Dec 2023 19:48:01 GMT
Etag: "8a7380cc926bf60ca4b93efba22b17f9119a5f1b"
Cache-Control: max-age=348132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82eda1e56b5556a4-OSL

www.robotinvestmentcalculator.com/uploads/2/7/3/8/27389329/cpi-1800-2009_orig.jpg

199.59.243.225

200 OK

1.1 kB

URL GET HTTP/1.1
www.robotinvestmentcalculator.com/uploads/2/7/3/8/27389329/cpi-1800-2009_orig.jpg
IP
199.59.243.225:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerLet's Encrypt
Subjectrobotinvestmentcalculator.com
Fingerprint5B:67:C7:52:EB:87:BC:65:F4:84:ED:A2:73:7A:ED:82:98:38:A5:29
ValidityTue, 28 Nov 2023 20:32:10 GMT - Mon, 26 Feb 2024 20:32:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (426)
Size
1.1 kB (1129 bytes)
Hash
676bbeb1c91c18532780a744537ba3ed
c8244d5b34b969dc8b17c141f0b0795553d87f12
262b48eef71a84210d354a8631e7c4ea170c494cee9bd49522a56874fb49bcb1

HTTP Headers

GET /uploads/2/7/3/8/27389329/cpi-1800-2009_orig.jpg HTTP/1.1
Host: www.robotinvestmentcalculator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 19:10:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1129
X-Request-Id: fdc03fb3-a568-4aff-abee-10cdae595307
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_k46aCuy8zAWqQ1tXD39b9RW2PFqXO7qY9cCleXhxngE8ah4do2mGtKNrTHfhyuoT1bvzccCYTV2P9W4rwnMlFQ==
Set-Cookie: parking_session=fdc03fb3-a568-4aff-abee-10cdae595307; expires=Fri, 01 Dec 2023 19:25:49 GMT; path=/
Connection: close

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

15 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (48664)
Size
15 kB (15310 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://steven-coldwellbth9965.web.app
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/31/2023 18:55:57
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 67b10225bcd8d2860ed6182d18bb7adf
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82eda1e0ae4856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.it-finanzmagazin.de/wp-content/uploads/2015/09/21.jpg

194.97.156.111

200 OK

17 kB

URL GET HTTP/1.1
www.it-finanzmagazin.de/wp-content/uploads/2015/09/21.jpg
IP
194.97.156.111:443
ASN
#5539 SpaceNet AG

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoGetSSL
Subjectit-finanzmagazin.de
Fingerprint55:78:79:57:6A:19:95:98:DE:EC:76:DD:91:F9:0E:C1:6B:78:3C:83
ValidityFri, 21 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x748, components 3\012- data
Size
17 kB (16888 bytes)
Hash
178bfd5d7c2b43027762a26679485513
04ddd74fd1e7a7aedbda59141c9975f76efbf41f
9bf8396b2ba6550f5aa1ebd40a23693e765e3f5899a8565213eec6c33d7076a4

HTTP Headers

GET /wp-content/uploads/2015/09/21.jpg HTTP/1.1
Host: www.it-finanzmagazin.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 19:10:50 GMT
Server: Apache
Vary: Accept-Encoding
Last-Modified: Mon, 05 Sep 2022 19:09:47 GMT
Accept-Ranges: bytes
Content-Length: 16888
Cache-Control: max-age=604800, proxy-revalidate, public
Expires: Sat, 30 Mar 2024 19:10:50 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.quovadisglobal.com/

152.195.13.36

1.8 kB

URL
ocsp.quovadisglobal.com/
IP
152.195.13.36:0
ASN
#15133 EDGECAST

File type
data
Size
1.8 kB (1781 bytes)
Hash
0779077b84ecf43ab91aa1cc4cf644fe
9beee65d47272a29c0b0af724e33b3da6d56a325
1ec314c4b9ede9306190e9c95610d24841d35deadda21451c5ca70600ebc924f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3753
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Fri, 01 Dec 2023 19:10:49 GMT
Etag: "9beee65d47272a29c0b0af724e33b3da6d56a325"
Expires: Sun, 03 Dec 2023 19:10:48 GMT
Last-Modified: Fri, 01 Dec 2023 18:08:16 GMT
Server: ECAcc (nyb/1D71)
X-Cache: HIT
Content-Length: 1781

upload.wikimedia.org/wikipedia/commons/thumb/2/2c/Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg/150px-Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg

185.15.59.240

200 OK

15 kB

URL GET HTTP/2
upload.wikimedia.org/wikipedia/commons/thumb/2/2c/Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg/150px-Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint48:3F:0C:71:F3:4A:E0:EA:30:D9:9B:D6:04:63:DC:DA:A8:F4:9D:FB
ValidityWed, 18 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 150x225, components 3\012- data
Size
15 kB (14700 bytes)
Hash
7928ea521eb3e97845c2842e4939d823
3a6c49a3642a8ac4f4b89142d26e0dfaff1422cf
7f1e93ad0306a5a26ce6e0d3a54e70e57cb3a938cafad40d82726a6d2137e9d4

HTTP Headers

GET /wikipedia/commons/thumb/2/2c/Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg/150px-Nord-LB_office_building_tower_east_side_Hanover_Germany_02.jpg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
etag: 7928ea521eb3e97845c2842e4939d823
last-modified: Mon, 21 Aug 2017 11:30:44 GMT
content-length: 14700
date: Fri, 01 Dec 2023 19:10:49 GMT
server: envoy
age: 0
x-cache: cp3078 miss, cp3078 miss
x-cache-status: miss
server-timing: cache;desc="miss", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

media.xxxlutz.com/i/xxxlutz/PIZcUzWrqmTjU2OKvjEwgsoQ/?fmt=jpg&fmt.jpeg.interlaced=true&w=0&h=2362&qlt=85

104.18.32.90

200 OK

515 kB

URL GET HTTP/2
media.xxxlutz.com/i/xxxlutz/PIZcUzWrqmTjU2OKvjEwgsoQ/?fmt=jpg&fmt.jpeg.interlaced=true&w=0&h=2362&qlt=85
IP
104.18.32.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subjecta.sni.dm.amplience.net
FingerprintAD:98:39:C7:A2:7D:13:0B:C9:7A:29:4E:21:E4:C6:81:74:E4:25:83
ValidityTue, 29 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 3543x2362, components 3\012- data
Size
515 kB (515340 bytes)
Hash
f7d0a0d2b611dbe70a061ed2d2782ff8
0faaf7f50b0cc03ab445b9baf650cb9dac4879c4
1e27b6763857617df555f0ed8345781ac7c1d1a8d0e6b18d721362ed8e1e5e6e

HTTP Headers

GET /i/xxxlutz/PIZcUzWrqmTjU2OKvjEwgsoQ/?fmt=jpg&fmt.jpeg.interlaced=true&w=0&h=2362&qlt=85 HTTP/1.1
Host: media.xxxlutz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:49 GMT
content-type: image/jpeg
content-length: 515340
cf-ray: 82eda1e65b6c56b4-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, max-age=31536000
last-modified: Fri, 01 Dec 2023 19:10:49 GMT
vary: Accept-Encoding
edge-cache-tag: Mal8c7Jul,RWvQSxuJe,71WyNNUZf,btiVVtgQ_
edge-control: max-age=31536000
x-amp-cf-worker: true
x-amp-published: Fri, 05 Feb 2021 11:58:57 GMT
x-amp-source-height: 2362
x-amp-source-width: 3543
x-amp-srv: CF
x-frame-options: DENY
x-req-id: lowY4jlOH4
x-xss-protection: 1; mode=block
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

is4-ssl.mzstatic.com/image/thumb/Purple113/v4/ad/df/9d/addf9d19-42d4-16db-e2b6-5de4347a4805/pr_source.jpg/300x0w.jpg

184.24.44.26

200 OK

42 kB

URL GET HTTP/2
is4-ssl.mzstatic.com/image/thumb/Purple113/v4/ad/df/9d/addf9d19-42d4-16db-e2b6-5de4347a4805/pr_source.jpg/300x0w.jpg
IP
184.24.44.26:443
ASN
#16625 AKAMAI-AS

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerApple Inc.
Subjectitunes.apple.com
FingerprintDF:34:77:31:77:BE:90:FC:81:73:0A:81:D6:8D:1F:F3:1D:F1:B0:AB
ValidityThu, 30 Nov 2023 01:54:06 GMT - Tue, 28 May 2024 02:04:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 300x649, components 3\012- data
Size
42 kB (41734 bytes)
Hash
ef66f79601767757ceffcdd699d349e4
7231bbe2c03d1ce2c8d5ea694d0e9251603ad1dc
3ba10e3003ce9e38f4ea39cc928630ad5fca5c8c79dbe7d1264cfac89e40cd03

HTTP Headers

GET /image/thumb/Purple113/v4/ad/df/9d/addf9d19-42d4-16db-e2b6-5de4347a4805/pr_source.jpg/300x0w.jpg HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: 4.0.0
content-type: image/jpeg
content-length: 41734
x-apple-jingle-correlation-key: UCYOB6QLK5VAPCTLP2LVINQHZM
x-apple-request-uuid: a0b0e0fa-0b57-6a07-8a6b-7e97543607cb
b3: a0b0e0fa0b576a078a6b7e97543607cb-0cb033150a3db527
x-b3-spanid: 0cb033150a3db527
x-b3-parentspanid: e172033dfe3c3927
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 13 Oct 2023 12:50:17 GMT
etag: "MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5NzIwMTQxNzc5Mixpc0J1aWxkVmVyc2lvbk5vdFNldCwwYjMyOTRkMSxub0VmZmVjdA=="
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
x-b3-traceid: 9009baec1c385c4d
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE158:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338001:mr47p00it-qujn04120302:7987:23RELEASE158:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid: a1dd323c-e589-497c-8db8-962af3a90ab4-48011590
cache-control: no-transform, max-age=16127667
date: Fri, 01 Dec 2023 19:10:49 GMT
x-cache: TCP_MISS from a95-101-11-174.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-cache-remote: TCP_MISS from a23-3-90-29.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
X-Firefox-Spdy: h2

www.paisabazaar.com/wp-content/uploads/2018/03/Union-Bank-of-India-Account-Balance-Check-1.jpg

104.110.11.188

200 OK

32 kB

URL GET HTTP/2
www.paisabazaar.com/wp-content/uploads/2018/03/Union-Bank-of-India-Account-Balance-Check-1.jpg
IP
104.110.11.188:443
ASN
#16625 AKAMAI-AS

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.paisabazaar.com
FingerprintDC:AE:EE:2F:A4:07:48:8C:04:4E:C6:21:CC:7E:32:B0:07:76:E6:29
ValidityMon, 17 Jul 2023 00:00:00 GMT - Wed, 17 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 793x658, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (31666 bytes)
Hash
bf51fef4d540b059ca02d386f0d2a02a
d20a3976f22c0f4bbddba576a37ed51813ef0d0e
75b74f1c27a1ff2d31800a96ecdffc32dbfdf85eb6535897cc4c09c37614f6bf

HTTP Headers

GET /wp-content/uploads/2018/03/Union-Bank-of-India-Account-Balance-Check-1.jpg HTTP/1.1
Host: www.paisabazaar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
last-modified: Thu, 25 Mar 2021 21:08:22 GMT
access-control-allow-origin: https://www-paisabazaar-com.cdn.ampproject.org
x-webp-express: Redirected directly to existing webp
vary: Accept,Accept-Encoding,User-Agent, X-UA-Device
x-ua-device: pc
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: frame-ancestors https://paisabazaar.com https://*.paisabazaar.com https://mc.401.exacttarget.com https://mj-journey-builder-ui.401.marketingcloudapps.com;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 31666
cache-control: private, max-age=604800
expires: Fri, 08 Dec 2023 19:10:49 GMT
date: Fri, 01 Dec 2023 19:10:49 GMT
set-cookie: LB=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
pb_request_id: 0.a64d2417.1701457849.74c1af7
X-Firefox-Spdy: h2

www.tagesschau.de/wirtschaft/boerse/hr-boerse-image-18989~_v-videowebm.jpg

23.210.175.165

404 Not Found

42 kB

URL GET HTTP/2
www.tagesschau.de/wirtschaft/boerse/hr-boerse-image-18989~_v-videowebm.jpg
IP
23.210.175.165:443
ASN
#20940 Akamai International B.V.

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subjectwww.tagesschau.de
FingerprintAF:6D:06:C8:7F:1B:2C:26:E8:7C:7A:08:FF:6A:AA:50:49:10:70:22
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type
data
Size
42 kB (42274 bytes)
Hash
19de37513ffd4ab2e65cab5f07986055
1c794e690482582c7ab5c05b30e0cacf849ce548
ab9c061e6915bcec3ef508a08d91e9ba9bc2d35538e1e3bc6e67300577beb236

HTTP Headers

GET /wirtschaft/boerse/hr-boerse-image-18989~_v-videowebm.jpg HTTP/1.1
Host: www.tagesschau.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html;charset=UTF-8
x-generated-by: tagesschau-live-5654bd687b-q7khp
content-language: en-US
x-varnish: 13956870
x-varnish-cache: miss cached
content-encoding: br
cache-control: max-age=180
date: Fri, 01 Dec 2023 19:10:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

templatelab.com/wp-content/uploads/2018/03/Deposit-Slip-Template-15.jpg

104.26.12.36

200 OK

171 kB

URL GET HTTP/2
templatelab.com/wp-content/uploads/2018/03/Deposit-Slip-Template-15.jpg
IP
104.26.12.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE9:BF:47:3E:E7:7D:CE:8F:E0:89:25:7D:15:40:0B:77:D6:AF:D2:9D
ValidityMon, 17 Apr 2023 00:00:00 GMT - Tue, 16 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1932x2500, components 3\012- data
Size
171 kB (171199 bytes)
Hash
a5212e8577168361908c51f5de0ff070
79f67c8fbf879211c76f5a727f2245f39d7a0416
21212886a4a4b113e002897bb6db85586e0aad89d0581b4d42cdeb3e8867c76a

HTTP Headers

GET /wp-content/uploads/2018/03/Deposit-Slip-Template-15.jpg HTTP/1.1
Host: templatelab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:49 GMT
content-type: image/jpeg
content-length: 171199
cache-control: public, max-age=2678400
cf-bgj: h2pri
etag: "605aa87c-29cbf"
last-modified: Wed, 24 Mar 2021 02:48:28 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxj4yFjA80PiXqs9BgMXejaAsqmnPPyelQsqiHp925EMQnbmT9sm9xTUCMkEXIF1CiYFZMwbWFhBbdupwwasUDuEuIDm5%2BjGydeBvGHDh77o9xO8nbWBRK4IvFRqv6fJ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82eda1e6189456c3-OSL
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2148 bytes)
Hash
6fae4fc013459f3ebd2cfb2ed745d530
658845c60b53ac457a733e98ca61e22f3396c2fe
b9997fd791ea2b62da3486e876e76e8eae1d3b93727cfb880251c33ab70c96f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 01 Dec 2023 19:10:49 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 01 Dec 2023 08:13:27 GMT
Expires: Sat, 02 Dec 2023 08:13:27 GMT
ETag: "658845c60b53ac457a733e98ca61e22f3396c2fe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.vobakl.de/startseite/_jcr_content/wmetprpbild.img.png/1572442803543/startseite-vrnw-ogt-nur-diese-seite.png

195.200.51.47

200 OK

153 kB

URL GET HTTP/2
www.vobakl.de/startseite/_jcr_content/wmetprpbild.img.png/1572442803543/startseite-vrnw-ogt-nur-diese-seite.png
IP
195.200.51.47:443
ASN
#15590 Atruvia AG

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerQuoVadis Trustlink B.V.
Subjectvobakl.de
Fingerprint63:28:F5:30:E1:D7:2A:90:72:E6:BE:F8:29:62:49:97:93:26:7F:7C
ValidityMon, 03 Jul 2023 04:10:57 GMT - Wed, 03 Jul 2024 04:05:00 GMT

File type
PNG image data, 1200 x 627, 8-bit/color RGB, non-interlaced\012- data
Size
153 kB (153128 bytes)
Hash
7b295fcc349e8aed6f77ac0a8e4d5c26
de29725867f6ba94c4975d59b31ffb29e338bc41
f4058768f3589db0faea7d1d41b349b59d71422991fcd0a2b1bd6cc18b6d3f41

HTTP Headers

GET /startseite/_jcr_content/wmetprpbild.img.png/1572442803543/startseite-vrnw-ogt-nur-diese-seite.png HTTP/1.1
Host: www.vobakl.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-958921677", dtSInfo;desc="0"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
last-modified: Wed, 30 Oct 2019 13:40:03 GMT
content-type: image/png
content-length: 153128
date: Fri, 01 Dec 2023 19:10:49 GMT
age: 0
strict-transport-security: max-age=31536000
set-cookie: TSe95c5bdd027=08a4ff22d8ab2000a4fd5bc6d3f8e395f88e7e3fb49864a65908b02ac605a0f518cda8ec03e73ad808708deb3c1130009d9e05be7ead98ffb3a26bc480485ad3cd3e9d4b985b7a36b6b9b610eb95cfeb53ac24912e22af8116675955e3b6f520; Path=/
X-Firefox-Spdy: h2

media.glassdoor.com/l/36/58/de/51/it-park-delhi.jpg

104.17.152.86

200 OK

60 kB

URL GET HTTP/2
media.glassdoor.com/l/36/58/de/51/it-park-delhi.jpg
IP
104.17.152.86:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectglassdoor.com
Fingerprint5E:C3:83:BA:E4:5E:58:1F:2A:38:F2:8A:A2:63:58:9D:B8:6F:8C:55
ValidityThu, 06 Apr 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 680x510, components 3\012- data
Size
60 kB (59780 bytes)
Hash
70ca965e4baa8f7bf907c36504c981e5
34491a9eb8ccb9ff078d614e993746bc490c0d28
08f12ed6910c7051b5fc78380fd139a5cb53f795ba6281bc10691e439c4ecff4

HTTP Headers

GET /l/36/58/de/51/it-park-delhi.jpg HTTP/1.1
Host: media.glassdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:49 GMT
content-type: image/jpeg
content-length: 59780
x-amz-id-2: 9RFaeDELOxDeJEpeNAvyz28MB9vcwHICn5bcU4IXlTFQQDLO0/2Yo+DbjI12Dw7d5LXH/xKOtZs4b3IPQY4Vj7tiPYRfaI4hY49jqjQmh/k=
x-amz-request-id: SAZGWSPNWMEBNBEV
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Nov 2014 15:05:53 GMT
etag: "70ca965e4baa8f7bf907c36504c981e5"
x-amz-version-id: LpMQ_MkEHEa86RqrA2IJ3bQPpuYArH_6
x-amz-meta-md5-hash: 70ca965e4baa8f7bf907c36504c981e5
cf-cache-status: MISS
expires: Sat, 30 Nov 2024 19:10:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: __cf_bm=9bQjxmihz1m4AugFgHHfOuLpbcm1dXl7WaoQKfHd50M-1701457849-0-AT3Kq/c21S97KqYvdW59xA0bsPsUIDgLekDqG3k6qiozxJA3+1QkDCktxI6ZOYs0D1kW04CGLSzJesbHLMNQBT7LhaHK6xgc4QZHuCo2jq5x; path=/; expires=Fri, 01-Dec-23 19:40:49 GMT; domain=.glassdoor.com; HttpOnly; Secure; SameSite=None
_cfuvid=MeGbJJ0UjnlLB4rsYJNgke_LMB.SU9tg4yVcllQI5VI-1701457849561-0-604800000; path=/; domain=.glassdoor.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82eda1e5ffbd568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

view.publitas.com/38924/309402/pages/9581fd2a23861a82029162d7d3f5fc2663fdb070-at800.jpg

54.230.111.83

200 OK

87 kB

URL GET HTTP/2
view.publitas.com/38924/309402/pages/9581fd2a23861a82029162d7d3f5fc2663fdb070-at800.jpg
IP
54.230.111.83:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerAmazon
Subjectwww.publitas.com
Fingerprint2B:D3:5A:EF:A7:75:F2:58:83:20:F5:8E:72:B4:20:C3:09:49:39:32
ValidityMon, 20 Feb 2023 00:00:00 GMT - Fri, 09 Feb 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, baseline, precision 8, 950x672, components 3\012- data
Size
87 kB (86758 bytes)
Hash
f54c38056d56cafc655e4d9d10cea24f
513f808ca497bd6abeab5503f34e2f352cae6364
0c7bac5046321ba9104f5521f951afb5ffbf123df053d5144b481c98bfb91e8c

HTTP Headers

GET /38924/309402/pages/9581fd2a23861a82029162d7d3f5fc2663fdb070-at800.jpg HTTP/1.1
Host: view.publitas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 86758
date: Fri, 01 Dec 2023 19:10:50 GMT
last-modified: Wed, 31 May 2017 09:17:40 GMT
etag: "f54c38056d56cafc655e4d9d10cea24f"
cache-control: public, max-age=315576000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XXnCKBlnAgi8haSPARjILIRn2PLhyWMrXjLGGOqi_7_6n1RuRty-Zg==
X-Firefox-Spdy: h2

s3.amazonaws.com/woothumbs/051119375b40-voba-hoba.de%252Fprivatkunden.html.phone.png

52.217.231.160

403 Forbidden

243 B

URL GET HTTP/1.1
s3.amazonaws.com/woothumbs/051119375b40-voba-hoba.de%252Fprivatkunden.html.phone.png
IP
52.217.231.160:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
61263c8531d384f22cbb3603f758450c
452bf31be4e2da6fd9b8afce0c5ec1c839f95122
5d1258dec6bf8988607bec9cb9aaea91e2b0fd1049ff68a4322117f6dc907072

HTTP Headers

GET /woothumbs/051119375b40-voba-hoba.de%252Fprivatkunden.html.phone.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
x-amz-request-id: SAZTSX7V2JJNRPZ2
x-amz-id-2: TEsXWz6wB3W9nPNr055diQ8v/j463cOZOxvzce8vhgjRxn14FlpQbX4fZgTw757r0kHSQ0sLkU4=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Fri, 01 Dec 2023 19:10:49 GMT
Server: AmazonS3

www.bw-bank.de/content/myif/bwbank/work/filiale/de/home/privatkunden/kreditkarte/_jcr_content/par/section_faf7/section/imagebox3_9623/image.img.jpg/1560434605095.jpg

62.181.147.63

404 Not Found

88 kB

URL GET HTTP/1.1
www.bw-bank.de/content/myif/bwbank/work/filiale/de/home/privatkunden/kreditkarte/_jcr_content/par/section_faf7/section/imagebox3_9623/image.img.jpg/1560434605095.jpg
IP
62.181.147.63:443
ASN
#15790 Finanz Informatik GmbH & Co. KG

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerQuoVadis Trustlink B.V.
Subjectwww.bw-bank.de
FingerprintA7:CD:14:6F:D7:53:48:CD:5C:6B:0E:B7:99:70:E3:B2:25:B8:B5:38
ValidityWed, 05 Jul 2023 06:43:59 GMT - Sun, 30 Jun 2024 23:45:00 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (356)
Size
88 kB (88088 bytes)
Hash
cdd34a9a3ff60bde6c4d21eff8e7deb1
c4c1c8a59041bc7195f850c10de0288c5670b0db
4c783997e11a558e75aa46ec06085345e045033da175594c8454482a4266c634

HTTP Headers

GET /content/myif/bwbank/work/filiale/de/home/privatkunden/kreditkarte/_jcr_content/par/section_faf7/section/imagebox3_9623/image.img.jpg/1560434605095.jpg HTTP/1.1
Host: www.bw-bank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 01 Dec 2023 19:10:49 GMT
X-UA-Compatible: IE=edge
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 01 Dec 2023 05:00:04 GMT
ETag: "15818-60b6ba4309704"
Accept-Ranges: bytes
Content-Length: 88088
X-Frame-Options: DENY
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Set-Cookie: TS01fda778=0164ab66bd15032e7fec3de1eb68b8ba309c8c44521da80b3e234f2c10847dbc1cec445d3f5b0c08c3bfe1c781b2602a35be68c96a; Path=/; Secure
TS8dd0aff9027=08341a39e8ab20003b8980ad1e57421b798f0e7be7344241640e7261bb5833ee073ad925d307e20208f5fe7fb51130007e3e6f708ae0b0b614eaa4a6eda0e2a735f7195985d8af84207e22b2e62c39c2eee7a6b73810bcecb0cea3f05e5d8c40; Secure; Path=/

5.imimg.com/data5/UK/HZ/JD/SELLER-45564919/money-transfer-service-dmt--500x500.png

143.204.55.83

200 OK

25 kB

URL GET HTTP/2
5.imimg.com/data5/UK/HZ/JD/SELLER-45564919/money-transfer-service-dmt--500x500.png
IP
143.204.55.83:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.imimg.com
Fingerprint73:73:1D:4B:8E:E6:64:9E:20:F6:04:15:50:E6:BD:13:96:F9:5B:0E
ValidityTue, 28 Feb 2023 00:00:00 GMT - Fri, 29 Mar 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
25 kB (25178 bytes)
Hash
5243e1758a39452067ad4d2ced40cd7d
53c6b4ae2ebb566fae3a90b01e53ffe2d1f7aec6
6c743c2c21d1eec155f365f5dbe36c1a5624edcc3c82861e8dbbb776b4859522

HTTP Headers

GET /data5/UK/HZ/JD/SELLER-45564919/money-transfer-service-dmt--500x500.png HTTP/1.1
Host: 5.imimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
content-length: 25178
date: Fri, 01 Dec 2023 19:10:50 GMT
last-modified: Sat, 30 Jul 2022 13:01:39 GMT
etag: "5243e1758a39452067ad4d2ced40cd7d"
cache-control: max-age=31536000, public
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CI1Hiu6piDPOu9NVvn0UB92wybJIupoYx-hh4isqmtKtNRTk0HFl-A==
X-Firefox-Spdy: h2

s3.eu-central-1.amazonaws.com/uberall-userpics-prod/429608/medium_91MmEpOaIl.jpg

52.219.75.179

200 OK

62 kB

URL GET HTTP/1.1
s3.eu-central-1.amazonaws.com/uberall-userpics-prod/429608/medium_91MmEpOaIl.jpg
IP
52.219.75.179:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerAmazon
Subject*.s3.eu-central-1.amazonaws.com
FingerprintC0:F4:6F:4D:C6:AC:6C:A1:11:26:8C:E5:92:0B:79:40:04:7A:A3:D9
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 12 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x700, components 3\012- data
Size
62 kB (61782 bytes)
Hash
5c77247f0c03d11b091007e8ad9ce873
42d81fbcd9892d5a5217bb912c96dba1dfb157c1
3b02b726146dd1c31c8842b0a06d140993496e2ab7fa0adccf15303549706607

HTTP Headers

GET /uberall-userpics-prod/429608/medium_91MmEpOaIl.jpg HTTP/1.1
Host: s3.eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: wHAi9dDwpBTK0cof9wVwpafXMwGDYnfUxh9cH4kjxhGNwwzyXaNes5UwOuxdkSZfLwc0IIAwBck=
x-amz-request-id: SAZKQWS084WMQDKK
Date: Fri, 01 Dec 2023 19:10:50 GMT
Last-Modified: Thu, 09 Feb 2017 08:48:36 GMT
ETag: "5c77247f0c03d11b091007e8ad9ce873"
x-amz-meta-width: 700
x-amz-meta-contenttype: image/jpeg
x-amz-meta-imagetype: JPG
x-amz-meta-height: 700
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 61782

www.deutsche-bank.de/pfb/content/mdata/chart/proxy.html.chart?ID_NOTATION=124851133&hist=3mo&Y_AXIS=LIN&CHART=PriceMedium

54.230.111.51

302 Found

239 B

URL GET HTTP/2
www.deutsche-bank.de/pfb/content/mdata/chart/proxy.html.chart?ID_NOTATION=124851133&hist=3mo&Y_AXIS=LIN&CHART=PriceMedium
IP
54.230.111.51:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subjectwww.deutsche-bank.de
FingerprintFA:95:35:9B:43:B3:B1:42:16:50:E3:AC:C9:1A:43:95:DB:30:8C:53
ValidityMon, 04 Sep 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
239 B (239 bytes)
Hash
f4e1258d8c77a5d667d3e6996dedd2d2
46964802e42a32d2afa88d3c0b3303f4161aab70
c20e4cec8b1a24ce79010f0d45e42d45ad3770849a234c1568f157a2441dd2c5

HTTP Headers

GET /pfb/content/mdata/chart/proxy.html.chart?ID_NOTATION=124851133&hist=3mo&Y_AXIS=LIN&CHART=PriceMedium HTTP/1.1
Host: www.deutsche-bank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
content-length: 239
location: https://www.deutsche-bank.de/shared/errorpages/404.html
date: Fri, 01 Dec 2023 19:10:50 GMT
server: Apache
strict-transport-security: max-age=31536000
cache-control: max-age=3600
expires: Fri, 01 Dec 2023 20:10:50 GMT
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w49uyib_2ijNjnUT1FNau-s1j_EVKwdnUDU0B3-QQLNXMuaJ4TjJPw==
X-Firefox-Spdy: h2

www.bank1saar.de/wir-fuer-sie/presse/presseberichte/Bilanz_Pressekonferenz_der_Bank_1_Saar/_jcr_content/parsys/textmitbild_1233538367/image.img.png/1524138504209/Bilanzpressekonferenz_Saarwirtschaft.jpg

195.200.51.36

404 Not Found

124 kB

URL GET HTTP/2
www.bank1saar.de/wir-fuer-sie/presse/presseberichte/Bilanz_Pressekonferenz_der_Bank_1_Saar/_jcr_content/parsys/textmitbild_1233538367/image.img.png/1524138504209/Bilanzpressekonferenz_Saarwirtschaft.jpg
IP
195.200.51.36:443
ASN
#15590 Atruvia AG

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerD-Trust GmbH
Subjectbank1saar.de
Fingerprint32:F4:B9:BF:53:92:B1:E0:E5:F3:48:69:05:6C:4B:D2:21:B3:BD:38
ValidityTue, 13 Jun 2023 04:45:41 GMT - Sun, 16 Jun 2024 04:45:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3011), with CRLF, LF line terminators
Size
124 kB (124048 bytes)
Hash
ba220e757d537d2289a41bd1394d8357
1af4cd4b3c99a500880e1ff1c12a12d26745c312
1f5a69293ce879e2564e6caa0ad6a1b48f1e29f5ab0966a7be4ba29a1ad63cb1

HTTP Headers

GET /wir-fuer-sie/presse/presseberichte/Bilanz_Pressekonferenz_der_Bank_1_Saar/_jcr_content/parsys/textmitbild_1233538367/image.img.png/1524138504209/Bilanzpressekonferenz_Saarwirtschaft.jpg HTTP/1.1
Host: www.bank1saar.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-442426298", dtSInfo;desc="0"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, stale-if-error=3600, stale-while-revalidate=3600, public, must-revalidate
content-type: text/html;charset=utf-8
date: Fri, 01 Dec 2023 19:10:48 GMT
age: 1
strict-transport-security: max-age=31536000
set-cookie: TS1b89804d027=08a4ff22d8ab2000c0a7484ebe5056850520fa0803dba30e2701c8c3c538d919029bb839d5b3204808c0b9387e113000fbc9d45136f8015cb3a26bc480485ad3ba435bb13dc5632e8ab1b3e3b398e380924ef7f8c92892ef23bd035d2e90c49c; Path=/
X-Firefox-Spdy: h2

i2.wp.com/moneysense.ph/wp-content/uploads/2019/07/CIMB-Bank-Personal-Loan.jpg?fit=650%2C325&ssl=1

192.0.77.2

200 OK

14 kB

URL GET HTTP/2
i2.wp.com/moneysense.ph/wp-content/uploads/2019/07/CIMB-Bank-Personal-Loan.jpg?fit=650%2C325&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 650x325, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (14144 bytes)
Hash
573dce0f613f2f4ee0b9ae5575925d2f
5444ae2b863b7cb39fdd7e0e00238e4224ef51e1
eb7e500b85e9263354d176d355a0a79f62a003ea3e652463d2afa6edf9e13d24

HTTP Headers

GET /moneysense.ph/wp-content/uploads/2019/07/CIMB-Bank-Personal-Loan.jpg?fit=650%2C325&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:10:50 GMT
content-type: image/webp
content-length: 14144
last-modified: Fri, 01 Dec 2023 19:10:50 GMT
expires: Mon, 01 Dec 2025 07:10:50 GMT
cache-control: public, max-age=63115200
link: <https://moneysense.ph/wp-content/uploads/2019/07/CIMB-Bank-Personal-Loan.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "40297c4d56348070"
vary: Accept
x-nc: MISS arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.hangseng.com/cms/pws/files/pib/eng/cre/obp/p2g/images/pic03.gif

203.112.94.8

200 OK

30 kB

URL GET HTTP/1.1
www.hangseng.com/cms/pws/files/pib/eng/cre/obp/p2g/images/pic03.gif
IP
203.112.94.8:443
ASN
#9221 HSBC HongKong

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subjectwww.hangseng.com
Fingerprint75:A7:30:E6:CD:43:9F:D8:F8:A4:82:4B:8F:B8:16:E9:40:6B:FB:C2
ValidityFri, 17 Feb 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
GIF image data, version 89a, 536 x 315\012- data
Size
30 kB (30071 bytes)
Hash
2e302eda92a319ecd6744e14d8d31fef
8a664fc6bf28970d0ed98efdfa86f9b326b5b1f4
6ac2787844918e105fceb5c9f050e65028ddb22403d377b0c77aff725740d24c

HTTP Headers

GET /cms/pws/files/pib/eng/cre/obp/p2g/images/pic03.gif HTTP/1.1
Host: www.hangseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 19:10:50 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Host
Last-Modified: Tue, 10 Oct 2006 01:12:38 GMT
ETag: "7577-41f6aa25f6d80"
Accept-Ranges: bytes
Content-Length: 30071
S: LHSP04HSHK-WS
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif

steven-coldwellbth9965.web.app/favicon.ico

199.36.158.100

404 Not Found

11 kB

URL GET HTTP/3
steven-coldwellbth9965.web.app/favicon.ico
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8125)
Size
11 kB (10712 bytes)
Hash
30b57fc35a6c2b706de9ce2c38f257c2
7270e201ec681343de06bf6c1c63ae61de526c98
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: steven-coldwellbth9965.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-length: 10712
cache-control: max-age=3600
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 01 Dec 2023 19:10:50 GMT
x-served-by: cache-bma1672-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701457851.857242,VS0,VE43
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT

142.250.74.142

200 OK

2.3 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 276x183, components 3\012- data
Size
2.3 kB (2347 bytes)
Hash
9bef96c7479adb40f793c7b0f4f2c33d
aff2b02e9af3e14faa9d22677eda1e2e6bd481cc
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9

HTTP Headers

GET /images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 2347
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Dec 2023 02:13:46 GMT
expires: Sat, 30 Nov 2024 02:13:46 GMT
cache-control: public, max-age=31536000
age: 61024
last-modified: Tue, 22 Dec 2015 19:19:47 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

66.media.tumblr.com/9083aaacfdf8879b40fb6745835d7d7a/tumblr_nw04p2JD9J1sncj6wo1_1280.jpg

192.0.77.3

200 OK

146 kB

URL GET HTTP/2
66.media.tumblr.com/9083aaacfdf8879b40fb6745835d7d7a/tumblr_nw04p2JD9J1sncj6wo1_1280.jpg
IP
192.0.77.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.media.tumblr.com
Fingerprint25:3D:AD:7F:75:45:E2:B6:26:85:76:22:6C:8F:CD:7F:A4:57:C6:68
ValidityThu, 29 Dec 2022 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data
Size
146 kB (146391 bytes)
Hash
18ca1f860150f28fadb621b0138e11a2
b844008a994f6db67f5444a3279beb470f9d1fcc
cc2ccfebd1dab373bd3e25b138106818c9349f7631700475ec0c03775efc1db4

HTTP Headers

GET /9083aaacfdf8879b40fb6745835d7d7a/tumblr_nw04p2JD9J1sncj6wo1_1280.jpg HTTP/1.1
Host: 66.media.tumblr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:10:51 GMT
content-type: image/jpeg
content-length: 146391
etag: "6d9646538d898f7ea14cb9de2dcced3d-1498089600-d0e7d11"
last-modified: Sun, 06 Dec 2020 08:27:30 GMT
x-frames: 1
timing-allow-origin: *
cache-control: max-age=315360000
x-nc: MISS arn 1
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; preload
server-timing: dc;desc=arn, cache;desc=MISS;dur=249.0
X-Firefox-Spdy: h2

assets.vccircle.com/uploads/2017/09/idfc.jpg

13.127.88.107

200 OK

303 kB

URL GET HTTP/1.1
assets.vccircle.com/uploads/2017/09/idfc.jpg
IP
13.127.88.107:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.vccircle.com
Fingerprint63:F3:EE:93:59:98:B3:18:35:87:19:D5:1B:86:1C:93:D9:4C:F8:A1
ValidityThu, 20 Jul 2023 00:00:00 GMT - Tue, 16 Jul 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 810x506, components 3\012- data
Size
303 kB (302665 bytes)
Hash
df811224bf514f16abb7b7dd19a64ac7
6d736184ea3508ed2e2b0985f1f423f847cbe662
319d44ad1922633554ccc93e85b364e6859bf6398a9a91345e0cd7ef8bc974be

HTTP Headers

GET /uploads/2017/09/idfc.jpg HTTP/1.1
Host: assets.vccircle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Fri, 01 Dec 2023 19:10:50 GMT
Content-Type: image/jpeg
Content-Length: 302665
Last-Modified: Mon, 23 Jul 2018 09:27:37 GMT
Connection: keep-alive
ETag: "5b559f89-49e49"
Expires: Fri, 08 Dec 2023 19:10:50 GMT
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

cdn.dribbble.com/users/1312095/screenshots/3142811/monopoly.png

192.229.220.206

403 Forbidden

0 B

URL GET HTTP/2
cdn.dribbble.com/users/1312095/screenshots/3142811/monopoly.png
IP
192.229.220.206:443
ASN
#15133 EDGECAST

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subject*.dribbble.com
Fingerprint37:9B:04:38:4B:44:D1:6D:EB:62:8E:60:72:47:A9:AE:D0:2A:1C:0B
ValiditySat, 18 Mar 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /users/1312095/screenshots/3142811/monopoly.png HTTP/1.1
Host: cdn.dribbble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: https://dribbble.com
content-type: application/xml
date: Fri, 01 Dec 2023 19:10:49 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 96a209e44727117dd65f64a42c737a2c.cloudfront.net (CloudFront)
x-amz-cf-id: grKyQ3k9-xUhCh6cNjz4pcsKJVenAAQ5176QdnyMT-6HfF77JLYNkw==
x-amz-cf-pop: IAD66-C2
x-cache: Error from cloudfront
X-Firefox-Spdy: h2

www.hebelschule-bruchsal.de/_data/Tischtennisplatte_640_quer.jpg

92.204.55.169

404 Not Found

0 B

URL GET HTTP/2
www.hebelschule-bruchsal.de/_data/Tischtennisplatte_640_quer.jpg
IP
92.204.55.169:443
ASN
#8972 Host Europe GmbH

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerStarfield Technologies, Inc.
Subjecthebelschule-bruchsal.de
FingerprintE5:62:AB:E9:FB:37:2F:99:7A:23:B7:85:4C:AB:6D:18:76:BB:B1:7C
ValidityWed, 21 Jun 2023 14:02:02 GMT - Tue, 02 Jul 2024 09:58:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_data/Tischtennisplatte_640_quer.jpg HTTP/1.1
Host: www.hebelschule-bruchsal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Fri, 01 Dec 2023 19:10:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding,Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.hebelschule-bruchsal.de/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2

deavita.com/wp-content/uploads/2015/10/sitzbank-esszimmer-selber-bauen-rueklehne-polsterwand-stauraum-koerbe-diy.jpg

104.26.12.134

403 Forbidden

0 B

URL GET HTTP/2
deavita.com/wp-content/uploads/2015/10/sitzbank-esszimmer-selber-bauen-rueklehne-polsterwand-stauraum-koerbe-diy.jpg
IP
104.26.12.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint83:79:A2:D5:01:03:DF:EE:CF:49:8B:63:7A:23:62:AC:6E:E0:4A:7F
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2015/10/sitzbank-esszimmer-selber-bauen-rueklehne-polsterwand-stauraum-koerbe-diy.jpg HTTP/1.1
Host: deavita.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 01 Dec 2023 19:10:48 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36OxBZMqI%2BklO7uK6ofQn3j%2BjSLUGGTYxjGexIqoj7123eqFdJohzl8Nm1%2FchoHvxBQFG4vLugnHf0DYEbpBiG26IO7MY7fUwhViEMzGv%2F5nxtjcyhRPlDk9IJzc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82eda1e43a3f0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.deutsche-bank.de/shared/errorpages/404.html

54.230.111.51

200 OK

0 B

URL GET HTTP/2
www.deutsche-bank.de/shared/errorpages/404.html
IP
54.230.111.51:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerDigiCert Inc
Subjectwww.deutsche-bank.de
FingerprintFA:95:35:9B:43:B3:B1:42:16:50:E3:AC:C9:1A:43:95:DB:30:8C:53
ValidityMon, 04 Sep 2023 00:00:00 GMT - Tue, 03 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /shared/errorpages/404.html HTTP/1.1
Host: www.deutsche-bank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://steven-coldwellbth9965.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 21390
date: Fri, 01 Dec 2023 19:10:50 GMT
server: Apache
x-dispatcher: dispatcher2eucentral1
x-dispatcher-version: 1.6.6
strict-transport-security: max-age=63072000; includeSubdomains;
x-xss-protection: 1; mode=block
x-vhost: deutsche-bank
vary: Host,Accept-Encoding
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 17:48:03 GMT
etag: "29e86-60b765eb70c17-gzip"
accept-ranges: bytes
content-encoding: gzip
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-security-policy: frame-ancestors https://*.deutsche-bank.de
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-credentials: true
access-control-allow-header: Origin, X-Requested-With
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nHG2QN2V-lGGAL4dJ1kGH0N22WyYjEFaESVxnqcPrWJPUPmthSmANw==
X-Firefox-Spdy: h2

updategames.us/gam/arsae88.js

172.67.169.212

200 OK

401 B

URL GET HTTP/2
updategames.us/gam/arsae88.js
IP
172.67.169.212:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerLet's Encrypt
Subjectupdategames.us
Fingerprint9D:66:BF:6E:BB:1C:FB:11:E0:0E:64:9C:32:4E:1C:57:0C:25:BE:3C
ValiditySun, 05 Nov 2023 08:06:49 GMT - Sat, 03 Feb 2024 08:06:48 GMT

File type
ASCII text, with very long lines (425), with no line terminators
Size
401 B (401 bytes)
Hash
18f0401b008b3ae25b09c01efc67cd5d
bc507c9a63ed851e1408dadaf42da0fa706a73bd
00459deff1756d210ccff407c04b4145640af73ee42513d4680ab55732b1e7e6

HTTP Headers

GET /gam/arsae88.js HTTP/1.1
Host: updategames.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:10:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Sep 2021 09:44:37 GMT
vary: Accept-Encoding
etag: W/"6131ee85-191"
expires: Sun, 24 Nov 2024 03:31:05 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 575150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cme5HY7AOI2DWrVnOWDginbS1%2FLF2XTmQfXegHxGItX4%2FjKcUqPz4kYLceWeEj8hmVjT9oH09bXqfGsVnO%2BFiENRQwhkG9atq%2FPPBHybKQkxOqClsBIsgh%2B6ek0tFT41Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82eda1e0cb115691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

businessday.ng/wp-content/uploads/2019/09/access-bank-2.png

104.26.9.49

404 Not Found

0 B

URL GET HTTP/2
businessday.ng/wp-content/uploads/2019/09/access-bank-2.png
IP
104.26.9.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerLet's Encrypt
Subjectbusinessday.ng
FingerprintF6:C4:FA:42:4D:89:E5:05:0E:FE:20:B7:F7:97:C6:AE:54:B9:B8:B1
ValidityThu, 05 Oct 2023 05:28:43 GMT - Wed, 03 Jan 2024 05:28:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2019/09/access-bank-2.png HTTP/1.1
Host: businessday.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 01 Dec 2023 19:10:54 GMT
content-type: text/html; charset=UTF-8
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=1800, must-revalidate
link: <https://businessday.ng/wp-json/>; rel="https://api.w.org/"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOcQPGpNdPvcab9t488cGhjOMGnQWLpvJuhPUv1XQqF%2FvIA3sk%2FqNj5ukgZsRGSngenZ9F2E6yzva6w8IHr6mMu2zPrw0oo1jhoJZmM%2Fw9p9IXzISnm5Ml3br1ZcCksW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82eda1e688ed56b5-OSL
content-encoding: br
X-Firefox-Spdy: h2

c8.alamy.com/comp/D34J3P/bank-of-montreal-and-401-west-georgia-tower-in-downtown-vancouver-D34J3P.jpg

143.204.55.14

200 OK

177 kB

URL GET HTTP/2
c8.alamy.com/comp/D34J3P/bank-of-montreal-and-401-west-georgia-tower-in-downtown-vancouver-D34J3P.jpg
IP
143.204.55.14:443
ASN
#16509 AMAZON-02

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerAmazon
Subject*.alamy.it
FingerprintD3:9D:F2:DD:11:41:81:0D:B1:7D:67:72:FA:65:83:29:A8:A5:1C:9F
ValidityTue, 21 Nov 2023 00:00:00 GMT - Fri, 20 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 866x1390, components 3\012- data
Size
177 kB (177215 bytes)
Hash
f2ef0b7fc4dd0c091fbe168a01a3de05
822a71fca43ca54ebc9a480a09b3b6b178e3264b
d25a20ba9fa5e587a2d80b70e4b0ac7a7cc68dc763276636ab5b3f593ecb6dd6

HTTP Headers

GET /comp/D34J3P/bank-of-montreal-and-401-west-georgia-tower-in-downtown-vancouver-D34J3P.jpg HTTP/1.1
Host: c8.alamy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:10:49 GMT
cache-control: max-age=604800
access-control-allow-origin: *
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3jkXusjCmlaMeAeIJK6_gPSYpn0MLq2tlaC4VjS8WMZnNociXSYE3w==
X-Firefox-Spdy: h2

i0.wp.com/studentloanhero.com/wp-content/uploads/regions-bank-personal-loan.jpg?resize=420%2C260&ssl=1

192.0.77.2

400 Bad Request

0 B

URL GET HTTP/2
i0.wp.com/studentloanhero.com/wp-content/uploads/regions-bank-personal-loan.jpg?resize=420%2C260&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /studentloanhero.com/wp-content/uploads/regions-bank-personal-loan.jpg?resize=420%2C260&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
server: nginx
date: Fri, 01 Dec 2023 19:10:49 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hayonlinewinkel.com/12206-large_default/hay-palissade-eetkamerbank-zonder-armleuning.jpg

0.0.0.0

0 B

URL GET
www.hayonlinewinkel.com/12206-large_default/hay-palissade-eetkamerbank-zonder-armleuning.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://steven-coldwellbth9965.web.app/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /12206-large_default/hay-palissade-eetkamerbank-zonder-armleuning.jpg HTTP/1.1
Host: www.hayonlinewinkel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

vulearning.pk/wp-content/uploads/2019/07/National-Bank-of-Pakistan-NBP-Jobs-1.jpg

0.0.0.0

0 B

URL GET
vulearning.pk/wp-content/uploads/2019/07/National-Bank-of-Pakistan-NBP-Jobs-1.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://steven-coldwellbth9965.web.app/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/07/National-Bank-of-Pakistan-NBP-Jobs-1.jpg HTTP/1.1
Host: vulearning.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Raleway

142.250.74.42

200 OK

1.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://steven-coldwellbth9965.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1799), with no line terminators
Size
1.8 kB (1759 bytes)
Hash
13ff8e9667424a63d7766478143baeb7
3c4aa701a9d1127ce3dc6ac1a4790d7925083a2d
7880419a9b73e183d89f62ab25bbce667b47d17a902d75858814eca027287547

HTTP Headers

GET /css?family=Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 19:10:48 GMT
date: Fri, 01 Dec 2023 19:10:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

196034-584727-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/01/Rachel-Zane-Resume-Business-Analyst-11-724x1024.jpg

0.0.0.0

0 B

URL GET
196034-584727-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2018/01/Rachel-Zane-Resume-Business-Analyst-11-724x1024.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://steven-coldwellbth9965.web.app/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2018/01/Rachel-Zane-Resume-Business-Analyst-11-724x1024.jpg HTTP/1.1
Host: 196034-584727-raikfcquaxqncofqfm.stackpathdns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://steven-coldwellbth9965.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (56)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash