urlscan.io logo urlscan.io
SecurityTrails logo

universalfancycostumes.com Open in urlscan Pro
188.114.97.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.littlebigexplorations.com/
Effective URL: https://universalfancycostumes.com/
Submission Tags: @phish_report
Submission: On December 02 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is universalfancycostumes.com.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time universalfancycostumes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.203.143 13335 (CLOUDFLAR...)
9 188.114.97.9 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 13.32.99.111 16509 (AMAZON-02)
11 3
Apex Domain
Subdomains		 Transfer
9 universalfancycostumes.com
universalfancycostumes.com
212 KB
2 pragmaticplay.net
demogamesfree.pragmaticplay.net — Cisco Umbrella Rank: 507672
572 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 littlebigexplorations.com
www.littlebigexplorations.com
684 B
11 4
Domain Requested by
9 universalfancycostumes.com universalfancycostumes.com
static.cloudflareinsights.com
2 demogamesfree.pragmaticplay.net 1 redirects universalfancycostumes.com
1 static.cloudflareinsights.com universalfancycostumes.com
1 www.littlebigexplorations.com 1 redirects
11 4

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
pragmaticplay.com
tr.wikipedia.org
Subject Issuer Validity Valid
universalfancycostumes.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.pragmaticplay.net
Amazon RSA 2048 M02		 2024-07-14 -
2025-08-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://universalfancycostumes.com/
Frame ID: ACA87E255EB09109FE452CFD2DE601F4
Requests: 10 HTTP requests in this frame

Frame: https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20fruitsw&gname=Sweet%20Bonanza&jurisdictionID=99&lobbyUrl=https%3A%2F%2Fwww.pragmaticplay.com&mgckey=stylename@generic~SESSION@bd91a99b-71fa-41ca-b9d3-cf0b8db7ee9a
Frame ID: D9F1124B1899E72CDE80B3D00E8BC349
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sweet Bonanza Demo Oyna | %96.51 RTP Free Bonanza Oyunu

Page URL History Show full URLs

  1. http://www.littlebigexplorations.com/ HTTP 307
    https://www.littlebigexplorations.com/ HTTP 301
    https://universalfancycostumes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

219 kB
Transfer

263 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.littlebigexplorations.com/ HTTP 307
    https://www.littlebigexplorations.com/ HTTP 301
    https://universalfancycostumes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=en&cur=USD&gameSymbol=vs20fruitsw&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobbyURL=https%3A%2F%2Fwww.pragmaticplay.com HTTP 302
  • https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20fruitsw&gname=Sweet%20Bonanza&jurisdictionID=99&lobbyUrl=https%3A%2F%2Fwww.pragmaticplay.com&mgckey=stylename@generic~SESSION@bd91a99b-71fa-41ca-b9d3-cf0b8db7ee9a

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
universalfancycostumes.com/
Redirect Chain
  • http://www.littlebigexplorations.com/
  • https://www.littlebigexplorations.com/
  • https://universalfancycostumes.com/
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://universalfancycostumes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
da01ef7dab0de2d0a2231d596ef4c153340661c3b7c5cfd35091f35e645bc51e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb99e8d4bc55423-TLL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 07:31:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjNnqy%2Frt54ejquxbwGQ4zfJzrMYU6fNzTs4cz29EvMFsw%2FLiUnJf4gx%2B%2FfC7NPSGg7hi%2BKIdw%2FL5NEh1jz%2F80wc%2Bs85jz5uuaeURJ8qYTSwwNCEQA3xgGmgoJgSaOPkUSKmBHf%2B29G88u%2Ftww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=34449&min_rtt=33761&rtt_var=7489&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4176&recv_bytes=4449&delivery_rate=17416&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=129&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eb99e8c690970ba-WAW
content-type
text/html
date
Mon, 02 Dec 2024 07:31:47 GMT
location
https://universalfancycostumes.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2NX1hj3Vfw9qPS0CTCkIKAhrTWCCKyjgB1rLGahh92kQ2NEhiSJZd%2FyDGsh%2Bt%2BZfjYyxYhDT7o7OzsRm1EKoAXLryt8gwVh52ETWun4fbKpOLNPOVXo7H9s40IdSJjeon8oPd9gG4nDvYaY8naM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=70691&min_rtt=70442&rtt_var=26594&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4357&delivery_rate=43901&cwnd=12000&unsent_bytes=0&cid=ecc2a50f594ab4dd&ts=135&x=1" cfHdrFlush;dur=0
x-turbo-charged-by
LiteSpeed
styles.css
universalfancycostumes.com/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://universalfancycostumes.com/assets/css/styles.css?v=112335435123
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2890610da043dcb100e8997b028cf39fd01fbf1ea931c323982c2bafddd742

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/

Response headers

content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSfsAw0D6yFEOc6erdb8vTUIzQhsido%2BijaZx3A6ZzqNcClXnp6tdTlH%2FkCP5uM6%2FDuTroXmzVCxnMQC7GbDhqy41MlG4QTGPeUuyS8m6KyX24%2BEeLCaK2r8UZ%2BqOAvXa8jGlma4ETlslvFFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34503&min_rtt=33761&rtt_var=1175&sent=24&recv=19&lost=0&retrans=0&sent_bytes=15264&recv_bytes=6098&delivery_rate=185486&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=267&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
text/css
last-modified
Thu, 15 Feb 2024 13:14:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8e2ccb5423-TLL
x-turbo-charged-by
LiteSpeed
server
cloudflare
logon.webp
universalfancycostumes.com/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universalfancycostumes.com/assets/img/logon.webp
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e35d476cde88b25b8f8ed49319d181cd67bf375c66b157c38cc02d899c6313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N534iy0Ku%2FTELpFSsMQnRI68fowXfpur%2BzapzwRSuI55Bd9JhKOU43aC5tNAxlR%2BnKYUV7QccIHpjVczdK3%2BCjxPfsIOA2YAzvemg7iRQP6Nvk4eMGKDiMAqXdJyJQANvzroMQUi3oqpxDB1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34503&min_rtt=33761&rtt_var=1175&sent=28&recv=19&lost=0&retrans=0&sent_bytes=18900&recv_bytes=6098&delivery_rate=185486&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=278&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
image/webp
last-modified
Thu, 15 Feb 2024 13:21:51 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8e2cce5423-TLL
accept-ranges
bytes
content-length
2120
x-turbo-charged-by
LiteSpeed
server
cloudflare
sweet-bonanza.webp
universalfancycostumes.com/assets/img/pc/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universalfancycostumes.com/assets/img/pc/sweet-bonanza.webp
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff5609c8ea0e534268ebbe16ece0949b15b816b33151dabefffdfe6cafac0bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Odi%2FSJmo35%2BXQKFoQCPYuWGquNn%2FFBBFqKxmYS3E0%2B9inFreDtCq5OA8koN0DHOzTHk%2Fuel8w5ONA0N9wyfERqKBWDm15S8u%2F0KdEaWMWXBnMUxFwJ%2FxwK23QLxx1eVF4GY0zv9deBW7oXJz3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37290&min_rtt=33761&rtt_var=5585&sent=34&recv=25&lost=0&retrans=0&sent_bytes=22773&recv_bytes=7033&delivery_rate=61143&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=326&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
image/webp
last-modified
Thu, 15 Feb 2024 08:55:58 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8e2cd05423-TLL
accept-ranges
bytes
content-length
139460
x-turbo-charged-by
LiteSpeed
server
cloudflare
scripts.js
universalfancycostumes.com/assets/js/ 		177 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://universalfancycostumes.com/assets/js/scripts.js
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3ec7b26aac825a066cdf72c359d6cd52aa2615a07de496d47b687fbc47debb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/

Response headers

content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWULMHrVjRVpEHinHXVjGt1S0wqCtkwdFsyhJi%2FivwqFjMKmJPLfmuj2x7XCwkfuBpc7kqjuEwe7ne1zUHyddC2xqFP7h57NsveqGEAktO6j5493foB%2BG%2F%2Bwv57XNNJPj2TETk1xqaT7RTp6Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34503&min_rtt=33761&rtt_var=1175&sent=31&recv=19&lost=0&retrans=0&sent_bytes=21832&recv_bytes=6098&delivery_rate=185486&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=281&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
application/javascript
last-modified
Thu, 15 Feb 2024 07:49:02 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8e3cdb5423-TLL
x-turbo-charged-by
LiteSpeed
server
cloudflare
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://universalfancycostumes.com
Referer
https://universalfancycostumes.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2023.10.0"
cross-origin-resource-policy
cross-origin
cf-ray
8eb99e8ea8a18d7e-HEL
access-control-allow-origin
*
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
html5Game.do
demogamesfree.pragmaticplay.net/gs2c/ Frame D9F1
Redirect Chain
  • https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=en&cur=USD&gameSymbol=vs20fruitsw&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobbyURL=https%3A%2F%2Fwww.p...
  • https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20fruitsw&gname=Sweet%20Bonanza&jurisdictionID=99&lobbyUrl=https%3A%2F%2Fwww.pragmaticplay.com&mgckey=stylename@generic~...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20fruitsw&gname=Sweet%20Bonanza&jurisdictionID=99&lobbyUrl=https%3A%2F%2Fwww.pragmaticplay.com&mgckey=stylename@generic~SESSION@bd91a99b-71fa-41ca-b9d3-cf0b8db7ee9a
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Referer
https://universalfancycostumes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-language
en
content-type
text/html;charset=UTF-8
date
Mon, 02 Dec 2024 07:31:47 GMT
expires
Mon, 02 Dec 2024 07:31:47 GMT
pragma
no-cache
server
nginx
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id
ytO0K8-PX9RJ1Okqhsw7DVa4YiRsMwiNu_N5xZ2XwfG6sqdyqaDRKg==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 02 Dec 2024 07:31:47 GMT
expires
0
location
https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20fruitsw&gname=Sweet Bonanza&jurisdictionID=99&lobbyUrl=https%3A%2F%2Fwww.pragmaticplay.com&mgckey=stylename@generic~SESSION@bd91a99b-71fa-41ca-b9d3-cf0b8db7ee9a
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id
l1CBJR9I8KzW-au9oMiqY6pHJNWyrLhMFaHhzsORAnQLTiT05JkN2A==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
left.webp
universalfancycostumes.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universalfancycostumes.com/assets/img/left.webp
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/assets/css/styles.css?v=112335435123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e02b9b5e1823a4afd26a30854f06bbfe4f4b31b1ac04106010919c7853db1ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/assets/css/styles.css?v=112335435123

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLWaiPOl%2Bi8zsHP0Wl5cO%2BTwvocDj2RbIt%2FWkRUlvWGVkVvq6b2bSeOBeP2zObLg%2FyDg7TvqUrjR%2BOq7udSg2Crgh1eKDpOdl7RfdPpHQzGjozlHwPX%2B%2FCX%2BooddXBXzkjyO02oBLomiQ%2FfQ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36859&min_rtt=33761&rtt_var=5051&sent=45&recv=26&lost=0&retrans=0&sent_bytes=34773&recv_bytes=7076&delivery_rate=31007&cwnd=12000&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=359&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
image/webp
last-modified
Thu, 15 Feb 2024 07:52:15 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8eedc45423-TLL
accept-ranges
bytes
content-length
1630
x-turbo-charged-by
LiteSpeed
server
cloudflare
block.webp
universalfancycostumes.com/assets/img/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universalfancycostumes.com/assets/img/block.webp
Requested by
Host: universalfancycostumes.com
URL: https://universalfancycostumes.com/assets/css/styles.css?v=112335435123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ce063b057c23d6db1fdc2f5fb89cbbc3b3be5624a48dfff699e81c20cd7c022

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/assets/css/styles.css?v=112335435123

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8x5gcVJXx4KI0WMo3Cc58hWFPX8tiIlLWfs1Lo5JPvMZqKlB6rZcUGePbiuDCD26b%2BNlHFfqix8%2BdPGo1LOGT0AwlCSV%2BXgey6fhdwi9Lr9ROl6pY2RERw6ekDCyoApgiq2LfPUU8RXWzJ5KAw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34949&min_rtt=33761&rtt_var=695&sent=149&recv=55&lost=0&retrans=0&sent_bytes=157773&recv_bytes=8340&delivery_rate=983452&cwnd=67500&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=451&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:47 GMT
content-type
image/webp
last-modified
Thu, 15 Feb 2024 07:52:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e8eedc55423-TLL
accept-ranges
bytes
content-length
46470
x-turbo-charged-by
LiteSpeed
server
cloudflare
rum
universalfancycostumes.com/cdn-cgi/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://universalfancycostumes.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://universalfancycostumes.com/

Response headers

x-content-type-options
nosniff
cf-ray
8eb99e91c8215423-TLL
date
Mon, 02 Dec 2024 07:31:48 GMT
server
cloudflare
x-frame-options
DENY
favicon.webp
universalfancycostumes.com/assets/img/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://universalfancycostumes.com/assets/img/favicon.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e260e0b1f5e42de5407de97110c745bed8703899a6e9546edaa41a2f6ea2781

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://universalfancycostumes.com/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STYd9HHwKZZYbb2oUbeqtRMgHioioLo6USLegzgopxF6lDDx0N%2B9QOayYbpYUaoJCp2mHEpsEkPLnTK4VEURnok8QB2PPqfyxKWaZUE9YbphwJEMJmO0d%2FRI%2FgJ%2BkcmWBY6HqE59h%2B7gZ47YZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 07:31:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34699&min_rtt=33761&rtt_var=747&sent=203&recv=78&lost=0&retrans=0&sent_bytes=217060&recv_bytes=11749&delivery_rate=2072&cwnd=105900&unsent_bytes=0&cid=32e9c850d6dcd0e7&ts=861&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 07:31:48 GMT
content-type
image/webp
last-modified
Thu, 15 Feb 2024 07:46:23 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eb99e91c8225423-TLL
accept-ranges
bytes
content-length
8030
x-turbo-charged-by
LiteSpeed
server
cloudflare

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfBeacon

0 Cookies