ufa9d.win Open in urlscan Pro
2606:4700:3036::ac43:d8d9  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ufa9d.win/	407 KB 68 KB	320ms 294ms	Document text/html	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 276f3c19952a8816b8e93511146be35363d0bb41a380af33ae9126b5e0db7942 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8dd7a7f1689fd53f-NRT content-encoding br content-type text/html; charset=UTF-8 date Mon, 04 Nov 2024 21:21:50 GMT expires Mon, 29 Oct 1923 20:30:00 GMT last-modified Mon, 04 Nov 2024 20:24:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f92RZ2J%2FApABEOx%2FUeGpof0A%2Bk%2F0IPgvuK99Rc7aaf5xsxUNMV8EEMX0CC%2BmQTOGT7ROYgHYb7Uk6oPzh45y7Uc4u8TZaLasGxGV3%2FEjEWGVYVbZxzsWFiEUKQ8hS%2F7%2B%2F7Ty9IqayuU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=1374&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2372&delivery_rate=3336633&cwnd=254&unsent_bytes=0&cid=2c556cc297261e37&ts=300&x=0" vary Accept-Encoding x-powered-by PleskLin
GET H2	200	dgrcg.css ufa9d.win/wp-content/cache/wpfc-minified/1bn1tzj3/	61 KB 36 KB	17ms 15ms	Stylesheet text/css	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/cache/wpfc-minified/1bn1tzj3/dgrcg.css Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 40211764e900356266290f5edb717fc126b01e112754a9a18c576951e3e4cb81 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"6728a65a-f4c4" age 150 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlGzE9g5r51ymh1NdOnZTJBnpJSIBIU1pWFk3%2BPBDC7ChHbTvUkPh%2BDnL2zSY85ePtIB0G8KgODZnZXbYyYiB9CBhoTlNYkWbQSKkJL7pRYK0W%2FzMu%2B3uUSzWNAHAK5V7Bw3wVafh9I%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1333&sent=79&recv=72&lost=0&retrans=0&sent_bytes=75078&recv_bytes=3068&delivery_rate=21200524&cwnd=257&unsent_bytes=0&cid=2c556cc297261e37&ts=421&x=0" date Mon, 04 Nov 2024 21:21:50 GMT content-type text/css last-modified Mon, 04 Nov 2024 10:47:54 GMT vary Accept-Encoding cache-control max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3ea66d53f-NRT x-powered-by PleskLin server cloudflare
GET H2	200	all.css use.fontawesome.com/releases/v6.6.0/css/	94 KB 23 KB	24ms 13ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v6.6.0/css/all.css Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"fbf1f3445f2554bce753c92cf6851b41" age 24858 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FOOvY3mfDGYWaNAsgTouiMekxco%2BETrqkVyqeC2Fy1cG0%2FhX97SYY%2BqGQXIDrSvQgPpgSdEUnkF%2BLq3svJD%2B6rZTuDLCbN3u4KL%2Fod%2FahRlThfndqx5c8aN3emlN2PJl9XHvwncXb6kV3uICXHWublw"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1116&sent=15&recv=21&lost=0&retrans=0&sent_bytes=9161&recv_bytes=2361&delivery_rate=7621970&cwnd=257&unsent_bytes=0&cid=449e1ae624ee55a9&ts=19&x=0" date Mon, 04 Nov 2024 21:21:50 GMT content-type text/css last-modified Mon, 15 Jul 2024 22:17:48 GMT vary Origin, Accept-Encoding cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3fbd6af4e-NRT access-control-allow-origin * server cloudflare
GET H2	200	v4-shims.css use.fontawesome.com/releases/v6.6.0/css/	27 KB 5 KB	22ms 11ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v6.6.0/css/v4-shims.css Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd6b22cd8366483b9c98121481d78eaa130212df2b736cd63f31f801504521a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"f68f36aede487a2bdfe0ad3c89e0c220" age 24858 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0VIWzy15ZPVB%2FEyXbCQuirUzYjuMcFDBJKB0X7GKD%2F0O3lfcYsUVL92zboc1wowT5rrBkcPhVXAbq0%2FKz%2FiSO9epb4jKfXmdVeNJOfUm4dqijyY%2BxU9vX72V0g3cPAXEnyNKmmFRJMRhUYrIzuWHr4A"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1056&sent=8&recv=14&lost=0&retrans=0&sent_bytes=4025&recv_bytes=2361&delivery_rate=3432937&cwnd=254&unsent_bytes=0&cid=449e1ae624ee55a9&ts=17&x=0" date Mon, 04 Nov 2024 21:21:50 GMT content-type text/css last-modified Mon, 15 Jul 2024 22:17:48 GMT vary Origin, Accept-Encoding cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3fbd7af4e-NRT access-control-allow-origin * server cloudflare
GET H2	200	dgnav.js Show response ufa9d.win/wp-content/cache/wpfc-minified/2f4ciip/	86 KB 31 KB	20ms 19ms	Script application/javascript	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/cache/wpfc-minified/2f4ciip/dgnav.js Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 00c2fa75523696fe6ec9c5df7b8df3718f1fb3cc79960e8fee3d961dc8a177a1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"6728a519-15646" age 150 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHb4G%2B7Vrr%2FI6eRQRK3ec%2Bv1Ba4G212EjS%2BQoG6cmS9ZbDjjK1o6YPRH06oc7ERf%2F4mze3bSfqxVSWvPriXSuRZjtOX1YDUeniLQ25WofmKS9dXFGXTbgWi%2Fk%2Fn6agWohnSim73MtUQ%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1395&sent=159&recv=98&lost=0&retrans=0&sent_bytes=170116&recv_bytes=3068&delivery_rate=43743046&cwnd=257&unsent_bytes=0&cid=2c556cc297261e37&ts=426&x=0" date Mon, 04 Nov 2024 21:21:50 GMT content-type application/javascript last-modified Mon, 04 Nov 2024 10:42:33 GMT vary Accept-Encoding cache-control max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3ea67d53f-NRT x-powered-by PleskLin server cloudflare
GET H2	200	dgnav.js Show response ufa9d.win/wp-content/cache/wpfc-minified/epth2rh8/	182 KB 57 KB	17ms 15ms	Script application/javascript	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/cache/wpfc-minified/epth2rh8/dgnav.js Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 1fbcb9916f084549fa518264e0e5319620d9e14fbd36c77f6c63baca95c65c5b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"6728a519-2d6b3" age 150 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onkESctOWDiz1sQ9q6Xtmp3mr2l5L1nV%2BaUysfcIIXRfJhQFl3fmXJg7iIlzHGzEKsCm%2FLjKSw2HQCuRSHslYju10zuzTAdPV2EsQh92k72j2o1eopLarqeRz0n3Ty4O56YaIVgXh78%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1663&sent=110&recv=88&lost=0&retrans=0&sent_bytes=111838&recv_bytes=3068&delivery_rate=22275053&cwnd=257&unsent_bytes=0&cid=2c556cc297261e37&ts=424&x=0" date Mon, 04 Nov 2024 21:21:50 GMT content-type application/javascript last-modified Mon, 04 Nov 2024 10:42:33 GMT vary Accept-Encoding cache-control max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3ea6ad53f-NRT x-powered-by PleskLin server cloudflare
GET H2	200	9d-31-2048x614.png ufa9d.win/wp-content/uploads/2022/12/	465 KB 466 KB	366ms 364ms	Image image/png	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2022/12/9d-31-2048x614.png Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash b75c7466b5f21c7d8ae53950375592de1a1db4eb867c807b017eb6241e80dbfb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "6396b1a4-74488" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYd5p2JY78FrbM%2Bieor0kvV6kfFegAn1CkfaMpCnyxwKKiQWlUXesQrFj1SkNGgxvveKxFcXjlPA423smMMSIlVjlU0rHp5AJ61JWZbOmQEwNPjHCRZRlFDW0kZQH%2FTSnn4nWqOBAHQ%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1362&sent=186&recv=103&lost=0&retrans=0&sent_bytes=202178&recv_bytes=3068&delivery_rate=43743046&cwnd=257&unsent_bytes=0&cid=2c556cc297261e37&ts=772&x=0" date Mon, 04 Nov 2024 21:21:51 GMT content-type image/png last-modified Mon, 12 Dec 2022 04:44:20 GMT vary Accept-Encoding cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3ea6bd53f-NRT accept-ranges bytes content-length 476296 x-powered-by PleskLin server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	75ms 10ms	Script text/javascript	2404:6800:400a:805::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:805::200a Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers content-encoding gzip age 308896 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 07:33:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 07:33:34 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30399 x-xss-protection 0 server sffe
GET H2	200	9D_%E0%B8%84%E0%B8%A3%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9E%E0%B8%99%E0%B8%B1%E0%B8%99_01.jpg ufa9d.win/wp-content/uploads/2024/09/	196 KB 197 KB	367ms 366ms	Image image/jpeg	2606:4700:3036::ac43:d8d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D_%E0%B8%84%E0%B8%A3%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9E%E0%B8%99%E0%B8%B1%E0%B8%99_01.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d8d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 2d8e06527f4bf93cc30859ddf88f14dbe761f1c3007f961df7bc8dd80e0cd182 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b49-311fc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blWDYTRzLFl0%2FR7Z8%2BeUimMs8rHKrOrg0rTvhLZ9nNRqvJ5DhyDE7GoKSsm3Wr8MI2yOVFI9WHJqq7L9SA2C5rmYk%2BK8pnjBeOOYfU4HDwJRPoAdMWahYOlRcf8pjwnX7hxpsGzaT9s%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=1558&sent=211&recv=128&lost=0&retrans=0&sent_bytes=233468&recv_bytes=3068&delivery_rate=43743046&cwnd=257&unsent_bytes=0&cid=2c556cc297261e37&ts=775&x=0" date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:40:09 GMT vary Accept-Encoding cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f3ea6cd53f-NRT accept-ranges bytes content-length 201212 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-271.jpg ufa9d.win/wp-content/uploads/2024/09/	310 KB 310 KB	352ms 351ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-271.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 2bd30f3a543360d9ab890861b731eec35c2b344d1bf12bf286a150f1d6e25ef9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b16-4d609" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPb22jjKcs6iljhZOBoA6sEQOAAnJ3fItigzTTaU2us36ctHhSckGSe9r73oyx66woVfe%2BpMU4K76wCSBjsmrsPQga7L8kVVMzcxg7Q470F6EDyTxsfUrRzYzlo%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1974&sent=130&recv=64&lost=0&retrans=0&sent_bytes=137932&recv_bytes=11091&delivery_rate=25759583&cwnd=55200&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=408&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:18 GMT vary Accept-Encoding priority u=2,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4490e25fc-NRT accept-ranges bytes content-length 316937 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-270.jpg ufa9d.win/wp-content/uploads/2024/09/	330 KB 331 KB	370ms 369ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-270.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 11b60010169ff9f0657542ebf1f52ed6bb043234f770701d7491f009bf4e1ced Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b18-527c7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncCvGZ3651S16s9xXtntAZ0BrjshXOqlJjrcy9b16zDoYXeUfokeeaqtE%2BE5Y%2Fqaz4o75pLYx2RNZDugscuFs0hC8lWdlAWvP5XtEr6zdbeld4PKfXuM0%2BiLQV8%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1617&sent=295&recv=86&lost=0&retrans=0&sent_bytes=330453&recv_bytes=12080&delivery_rate=13125343&cwnd=84000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=426&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:20 GMT vary Accept-Encoding priority u=2,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4490f25fc-NRT accept-ranges bytes content-length 337863 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-269.jpg ufa9d.win/wp-content/uploads/2024/09/	348 KB 349 KB	364ms 363ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-269.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash f3d273a5dd60243faa14e009b33f2a75d6e74924501802e0762fe6920980edd2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b1a-57096" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDdawIhgDl0sXkQjAxhVjwqvG8EcghDZe2kVZUR8myJ3DTdMniQZ68aqZ%2BF%2B10q%2FZ74fIVHHVZyP5Bn8Qbi1%2F%2BjNA3WlZ7ERMmbFr8tlFDLoW0v6IssA1Y2FksY%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1693&sent=240&recv=80&lost=0&retrans=0&sent_bytes=266278&recv_bytes=11805&delivery_rate=37637812&cwnd=84000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=420&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:22 GMT vary Accept-Encoding priority u=2,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491025fc-NRT accept-ranges bytes content-length 356502 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-268.jpg ufa9d.win/wp-content/uploads/2024/09/	279 KB 280 KB	353ms 352ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-268.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash d8ad27f1acabade0bc71b113851e6cb9c585e50b747f97c7458585d1ceb2c17c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b1c-45bc7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNxFVQQyJnRFDP1DHpIa%2Bx8skRK2fIPJvsglDAuMSF1zQLsCzFCv8x%2F4X10%2F3cdy8Pk5SRUV6wkKAKvmwD0qGNZVy6KCdL%2FfqDOeLQNMlB67xRzrb7P%2BWKJDBnI%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1974&sent=140&recv=64&lost=0&retrans=0&sent_bytes=149932&recv_bytes=11091&delivery_rate=25759583&cwnd=55200&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=408&x=1", cfExtPri, cfHdrFlush;dur=1 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:24 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491225fc-NRT accept-ranges bytes content-length 285639 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-267.jpg ufa9d.win/wp-content/uploads/2024/09/	320 KB 321 KB	351ms 350ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-267.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 7e929e53fba05e2765223a557e2a4926b8e05e90a2f4893c6d97491ab8cb4d4e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b1e-5008a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJxuCb1v4LdIoi5llp3R6n%2FfvVWFp9VrEvBFbC5k3RFVyk1JRfTbV%2BJxF9r5dbWCxB9L3XEgm0viEFi8HO%2FV7VW3%2Fhqqp66%2FmIfnd%2FBZYCzEiS%2F1Z1z5dQnG0H8%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1974&sent=103&recv=64&lost=0&retrans=0&sent_bytes=105862&recv_bytes=11091&delivery_rate=25759583&cwnd=55200&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=407&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:26 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491425fc-NRT accept-ranges bytes content-length 327818 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-266.jpg ufa9d.win/wp-content/uploads/2024/09/	319 KB 320 KB	355ms 354ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-266.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 2bf07c16c882ffd0a555057486fd9eb6c90ba13c644bacd042402642ab37b5dd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e13b1f-4fc8e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69ImGP5mqjao8LIPbLpZavrZAcib%2FIUkUyZqVKrC47M9fCOJ%2FZysTkV3PgYDmV%2F6gqeq66xYChFTmZCM104fcE8cGl0j1t%2FzXttXCCv1pbz9moiwUCAsHsQjUhQ%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1787&sent=186&recv=70&lost=0&retrans=0&sent_bytes=202136&recv_bytes=11355&delivery_rate=180851&cwnd=84000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=410&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:39:27 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491525fc-NRT accept-ranges bytes content-length 326798 x-powered-by PleskLin server cloudflare
GET H3	200	9D-Promote-277.jpg ufa9d.win/wp-content/uploads/2024/09/	60 KB 61 KB	355ms 354ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/9D-Promote-277.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 99e6891d179f238b3ffb07df523177c4366ce7e7378388dd958af8286b64d939 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e9145c-f111" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyMRZiNjJ5ajOVPTS1Z9K50eTRq0A1ddEu5v2ChKXJ2Epg702ZUOURAfb4wNS5YwQ7p%2B0DBX%2Fvu%2FBrJv%2FUl5y70uHeSdNlRZZJMKxcg1XruiS4QvKUWsYkFkr%2FU%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1748&sent=213&recv=73&lost=0&retrans=0&sent_bytes=234196&recv_bytes=11489&delivery_rate=198229&cwnd=84000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=411&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Tue, 17 Sep 2024 05:32:12 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491725fc-NRT accept-ranges bytes content-length 61713 x-powered-by PleskLin server cloudflare
GET H3	200	dgnav.css ufa9d.win/wp-content/cache/wpfc-minified/gqmvnbh/	2 KB 1 KB	18ms 17ms	Stylesheet text/css	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/cache/wpfc-minified/gqmvnbh/dgnav.css Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 1fe85f369ed42e7db152233cbc2a4edad0a94d67f394194d3782664085cb85ad Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers content-encoding br cf-cache-status HIT etag W/"6728a519-641" age 149 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXbGdw6i22AAYw1hbYWOZOAoDJje5qhrgAHxg7xJdulObsVxhZZZxDjfqLQwF0miG8Io%2FG%2BbdsFKvxCa7P%2B2YKI4hyyv43m1uBBTFDyEKms9VNC%2BJkSyp3BnPy4%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1759&sent=14&recv=19&lost=0&retrans=0&sent_bytes=4327&recv_bytes=8524&delivery_rate=1035&cwnd=12000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=72&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:50 GMT content-type text/css last-modified Mon, 04 Nov 2024 10:42:33 GMT vary Accept-Encoding priority u=2,i=?0 cache-control max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491125fc-NRT x-powered-by PleskLin server cloudflare
GET H3	200	BGWEB-02.jpg ufa9d.win/wp-content/uploads/2024/09/	361 KB 362 KB	358ms 358ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2024/09/BGWEB-02.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 271ac0fdb35ecb695314edcebb1e0db8147913bdcf81fd7a5494e38829abac25 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "66e139eb-5a3d4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mlRRqhtu1BCBV13PY3nmqMVz9q9zgcsoYMd9%2Bmqlh5DIDotcawxDzPMn%2FXKz%2Be9l%2BaBxYO3kYh8zL0GkS3EMJ%2BHdD06BOHYcVQ8U1jTx7chQhMuA8yz%2Fd4FLxGY%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1668&sent=267&recv=82&lost=0&retrans=0&sent_bytes=298342&recv_bytes=11895&delivery_rate=15518532&cwnd=84000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=422&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 11 Sep 2024 06:34:19 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4491b25fc-NRT accept-ranges bytes content-length 369620 x-powered-by PleskLin server cloudflare
GET H3	200	nKKZ-Go6G5tXcraVGwA.woff2 fonts.gstatic.com/s/kanit/v15/	19 KB 19 KB	68ms 15ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 306476 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 08:13:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 08:13:54 GMT last-modified Thu, 20 Jul 2023 20:53:09 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19388 x-xss-protection 0 server sffe
GET H3	200	nKKU-Go6G5tXcr4uPhWnVaE.woff2 fonts.gstatic.com/s/kanit/v15/	19 KB 19 KB	77ms 25ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4uPhWnVaE.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 307923 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 07:49:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 07:49:47 GMT last-modified Thu, 20 Jul 2023 20:53:51 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19336 x-xss-protection 0 server sffe
GET H3	200	nKKZ-Go6G5tXcraBGwCYdA.woff2 fonts.gstatic.com/s/kanit/v15/	13 KB 13 KB	79ms 27ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraBGwCYdA.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 309013 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 07:31:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 07:31:37 GMT last-modified Thu, 20 Jul 2023 20:52:56 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13260 x-xss-protection 0 server sffe
GET H3	200	nKKU-Go6G5tXcr5KPxWnVaE.woff2 fonts.gstatic.com/s/kanit/v15/	19 KB 19 KB	45ms 19ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash 7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 307180 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 08:02:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 08:02:10 GMT last-modified Thu, 20 Jul 2023 20:50:53 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19572 x-xss-protection 0 server sffe
GET H3	200	eicons.woff2 ufa9d.win/wp-content/plugins/elementor/assets/lib/eicons/fonts/	95 KB 96 KB	12ms 12ms	Font application/font-woff2	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.31.0 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash a486806458ecca28146968197167b5ee9280997ded761f8b0afeeca42e7fce9d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers cf-cache-status HIT etag "6728a4bc-17ba0" age 25764 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mkzKqNDhsyUZzLxEZl2XzDj8P1jw8rhIvv%2BC6yVd%2FrnitZ7L7td8t6BHY5oE9LbXPDGsB8i6qkQjJUJlhHCXsh061I9RUU9bFZ%2FOHkzxAIglQDBG4xKRGHLsvI%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1728&sent=17&recv=21&lost=0&retrans=0&sent_bytes=5716&recv_bytes=8904&delivery_rate=105777&cwnd=12000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=110&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:50 GMT content-type application/font-woff2 last-modified Mon, 04 Nov 2024 10:41:00 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4893c25fc-NRT accept-ranges bytes content-length 97184 x-powered-by PleskLin server cloudflare
GET H3	200	nKKU-Go6G5tXcr4uPhWzVaF5NQ.woff2 fonts.gstatic.com/s/kanit/v15/	13 KB 13 KB	22ms 13ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4uPhWzVaF5NQ.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash b515e6bb380ade66109ca5b85fe6493fa8bdffb41366b2e2e99f8bf465beb2eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 308502 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 07:40:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 07:40:08 GMT last-modified Thu, 20 Jul 2023 20:57:05 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13320 x-xss-protection 0 server sffe
GET H3	200	nKKU-Go6G5tXcr5KPxWzVaF5NQ.woff2 fonts.gstatic.com/s/kanit/v15/	13 KB 13 KB	22ms 12ms	Font font/woff2	142.250.76.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWzVaF5NQ.woff2 Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f3.1e100.net Software sffe / Resource Hash cde2e2c6898ff873c0f07cf02519546039fef239b55547b7bed970208102aeda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ufa9d.win Referer https://ufa9d.win/ Response headers age 305538 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 01 Nov 2025 08:29:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 01 Nov 2024 08:29:32 GMT last-modified Thu, 20 Jul 2023 20:54:06 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13568 x-xss-protection 0 server sffe
GET H3	200	9D-Promote-159.jpg ufa9d.win/wp-content/uploads/2023/06/	79 KB 79 KB	364ms 363ms	Image image/jpeg	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ufa9d.win/wp-content/uploads/2023/06/9D-Promote-159.jpg Requested by Host: ufa9d.win URL: https://ufa9d.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash a46f36a9bed6aa0c849fe703ce423e0b1d463eac3010cfac3dfec8dfdf6e1620 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "649bc0b4-13a33" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FJ5PYchbKFk%2FFB4Hcr%2B9UaN8%2FKOBU%2FfF8JyoplzChiH3XzThv5YemVdiVfyPRYrzSwRAy6RC1PBZhtw%2F0M%2BIoPSX%2BdyimnFX1NVheum2KpzAl8lzWybUKE1Gxk%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1840&sent=575&recv=115&lost=0&retrans=0&sent_bytes=662293&recv_bytes=13385&delivery_rate=13540037&cwnd=96000&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=478&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/jpeg last-modified Wed, 28 Jun 2023 05:10:12 GMT vary Accept-Encoding priority u=3,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f4994c25fc-NRT accept-ranges bytes content-length 80435 x-powered-by PleskLin server cloudflare
GET H3	200	cropped-9d-1-32x32.png ufa9d.win/wp-content/uploads/2022/12/	3 KB 3 KB	243ms 243ms	Other image/png	172.67.216.217 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufa9d.win/wp-content/uploads/2022/12/cropped-9d-1-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.217 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 6e76ae16b927ac569177dd90a2d9ccff1769599a355ea3c51af2ffa8df27c718 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ufa9d.win/ Response headers cf-cache-status BYPASS etag "6396b5cd-a10" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pwTTBUsJws5G%2FKCMCaFufQ0lsgGbyj4qIvD2JmOQRPYYUblGMYhNdwq16y1LQZTkPbMNlouIUEWdZFDIV5AmclFc4MBKnSL%2BijjeGqMPWnzWgKfQ6QqpQoTjVQ%3D"}],"group":"cf-nel","max_age":604800} expires max-age=A10368000, public alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1700&sent=2235&recv=290&lost=0&retrans=0&sent_bytes=2631117&recv_bytes=21612&delivery_rate=10441621&cwnd=267600&unsent_bytes=0&cid=3a901ab4261bbcfb&ts=1009&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 04 Nov 2024 21:21:51 GMT content-type image/png last-modified Mon, 12 Dec 2022 05:02:05 GMT vary Accept-Encoding priority u=1,i cache-control private, max-age=10368000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dd7a7f8bc8025fc-NRT accept-ranges bytes content-length 2576 x-powered-by PleskLin server cloudflare

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| webpackChunkelementor object| elementorModules object| elementorFrontendConfig

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.gstatic.com
ufa9d.win
use.fontawesome.com
142.250.76.131
172.67.216.217
2404:6800:400a:805::200a
2606:4700:3036::ac43:d8d9
2606:4700:3037::ac43:8ef5
00c2fa75523696fe6ec9c5df7b8df3718f1fb3cc79960e8fee3d961dc8a177a1
11b60010169ff9f0657542ebf1f52ed6bb043234f770701d7491f009bf4e1ced
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1fbcb9916f084549fa518264e0e5319620d9e14fbd36c77f6c63baca95c65c5b
1fe85f369ed42e7db152233cbc2a4edad0a94d67f394194d3782664085cb85ad
271ac0fdb35ecb695314edcebb1e0db8147913bdcf81fd7a5494e38829abac25
276f3c19952a8816b8e93511146be35363d0bb41a380af33ae9126b5e0db7942
2bd30f3a543360d9ab890861b731eec35c2b344d1bf12bf286a150f1d6e25ef9
2bf07c16c882ffd0a555057486fd9eb6c90ba13c644bacd042402642ab37b5dd
2d8e06527f4bf93cc30859ddf88f14dbe761f1c3007f961df7bc8dd80e0cd182
40211764e900356266290f5edb717fc126b01e112754a9a18c576951e3e4cb81
6e76ae16b927ac569177dd90a2d9ccff1769599a355ea3c51af2ffa8df27c718
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
7e929e53fba05e2765223a557e2a4926b8e05e90a2f4893c6d97491ab8cb4d4e
99e6891d179f238b3ffb07df523177c4366ce7e7378388dd958af8286b64d939
a46f36a9bed6aa0c849fe703ce423e0b1d463eac3010cfac3dfec8dfdf6e1620
a486806458ecca28146968197167b5ee9280997ded761f8b0afeeca42e7fce9d
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b515e6bb380ade66109ca5b85fe6493fa8bdffb41366b2e2e99f8bf465beb2eb
b75c7466b5f21c7d8ae53950375592de1a1db4eb867c807b017eb6241e80dbfb
cde2e2c6898ff873c0f07cf02519546039fef239b55547b7bed970208102aeda
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
d8ad27f1acabade0bc71b113851e6cb9c585e50b747f97c7458585d1ceb2c17c
dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1
e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81
f3d273a5dd60243faa14e009b33f2a75d6e74924501802e0762fe6920980edd2
fd6b22cd8366483b9c98121481d78eaa130212df2b736cd63f31f801504521a9