9au.com Open in urlscan Pro
172.67.210.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://canadaclassify.com/
Effective URL:
https://9au.com/RF027SED01S
Submission: On December 19 via api (December 19th 2024, 2:09:54 am UTC) from BE — Scanned from SG

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 37 HTTP transactions. The main IP is 172.67.210.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is 9au.com.
TLS certificate: Issued by WE1 on November 20th 2024. Valid for: 3 months.

This is the only time 9au.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	156.67.214.31 156.67.214.31	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
23	172.67.210.118 172.67.210.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.200.95 74.125.200.95	15169 (GOOGLE) (GOOGLE)
1	163.181.160.250 163.181.160.250	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
2	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
2	57.144.144.128 57.144.144.128	32934 (FACEBOOK) (FACEBOOK)
4	57.144.144.1 57.144.144.1	32934 (FACEBOOK) (FACEBOOK)
2	142.250.4.101 142.250.4.101	15169 (GOOGLE) (GOOGLE)
37	9

1 156.67.214.31 (Singapore, Singapore) 1 redirects

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)
PTR: srv642693.hstgr.cloud

canadaclassify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.210.118 (United States)

ASN13335 (CLOUDFLARENET, US)

9au.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.160.250 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

o.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.144.144.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin11.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 57.144.144.1 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin11.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	9au.com 9au.com	2 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	419 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	181 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	gstatic.com fonts.gstatic.com	125 KB
1	alicdn.com o.alicdn.com — Cisco Umbrella Rank: 22534	68 KB
1	canadaclassify.com 1 redirects canadaclassify.com	135 B
37	9

	Domain	Requested by
23	9au.com	9au.com
4	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	9au.com connect.facebook.net
2	www.googletagmanager.com	9au.com www.googletagmanager.com
2	fonts.googleapis.com	9au.com
1	fonts.gstatic.com	fonts.googleapis.com
1	o.alicdn.com	9au.com
1	canadaclassify.com	1 redirects
37	9

This site contains no links.

Subject Issuer	Validity	Valid
9au.com WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2024-06-19` - `2025-07-21`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-27` - `2024-12-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://9au.com/RF027SED01S
Frame ID: EFCA76B10B0FA8A4F6E379D5C46E623C
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up Free $9AU - Play Online Pokies Now!

Page URL History Show full URLs

https://canadaclassify.com/ HTTP 301
https://9au.com/RF027SED01S Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

37
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

2281 kB
Transfer

4775 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://canadaclassify.com/ HTTP 301
https://9au.com/RF027SED01S Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request RF027SED01S Show response
9au.com/
Redirect Chain

https://canadaclassify.com/
https://9au.com/RF027SED01S

478 KB
107 KB

906ms
648ms

Document
text/html

172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9au.com/RF027SED01S

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c902d508e4c73100870095f75b1652abe8199ba64e5a6eb833a60362596c7b85

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f43da311a402aaa-LAX
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 19 Dec 2024 02:09:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUBcE%2F8%2FvBRquadc0ABF3MA7YE4oTUtN5ozH9iA1NcH0Nev3NsecIpCGHVyO2SzURX%2BDAGRbMcTQQgxd2k%2F7HyKkcS4GVZaLhWtfVeL3b%2BBDUfuIDvgK0yva"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=193200&min_rtt=193138&rtt_var=30640&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4103&recv_bytes=4492&delivery_rate=128&cwnd=12000&unsent_bytes=0&cid=3816688e06f812bb&ts=709&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-frame-options: DENY

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 Dec 2024 02:09:44 GMT
location: https://9au.com/RF027SED01S
server: nginx
x-powered-by: PHP/8.2.26 PleskLin

GET
H2 200 css
fonts.googleapis.com/ 3 KB
672 B 19ms
9ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand|Dancing+Script&display=swap

Requested by

Host: 9au.com
URL: https://9au.com/RF027SED01S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

d9486d61129491dd51f892b40b40ea330ab9c701e760f4dfb7e6e1263bfb0cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 02:09:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 01:40:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 16ms
7ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: 9au.com
URL: https://9au.com/RF027SED01S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 02:09:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 02:09:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 html5-qrcode.min.js Show response
9au.com/mobile/qrcode-scanner/ 367 KB
110 KB 385ms
384ms Script
application/javascript 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/mobile/qrcode-scanner/html5-qrcode.min.js
Requested by: Host: 9au.com
URL: https://9au.com/RF027SED01S
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"d88d3200cb547c9e86ee972975561dcd"
age: 4634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZbBl4eFEq%2BjRIqKFKaoriFQ7L3UbYTjQW7ncsSos1qaKIYsNUif46E1Z1mbnVeRZetlcMpOs1l8NxY2Q4AhVROluUr1SI4t6bED3FfVLpyDW2UlmLK249dS"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: UAZM3JbgVLDGtUyI11mzPBAZ06zF5eF5ULvRInv3n_DpymgmyvK30w==
date: Thu, 19 Dec 2024 02:09:46 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 12:46:56 GMT
vary: Accept-Encoding
priority: u=1,i=?0
server-timing: cfL4;desc="?proto=QUIC&rtt=199700&min_rtt=193020&rtt_var=10123&sent=60&recv=22&lost=0&retrans=0&sent_bytes=59327&recv_bytes=5528&delivery_rate=83457&cwnd=33600&unsent_bytes=0&cid=3816688e06f812bb&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=156
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 169e0d771068e12ff1a11859dfcaeb00.cloudfront.net (CloudFront)
cf-ray: 8f43da3679a72aaa-LAX
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 tesseract.min.js Show response
9au.com/mobile/tesseract5/ 65 KB
11 KB 753ms
753ms Script
application/javascript 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/mobile/tesseract5/tesseract.min.js
Requested by: Host: 9au.com
URL: https://9au.com/RF027SED01S
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"762c42567bee631741908f3541ebf1c2"
age: 4634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AYGMe9wJ89JWuYG%2FlY0jznhAsyZ3zoouI6VFvwajRYEvk%2BAZ6JlaPAOCHvugvvfIlUAqMzOQqaDG4v8hAzpsMOmd4q8XZM1OiLBbQBvVWRl8MDo6%2FhIwMthB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aa2jJwX7jpebDhuYEdUnXs25c-_Z1xPF5X4LK-xuNpK4ofEYkecGvA==
date: Thu, 19 Dec 2024 02:09:46 GMT
content-type: application/javascript
last-modified: Sun, 06 Oct 2024 10:24:32 GMT
vary: Accept-Encoding
priority: u=1,i=?0
server-timing: cfL4;desc="?proto=QUIC&rtt=199700&min_rtt=193020&rtt_var=10123&sent=60&recv=22&lost=0&retrans=0&sent_bytes=59327&recv_bytes=5528&delivery_rate=83457&cwnd=33600&unsent_bytes=0&cid=3816688e06f812bb&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=156
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
cf-ray: 8f43da3679ad2aaa-LAX
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 AliyunCaptcha.js Show response
o.alicdn.com/captcha-frontend/aliyunCaptcha/ 193 KB
68 KB 28ms
16ms Script
application/javascript 163.181.160.250
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.alicdn.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
Requested by: Host: 9au.com
URL: https://9au.com/RF027SED01S
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.160.250 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5a74a2dbddeab7304f90ecfb545381cbe425fc7ec753d211aa166fe74974be86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

x-oss-cdn-auth: success
content-md5: b8bP9Ew8Bn/9gj8/PMvSiA==
x-oss-storage-class: Standard
content-encoding: gzip
etag: W/"6FC6CFF44C3C067FFD823F3F3CCBD288"
age: 85664
x-oss-object-type: Normal
x-assets-pt: pt0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Wed, 18 Dec 2024 02:22:00 GMT
x-oss-server-time: 2
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-assets-path: /captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
last-modified: Thu, 12 Dec 2024 02:21:42 GMT
cache-control: max-age=604800,s-maxage=86400
x-swift-cachetime: 86401
timing-allow-origin: *
x-er-version: 0.0.6
x-oss-hash-crc64ecma: 11994573106344600174
x-assets-grey: false
via: cache33.l2sg5[237,108,304-0,C], cache29.l2sg5[109,0], ens-cache7.sg17[0,0,200-0,H], ens-cache11.sg17[1,0], ens-cache8.sg17[11,0]
ali-swift-global-savetime: 1734488521
x-swift-savetime: Wed, 18 Dec 2024 02:22:00 GMT
access-control-allow-origin: *
eagleid: a3b5a09c17345741858767619e
x-oss-request-id: 676231C809C4A700577C8101
server: Tengine

GET
H3 200 app.js Show response
9au.com/mobile/ 1 MB
364 KB 215ms
215ms Script
text/javascript 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/mobile/app.js?v=5121
Requested by: Host: 9au.com
URL: https://9au.com/RF027SED01S
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d3a4d660aa64b8cd619d36d8ac86f9fccf735b09827fc4a4b23caab1251ba3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "23a8a5202e1d0fc7c99e555ba6c88b97"
age: 831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKP8He8YSRQyD8Gouhlhk1azudw%2FIxWLM3Y1%2FaOwOY9DA4NEK%2BpIPVe%2Brj6EKDHF80p%2BLjk8%2BGjRR39EjJvcaaJQ2Gz3ixm3AmX7AKNCbbtANtFz1NUCcxJg"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: m1aGtX2jax-Xoz7ZNO1agOH5gG-qIacdkjB8gU220UuARjhjRjC-_w==
date: Thu, 19 Dec 2024 02:09:46 GMT
content-type: text/javascript
last-modified: Thu, 19 Dec 2024 01:54:29 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server-timing: cfL4;desc="?proto=QUIC&rtt=199951&min_rtt=192895&rtt_var=8459&sent=220&recv=77&lost=0&retrans=0&sent_bytes=243638&recv_bytes=8189&delivery_rate=480958&cwnd=115200&unsent_bytes=0&cid=3816688e06f812bb&ts=2005&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 43e5fc8af777bb75886a9fb119160f30.cloudfront.net (CloudFront)
cf-ray: 8f43da3bf9342aaa-LAX
accept-ranges: bytes
content-length: 371364
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 kk-bg-menu.jpg
9au.com/other/ 3 KB
4 KB 207ms
207ms Image
image/jpeg 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/other/kk-bg-menu.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "c72f26aa42a64ea3c1adb956bce40552"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WM0m0k4AXlAWc6v2vAhv4O029lu%2FXxa7EWmCYr7s1bi1XgUuRrVJBI%2F4CCIPT1o2BpysIFWBairGB8mE7o%2BBIHcThxNIh2uA6Ftj9F93mt6XuDlIH5BBoG5w"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 65UUPGMM4976FER474hQc3Ys4oAVlu4KG3nWhHOdtKLS0-7BFB0U9A==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/jpeg
last-modified: Tue, 01 Dec 2020 01:36:00 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=543&recv=119&lost=0&retrans=0&sent_bytes=624312&recv_bytes=12783&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2723&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 2ffad71acc1fd359f7575ee84d8a56dc.cloudfront.net (CloudFront)
cf-ray: 8f43da407f592aaa-LAX
accept-ranges: bytes
content-length: 2993
x-amz-cf-pop: SIN2-P4
server: cloudflare

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 12ms
5ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://9au.com
Referer: https://fonts.googleapis.com/

Response headers

age: 543733
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 19:07:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 19:07:34 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
73 KB 29ms
5ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MH9THNNJ

Requested by

Host: 9au.com
URL: https://9au.com/RF027SED01S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

af067483b8b11ea82731adc27fdd06194f83ac627b99867b7777411e09e64df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 19 Dec 2024 02:09:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74412
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 17ms
3ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 9au.com
URL: https://9au.com/RF027SED01S

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-cprJdEIu' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-cprJdEIu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4519, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9l9kBxxbBwNc6tpx91NyXu5Ih8EBCuYrBAG25g1ADY33aEJ3tl8qp6p98Li4dGd7kJ/hMiRUXwdZ63NEn90j4Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 f8204eef56f664aa6fb91.jpg
9au.com/media/ 8 KB
9 KB 210ms
209ms Image
image/jpeg 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/f8204eef56f664aa6fb91.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed84878374d49db7e9e9228ecee27c5eef534c9a308337dc868d9ef3a6b1cd0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "57f79519ceb07b939d193fc5134328df"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egH%2B5Cb98LnC5SlkP%2FcEdo9QwnQmf5vtoW02FOATaHDX6TGtBbPpd%2BuPzRoFO9aM1PdIzZcZ3BWjgSLxTOhDhwyxWImDgR217wodqWHDKEmOfI4bdR62Fr6W"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: A2Swg7LldxmQ0mOFM0ov2pXZa1ZG4WlJU4B6rFRfGt4wDmbs1IRz0w==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 07:34:07 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=548&recv=127&lost=0&retrans=0&sent_bytes=628252&recv_bytes=15352&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2728&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a9fb1933765b2e0a17ee7cee382c4058.cloudfront.net (CloudFront)
cf-ray: 8f43da408f5f2aaa-LAX
accept-ranges: bytes
content-length: 8689
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 3b50756066f6678fa63bf.png
9au.com/media/ 130 B
986 B 401ms
400ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/3b50756066f6678fa63bf.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f63d779c4711400d384428958edcab031621d79e2f27e22cb58142f00d83f5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "362021d133f82fa3da162a3f83044fbb"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGrs%2BnmYuy2SmAoNwlsMVf92YIVoXggE8hy8kO6E1D47X80GWw9cpptf%2BWEJFykWqdC4svw8E1td9PSQc9ksQk%2FLOBl94k5F70Z4reaZhQIkTa7Ig1JjkAFl"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9QAmaLwie9_AEUX8r1PbLTNdUYAZHZ4BaSJixDatYMeoYOnoVmHWJA==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 07:36:06 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=757&recv=128&lost=0&retrans=0&sent_bytes=878020&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2731&x=1", cfExtPri, cfHdrFlush;dur=190
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 c8ee1483012f938e4c0cb1b35eb31ae4.cloudfront.net (CloudFront)
cf-ray: 8f43da408f632aaa-LAX
accept-ranges: bytes
content-length: 130
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 63935b4588376d88bce01.gif
9au.com/media/ 782 KB
783 KB 209ms
207ms Image
image/gif 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/63935b4588376d88bce01.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16659daba47d55a2d33baad8fa96a62e49a67d51c86c0dfe900ae1f3e03f8e19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "afbf8846d811f562cc0e437184fd0fcb"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o13aUxMd4qGaivE2S2QyaRRib3erlypYw1hEUVRCOGmx2%2BGoflXG3nSn88KbOleSy3VaS9K8VvHzTwqZxI3%2BEa%2FpSVIE6sxKMFJK9XcJPZn6wR2JgaSmSyXh"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: s02ikXX2va6rUjmJ8seJDOXnUtXNIMpzbiOzCFewoGQl4dyTAfXe3w==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/gif
last-modified: Sat, 16 Nov 2024 11:43:08 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=557&recv=128&lost=0&retrans=0&sent_bytes=638020&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2729&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 322fd7826352d6d295b7196056be4ec2.cloudfront.net (CloudFront)
cf-ray: 8f43da408f662aaa-LAX
accept-ranges: bytes
content-length: 800706
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 e49a122066f66bd906844.png
9au.com/media/ 130 B
990 B 400ms
399ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/e49a122066f66bd906844.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f4189c73d0a21466e9dc23eddf7513042a2eed9d04af1fa95d9a9e85238bfda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "7a919a8a62eadc7083214f20156d84d9"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FN%2BB0B48quJXht113DSsZj81mYCtceHwkriR7NZeKnQms4lWXAlkLt4FhtFyLgvwkHNKUi%2FvKE%2B%2BfyIPONMEPcbL0OVSUP2I5KPvO%2BnQ8ssUGRmj1TIQnyU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: OH7pWHo-3J_iU3hcw3tz29zs1qoIYeAimlteBH-Ffa0aerzk6MRkUw==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 07:34:59 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=747&recv=128&lost=0&retrans=0&sent_bytes=866020&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2730&x=1", cfExtPri, cfHdrFlush;dur=191
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 894f321aaec7e16111835f5b53fa21a4.cloudfront.net (CloudFront)
cf-ray: 8f43da408f682aaa-LAX
accept-ranges: bytes
content-length: 130
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 8e7771c966f664cc1f284.png
9au.com/media/ 658 B
1 KB 403ms
401ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/8e7771c966f664cc1f284.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e081252f537bce844636c1fd6fe76d59ed4f0c1725bcd216ce3f59e375f6f012

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "d07b6b38a534101682cd24c1b646c0c8"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrj7MtfFDSIfJ2CZVww447aEWA%2B%2B4udStHAYXHBUWD69dXUnJYueW1kyTJ8cSbNkLSaVGuM5uzOWhIeLm%2B8jQUKSpAHzxGtNreg0o301H1UBI36EXjRSXI5E"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Y23tr1OogPNZMPlnLJMhlj5ho13AboRlJzMAjXJxz7yA2ENhWH1xyg==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 08:16:02 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2746&x=1", cfExtPri, cfHdrFlush;dur=175
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a0fb529982aa9787ef3a5780a065c43a.cloudfront.net (CloudFront)
cf-ray: 8f43da408f6a2aaa-LAX
accept-ranges: bytes
content-length: 658
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 acae84c966f665a37299c.png
9au.com/media/ 967 B
2 KB 403ms
402ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/acae84c966f665a37299c.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4741db9e0dda5794647bf68dc878aa70703b4d8669f73d35163dcef90ef4097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "1ee6e83ba14e96f276ae73d7fc28ffee"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeQBQQG6PLj%2BbBSqioNAsON9VhVKJhzUhySNYivqYQmbr%2BAMEOIOY0MrMx3%2B8sVPHLR4BUQZNtL325lZSGtUQLPkEb7GF1ymHPHXSXskQw3l%2B9W8mtkKopQ3"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PwhQ5fXd1Jouo_jJd_78Mnbk0jxlTH2RY5v8A8goKqrZ37vRdiFN1A==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 08:16:05 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2733&x=1", cfExtPri, cfHdrFlush;dur=188
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
cf-ray: 8f43da408f6c2aaa-LAX
accept-ranges: bytes
content-length: 967
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 f580e6c966f665023464f.png
9au.com/media/ 2 KB
3 KB 404ms
402ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/f580e6c966f665023464f.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bedaf08159fbcff9683e2967bfa5af28e60083109466a5fee6d80fe0ec65351

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "d2c90fb45b94db77759b7e8c032756e6"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmnL91geKQN1SfMpwFK%2BaHJ81V2YK7clizO3cJaRbwyFWbPCQo4ArUdw%2F8Q8rTlnpLpfl5ohvlrS6o5xSE1zDsySR70AJx%2BLNrJHp5i5HqtLWsch%2BToL1SMs"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9xtpojNo9UfxLYXTT3ln83h1R1LHq0vb9QtfhDpSf498pA4bsBc3QA==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 08:16:07 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2733&x=1", cfExtPri, cfHdrFlush;dur=188
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 71cf035a55e299e5d12b1bf6482e945e.cloudfront.net (CloudFront)
cf-ray: 8f43da408f6d2aaa-LAX
accept-ranges: bytes
content-length: 2212
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 50a51ac966f6688dd743c.png
9au.com/media/ 1 KB
2 KB 404ms
400ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/50a51ac966f6688dd743c.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56dcc9007d0032889241707ca51f6bfd409888976376eff89285ef98123226d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "188097f6d47db038db6c9bbf6d59faab"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36DekJULh%2BDkT4Idl9x5xoMZ4%2F4XR2w0MkDW8ttMKfbvUuBivCISx5FW0l60xa1fY5EYomacFWO4xEke3pL1KDJ0eBejaKckgwMi80DmHDUbQnvFpVlKedhu"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FX-C6PcA9pci6T5om8JUNZJSN3JqOFZ5k2cYNabQOaJ_SCKQ2BHS9A==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 08:16:11 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2743&x=1", cfExtPri, cfHdrFlush;dur=178
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 edbe37857ecef88edf038f3b8d7d9742.cloudfront.net (CloudFront)
cf-ray: 8f43da408f712aaa-LAX
accept-ranges: bytes
content-length: 1086
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 8d882cc966f661d534948.png
9au.com/media/ 1 KB
2 KB 405ms
399ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/8d882cc966f661d534948.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b950f008458724c656324bc0cfbb6c5e61e3ac67905db9321920aff11006747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "cc19af4dd133379834a97bbe8864092a"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HKDLduKg2%2BGeafpeEw472pr%2FHH%2BPmT%2BjJJ160t%2Bj5id2wPGP6JpmCbD7fEUt7Ayk91UbXWqX0ME4jqmKam5Vf71LnaAZtlJmDcP9Dowu1KDy8g4jQfTGFCx"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: w42BFyhT4lI4QR3_EAqnGUe7sflwXVbFIQZ2_jNB4LUzSDu0iE2bCw==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Fri, 27 Sep 2024 08:16:13 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2736&x=1", cfExtPri, cfHdrFlush;dur=185
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 f626414885b2faf7a229c7fb2778d5c8.cloudfront.net (CloudFront)
cf-ray: 8f43da408f752aaa-LAX
accept-ranges: bytes
content-length: 1201
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 200 index.php Show response
9au.com/api/v1/ 130 KB
9 KB 428ms
423ms XHR
application/json 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/api/v1/index.php
Requested by: Host: 9au.com
URL: https://9au.com/mobile/app.js?v=5121
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a5f3d08f0c8627b357ca64d6a1ec9d462b9d6c1e7869ee9a059f4e09adfcd70

Request headers

Referer: https://9au.com/RF027SED01S
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2cvm7vtEMAsj6dlXu72qiO%2F7wi7NAyovGKz5mLwQp3dUiTMxIXlOxysYyHtIi9HVRc8FTU6z4MNudqlODeKUrHmWX9iXLZn2KqLqGt1d9y6Omqnrddv%2FXnP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f43da408f782aaa-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=198087&min_rtt=192895&rtt_var=1839&sent=1141&recv=147&lost=0&retrans=0&sent_bytes=1331620&recv_bytes=16560&delivery_rate=1075960&cwnd=481200&unsent_bytes=0&cid=3816688e06f812bb&ts=2951&x=1", cfExtPri, cfHdrFlush;dur=3
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 c6d84bce2d376e9e598a9.png
9au.com/media/ 11 KB
12 KB 402ms
399ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/c6d84bce2d376e9e598a9.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28cc6ab8adc03ed7b36770ba59ef9c9c8bc098c974835d2dbf864342eb5730cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "e03f80b0f3e25a7f19aae7006da60e5b"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVqwna68I0SzWzcik4Fq0VUPiT3YwU7AZ0TXh1buleYNQnkjBR0AIHGqpotC6TUF%2FY2tHYV0%2BStApjyYbUJzN0i4V74CyDuHm7%2Fc9IUr9tTWEvBqMvgqy7MF"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: JecSUmGnb9sqjc-2SKFTI09okYpfFNpX04Pne0gKyFmR9phwnHINCA==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Wed, 20 Nov 2024 00:35:24 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2736&x=1", cfExtPri, cfHdrFlush;dur=185
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 2ffad71acc1fd359f7575ee84d8a56dc.cloudfront.net (CloudFront)
cf-ray: 8f43da408f7a2aaa-LAX
accept-ranges: bytes
content-length: 11527
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 f17ec1914ef6666322960.png
9au.com/media/ 10 KB
11 KB 407ms
404ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/f17ec1914ef6666322960.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cea5f22eba7eaf08127e6ab6835c61e8904d621f2ab4de3fe372400c1a5846

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "2b0afb89fc65aed18e3b8820e7d5bce8"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hD3XMqZY%2BmnRudsIY8sUmooaswx2l2pApYGlOhava4BPtouSLPyTqwzpo%2BOIZ4IY6iMnJwPrLWmUm0eib6J3iOeSMxlmvYHyBU7AgQvS16O5G6D5%2BHzcKDRE"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2WQUnrbjTWGxibC74c0mILUVKbClR2Xc2TNh4ZIEqV-0uMrTlJVO7g==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 07:02:43 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2737&x=1", cfExtPri, cfHdrFlush;dur=187
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 169e0d771068e12ff1a11859dfcaeb00.cloudfront.net (CloudFront)
cf-ray: 8f43da408f7c2aaa-LAX
accept-ranges: bytes
content-length: 10714
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 loading.jpg
9au.com/other/ 6 KB
6 KB 404ms
400ms Image
image/jpeg 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/other/loading.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "f610622904b8a5a177f994328edc9167"
age: 5072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Db2B5VKB4Xsl8VKlQtBD8sB1QcwQurFVrbsftb02PxBbNeriBR6E4rHvfTG3VLGvxEvtVPZJ5SDTfkjycwr3SiHMJDwwYONVIYoSngjcnSBn5WRsbJ7Vr%2FV2"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Sdhal6lyrlUn9TKzUH9kUJQfK9ltgfe9P495IoRuCyPQ7yyKZZ6jOg==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/jpeg
last-modified: Mon, 28 Dec 2020 06:15:34 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2739&x=1", cfExtPri, cfHdrFlush;dur=185
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 2f37710b411dfd57a465b8ca27d41bee.cloudfront.net (CloudFront)
cf-ray: 8f43da408f7f2aaa-LAX
accept-ranges: bytes
content-length: 5752
x-amz-cf-pop: SIN2-P4
server: cloudflare

GET
H3 200 0ced582b85e668e380046.png
9au.com/media/ 19 KB
20 KB 404ms
401ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/0ced582b85e668e380046.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f54d2d43ce8da6483d89e3b8e073db8428a5ddad39012e275ff09530259d58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "9daa1024624ca361c9961b213330a4b3"
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cf3v95Z9prnKDoLngLjVbLAeknc%2FOsoNLKWnSfqQ4Vdk4aK%2B5c8MC%2FbvwulFCYot37%2FHSrLQP6ZHruS8HN%2FR9Bez3DOK6sD0eaKByqaAuzPfEfDzdiddqFr1"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RyAflZvE97UYlEM7lXwfw63dpGPHbvsRCMwJXLeiVdgihFT5nUBY0g==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Sat, 14 Sep 2024 13:10:01 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2738&x=1", cfExtPri, cfHdrFlush;dur=186
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 aa27a00d18f5fd7fe6d6c8f067b321d6.cloudfront.net (CloudFront)
cf-ray: 8f43da408f812aaa-LAX
accept-ranges: bytes
content-length: 19124
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 21f3800d64d6650bef41b.png
9au.com/media/ 6 KB
7 KB 404ms
402ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/21f3800d64d6650bef41b.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512ccd10e8a9230ba557582828dcdcdc206ba5b3c7c1219cb6dad7d2dc37772f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "483c9a74083a1b238924d19254b3afec"
age: 4633
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WA8EvXD10%2FrqvVhSzCa62ExpvJBJaAb6YL6VOXY1tcl9SWIG8tg1zWJZZ%2BSJIUX9QjAjhdEMDsM6wUHK4Bj9E7VJx58st0ThKziAzi7dqkLg8SO3k9baeWON"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Oons95AdWKUGwLNSmooAU6r1p3P7VijxUqP2cxS6461uze47eDpp0Q==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Sun, 01 Sep 2024 13:32:49 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2739&x=1", cfExtPri, cfHdrFlush;dur=185
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 2ffad71acc1fd359f7575ee84d8a56dc.cloudfront.net (CloudFront)
cf-ray: 8f43da408f822aaa-LAX
accept-ranges: bytes
content-length: 6239
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 3c9d3f7c64d66ac389f56.png
9au.com/media/ 1 KB
2 KB 401ms
400ms Other
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/media/3c9d3f7c64d66ac389f56.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fd385b4fa45b1c39cbeb29199bfc8fa8aea17975e4bd58f2994ace5ca30f93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/RF027SED01S

Response headers

cf-cache-status: HIT
etag: "908231e27b2edf8f2395dcfe5f8c6a9b"
age: 2309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZkKw%2BCRnBwez40Fgj6opfTeWsLJbNiayI%2BU8RzSu2ctHizBz9%2Ftf37Iyf1be6akbYWbil2qdj2SrrIhHAtmzvDe7mKM8yg%2B%2FM9t0hqY2WRVpTFJT%2FJ%2By1ZM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: LcqlB6rLNHkPN43buFwueMf-Gk85niYRglfKGDrf-2XUqM3fFpzfTA==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Sun, 01 Sep 2024 13:30:40 GMT
vary: Accept-Encoding
priority: u=1,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2740&x=1", cfExtPri, cfHdrFlush;dur=184
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a9fb1933765b2e0a17ee7cee382c4058.cloudfront.net (CloudFront)
cf-ray: 8f43da409f8c2aaa-LAX
accept-ranges: bytes
content-length: 1152
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 535748806002608 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 4ms
3ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/535748806002608?v=2.9.179&r=stable&domain=9au.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

a17f1875a26cb067fae1d46277504fdeb9f4e6f714b9f9ae69883aaa1cf83ff7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-6lv54MSt' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-6lv54MSt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=71, mss=1232, tbw=71269, tp=67, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: MgR528cOFNr3Nv97GJv5u/XaFnycbRVqiimlEDk2MCcPqFh3cENd3js5viATBM1Q26R5ZRrOiTsqHycajMmUYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15782
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 22ms
21ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KXTV0DNHS7&l=dataLayer&cx=c&gtm=45He4cc1v9191796539za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH9THNNJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3cff9a5ccaaeea7d4924e4894ff701efbe2d369a24cddce2a2bd13392e9f3b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 19 Dec 2024 02:09:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109869
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 20ms
2ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=535748806002608&ev=PageView&dl=https%3A%2F%2F9au.com%2FRF027SED01S&rl=&if=false&ts=1734574187599&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734574187593.834781518480242857&cs_est=true&ler=empty&cdl=API_unavailable&it=1734574187549&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4536, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 270ms
253ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=535748806002608&ev=PageView&dl=https%3A%2F%2F9au.com%2FRF027SED01S&rl=&if=false&ts=1734574187599&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734574187593.834781518480242857&cs_est=true&ler=empty&cdl=API_unavailable&it=1734574187549&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449939406454688323"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: UC6G1Xt72dazfiXBkr2YuBa0jGBZXFdNvUkWJrnwD6/NKqJ7Nomj11kSm6Ksh+7m5L1y1SRsgbww35Y2YsmiqA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449939406454688323", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4904, tp=13, tpl=0, uplat=249, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 12ms
3ms Fetch
text/plain 142.250.4.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KXTV0DNHS7&gtm=45je4cc1v9191813687z89191796539za200zb9191796539&_p=1734574187496&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=47757572.1734574188&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734574187&sct=1&seg=0&dl=https%3A%2F%2F9au.com%2FRF027SED01S&dt=9AU%20Online%20Casino%20Australia%20%7C%20Play%20Slots%2C%20Poker%2C%20pokies%20and%20Live%20Games%20with%20Big%20Bonuses!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2926
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXTV0DNHS7&l=dataLayer&cx=c&gtm=45He4cc1v9191796539za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://9au.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: text/plain
server: Golfe2

GET
DATA 200
OK truncated
/ 162 KB
162 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://9au.com
Referer

Response headers

Content-Type: application/x-font-ttf

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 5ms
3ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=535748806002608&ev=PageView&dl=https%3A%2F%2F9au.com%2Fregister&rl=&if=false&ts=1734574187937&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=4126&fbp=fb.1.1734574187593.834781518480242857&cs_est=true&ler=empty&cdl=API_unavailable&it=1734574187549&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=8985, tp=21, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 177ms
176ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=535748806002608&ev=PageView&dl=https%3A%2F%2F9au.com%2Fregister&rl=&if=false&ts=1734574187937&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=4126&fbp=fb.1.1734574187593.834781518480242857&cs_est=true&ler=empty&cdl=API_unavailable&it=1734574187549&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449939410119039074"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 02:09:48 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ZV0HZQmYRzfP4wgrv2kcsueutERi4rGWvDMG0gu622X9NaazSlaydiNYaTMm1mJBZt+cyzbPE0Ld3X3+nINgZQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449939410119039074", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9193, tp=24, tpl=0, uplat=173, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 57d8ab9c65576e08b8533.png
9au.com/media/ 199 KB
199 KB 339ms
338ms Image
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9au.com/media/57d8ab9c65576e08b8533.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2996335ac1571ae5c15c0dced2b84b9d30b1c96568f08554bec7d3e4d77bb5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/register

Response headers

cf-cache-status: HIT
etag: "0fea557e21e9ac1a1f8f172add23da88"
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBVSGw1flNUywQssHhvgJ5D2dcBKPgFfVsUWv83Gg0Rc2Aslg7prstN28tw6UL8u347axz0RECVqBp8ZgkK6ZFtI9%2FzzTEOpQT2L89Qa%2BudnvCurvv7VRdNb"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: bQ8DSnGUWNK8pzc6TTIxBZ_RsjVhO0z8ZKxaZKB_dz3KOqEzRmy8lA==
date: Thu, 19 Dec 2024 02:09:48 GMT
content-type: image/png
last-modified: Sun, 08 Dec 2024 09:53:35 GMT
vary: Accept-Encoding
priority: u=3,i
server-timing: cfL4;desc="?proto=QUIC&rtt=198946&min_rtt=192885&rtt_var=7127&sent=1448&recv=186&lost=145&retrans=145&sent_bytes=1694365&recv_bytes=18877&delivery_rate=1304039&cwnd=343560&unsent_bytes=0&cid=3816688e06f812bb&ts=3180&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a2c2ae15e1030d0678971e68a40255b6.cloudfront.net (CloudFront)
cf-ray: 8f43da434b8f2aaa-LAX
accept-ranges: bytes
content-length: 203328
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 3c9d3f7c64d66ac389f56.png
9au.com/media/ 1 KB
0 0ms
0ms Other
image/png 172.67.210.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9au.com/media/3c9d3f7c64d66ac389f56.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.210.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fd385b4fa45b1c39cbeb29199bfc8fa8aea17975e4bd58f2994ace5ca30f93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://9au.com/register

Response headers

cf-cache-status: HIT
etag: "908231e27b2edf8f2395dcfe5f8c6a9b"
age: 2309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZkKw%2BCRnBwez40Fgj6opfTeWsLJbNiayI%2BU8RzSu2ctHizBz9%2Ftf37Iyf1be6akbYWbil2qdj2SrrIhHAtmzvDe7mKM8yg%2B%2FM9t0hqY2WRVpTFJT%2FJ%2By1ZM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: LcqlB6rLNHkPN43buFwueMf-Gk85niYRglfKGDrf-2XUqM3fFpzfTA==
date: Thu, 19 Dec 2024 02:09:47 GMT
content-type: image/png
last-modified: Sun, 01 Sep 2024 13:30:40 GMT
vary: Accept-Encoding
priority: u=1,i
server-timing: cfL4;desc="?proto=QUIC&rtt=194123&min_rtt=192895&rtt_var=1113&sent=768&recv=128&lost=0&retrans=0&sent_bytes=890736&recv_bytes=15710&delivery_rate=1124145&cwnd=266400&unsent_bytes=0&cid=3816688e06f812bb&ts=2740&x=1", cfExtPri, cfHdrFlush;dur=184
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a9fb1933765b2e0a17ee7cee382c4058.cloudfront.net (CloudFront)
cf-ray: 8f43da409f8c2aaa-LAX
accept-ranges: bytes
content-length: 1152
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 5ms
2ms Fetch
text/plain 142.250.4.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KXTV0DNHS7&gtm=45je4cc1v9191813687za200zb9191796539&_p=1734574187496&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=47757572.1734574188&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1734574187&sct=1&seg=0&dl=https%3A%2F%2F9au.com%2FRF027SED01S&dt=9AU%20Online%20Casino%20Australia%20%7C%20Play%20Slots%2C%20Poker%2C%20pokies%20and%20Live%20Games%20with%20Big%20Bonuses!&_s=2&tfd=7940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXTV0DNHS7&l=dataLayer&cx=c&gtm=45He4cc1v9191796539za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://9au.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://9au.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 02:09:52 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.9au.com/	1970-01-21 03:59:10	Name: _fbp Value: fb.1.1734574187593.834781518480242857
.9au.com/	1970-01-21 11:25:34	Name: _ga Value: GA1.1.47757572.1734574188
.9au.com/	1970-01-21 11:25:34	Name: _ga_KXTV0DNHS7 Value: GS1.1.1734574187.1.1.1734574188.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://9au.com/mobile/app.js?v=5121(Line 5) Message: Listener added for a 'DOMSubtreeModified' mutation event. Support for this event type has been removed, and this event will no longer be fired. See https://chromestatus.com/feature/5083947249172480 for more information.
recommendation	verbose	URL: https://9au.com/register Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9au.com
canadaclassify.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
o.alicdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.4.101
142.251.175.97
156.67.214.31
163.181.160.250
172.67.210.118
57.144.144.1
57.144.144.128
74.125.200.95
74.125.68.94
03cea5f22eba7eaf08127e6ab6835c61e8904d621f2ab4de3fe372400c1a5846
0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652
0f4189c73d0a21466e9dc23eddf7513042a2eed9d04af1fa95d9a9e85238bfda
16659daba47d55a2d33baad8fa96a62e49a67d51c86c0dfe900ae1f3e03f8e19
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
28cc6ab8adc03ed7b36770ba59ef9c9c8bc098c974835d2dbf864342eb5730cf
2f63d779c4711400d384428958edcab031621d79e2f27e22cb58142f00d83f5d
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3a5f3d08f0c8627b357ca64d6a1ec9d462b9d6c1e7869ee9a059f4e09adfcd70
3cff9a5ccaaeea7d4924e4894ff701efbe2d369a24cddce2a2bd13392e9f3b3f
4b950f008458724c656324bc0cfbb6c5e61e3ac67905db9321920aff11006747
512ccd10e8a9230ba557582828dcdcdc206ba5b3c7c1219cb6dad7d2dc37772f
5a74a2dbddeab7304f90ecfb545381cbe425fc7ec753d211aa166fe74974be86
660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e
6bedaf08159fbcff9683e2967bfa5af28e60083109466a5fee6d80fe0ec65351
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
95d3a4d660aa64b8cd619d36d8ac86f9fccf735b09827fc4a4b23caab1251ba3
a17f1875a26cb067fae1d46277504fdeb9f4e6f714b9f9ae69883aaa1cf83ff7
a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8
a8f54d2d43ce8da6483d89e3b8e073db8428a5ddad39012e275ff09530259d58
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af067483b8b11ea82731adc27fdd06194f83ac627b99867b7777411e09e64df4
b9fd385b4fa45b1c39cbeb29199bfc8fa8aea17975e4bd58f2994ace5ca30f93
c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a
c902d508e4c73100870095f75b1652abe8199ba64e5a6eb833a60362596c7b85
d9486d61129491dd51f892b40b40ea330ab9c701e760f4dfb7e6e1263bfb0cfa
e081252f537bce844636c1fd6fe76d59ed4f0c1725bcd216ce3f59e375f6f012
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4741db9e0dda5794647bf68dc878aa70703b4d8669f73d35163dcef90ef4097
ed84878374d49db7e9e9228ecee27c5eef534c9a308337dc868d9ef3a6b1cd0b
f2996335ac1571ae5c15c0dced2b84b9d30b1c96568f08554bec7d3e4d77bb5c
f56dcc9007d0032889241707ca51f6bfd409888976376eff89285ef98123226d

9au.com Open in urlscan Pro 172.67.210.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

9 IPs

3 Countries

2281 kBTransfer

4775 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

9au.com Open in urlscan Pro
172.67.210.118 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

2281 kB
Transfer

4775 kB
Size

3
Cookies

37 HTTP transactions
1 data transactions