gwin9au.com Open in urlscan Pro
104.21.44.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://justinnorrisswimacademy.com/
Effective URL:
https://gwin9au.com/RFSEOGWIN9
Submission: On December 03 via api (December 3rd 2024, 4:46:29 pm UTC) from US — Scanned from SG

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 33 HTTP transactions. The main IP is 104.21.44.206, located in and belongs to CLOUDFLARENET, US. The main domain is gwin9au.com.
TLS certificate: Issued by WE1 on November 16th 2024. Valid for: 3 months.

This is the only time gwin9au.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	156.67.220.232 156.67.220.232	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
25	104.21.44.206 104.21.44.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.253.118.95 172.253.118.95	15169 (GOOGLE) (GOOGLE)
1	163.181.160.250 163.181.160.250	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	57.144.144.128 57.144.144.128	32934 (FACEBOOK) (FACEBOOK)
1	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
2	57.144.144.1 57.144.144.1	32934 (FACEBOOK) (FACEBOOK)
33	7

1 156.67.220.232 (Singapore, Singapore) 1 redirects

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)
PTR: srv642682.hstgr.cloud

justinnorrisswimacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.21.44.206 (None, )

ASN13335 (CLOUDFLARENET, US)

gwin9au.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.160.250 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

o.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.144.144.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin11.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.144.144.1 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin11.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gwin9au.com gwin9au.com	2 MB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	gstatic.com fonts.gstatic.com	125 KB
1	alicdn.com o.alicdn.com — Cisco Umbrella Rank: 22534	79 KB
1	justinnorrisswimacademy.com 1 redirects justinnorrisswimacademy.com	138 B
33	7

	Domain	Requested by
25	gwin9au.com	gwin9au.com
2	www.facebook.com
2	connect.facebook.net	gwin9au.com connect.facebook.net
2	fonts.googleapis.com	gwin9au.com
1	fonts.gstatic.com	fonts.googleapis.com
1	o.alicdn.com	gwin9au.com
1	justinnorrisswimacademy.com	1 redirects
33	7

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
gwin9au.com WE1	`2024-11-16` - `2025-02-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2024-06-19` - `2025-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gwin9au.com/RFSEOGWIN9
Frame ID: BBD2EF127C77FC8A8494C484248D08F7
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GWIN 9 | GLOBAL TRUSTED COMPANY | WELCOME INTERNATIONAL PLAYERS

Page URL History Show full URLs

https://justinnorrisswimacademy.com/ HTTP 301
https://gwin9au.com/RFSEOGWIN9 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2373 kB
Transfer

4607 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/addlist/D474Xr1Y_EU3NzBl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://justinnorrisswimacademy.com/ HTTP 301
https://gwin9au.com/RFSEOGWIN9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request RFSEOGWIN9 Show response
gwin9au.com/
Redirect Chain

https://justinnorrisswimacademy.com/
https://gwin9au.com/RFSEOGWIN9

470 KB
105 KB

289ms
103ms

Document
text/html

104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwin9au.com/RFSEOGWIN9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2c3ef603cdff3e38cb0a94cd7b8c386f1e47a23c29272aa09a1575b638a963

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ec508497914ef6e-SIN
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 16:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lsqg93MII82pWhdcL6%2BpfdHaxprFtjSGxzQTmfAcbtOTIyb%2FQOz2nVFL06%2B%2B2mhAmZjEtv1QaeuKQlJZ6VOygVd%2FrTrakif%2Bz%2B%2BWBmVVCGo%2Bk7igR3IfAGLVpjir5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=3537&min_rtt=2932&rtt_var=902&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4227&recv_bytes=4543&delivery_rate=967&cwnd=12000&unsent_bytes=0&cid=f34149f77832ebe9&ts=109&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-frame-options: DENY

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 16:46:21 GMT
location: https://gwin9au.com/RFSEOGWIN9
server: nginx
x-powered-by: PHP/8.2.26 PleskLin

GET
H2 200 css
fonts.googleapis.com/ 3 KB
672 B 51ms
10ms Stylesheet
text/css 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand|Dancing+Script&display=swap

Requested by

Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

ESF /

Resource Hash

d9486d61129491dd51f892b40b40ea330ab9c701e760f4dfb7e6e1263bfb0cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 16:46:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 16:46:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 16:45:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 48ms
8ms Stylesheet
text/css 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 16:46:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 16:46:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 16:46:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 html5-qrcode.min.js Show response
gwin9au.com/mobile/qrcode-scanner/ 367 KB
110 KB 15ms
14ms Script
application/javascript 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/mobile/qrcode-scanner/html5-qrcode.min.js
Requested by: Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"d88d3200cb547c9e86ee972975561dcd"
age: 1275
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F2gquOTLCufQI7819EeAV5WHbG9e4xzPh%2BDaDE8p8jndYyC2au8Hr4fMCAtVCa6ao00z0wSYwurhajQJnU30B94Tr3gCuBamHKnJk7YwCIu1SConldW%2FDaPnwodIw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Z-IXd36G27v-DVW_PNespudRVlZar_xgtTdX_jgkoepQEbD2ECHEGg==
date: Tue, 03 Dec 2024 16:46:21 GMT
content-type: application/javascript
last-modified: Tue, 09 May 2023 12:46:56 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=3366&min_rtt=2853&rtt_var=245&sent=112&recv=60&lost=0&retrans=0&sent_bytes=114631&recv_bytes=7215&delivery_rate=11306752&cwnd=88800&unsent_bytes=0&cid=f34149f77832ebe9&ts=158&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 27f668bcd09435386d2434e95a56f7d6.cloudfront.net (CloudFront)
cf-ray: 8ec5084a5b9bef6e-SIN
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 tesseract.min.js Show response
gwin9au.com/mobile/tesseract5/ 65 KB
11 KB 16ms
15ms Script
application/javascript 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/mobile/tesseract5/tesseract.min.js
Requested by: Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"762c42567bee631741908f3541ebf1c2"
age: 1275
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CAy8zU2Hrf6frbhSRcuMJxp6xHGAWPq%2FIn3jSmd0ZZp41AvW125DvZetQFWPFGzdVdkGoMQCMTEHllvXN%2Bmo87o0vL7kcYgKUN6d7RjSohQUbjvcKtzvkaf%2B1IuIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: pLFeiXR4iIla2Gls07IWJSghRcJv9DSY-aqPDaZNhxPopHIo-2flgg==
date: Tue, 03 Dec 2024 16:46:21 GMT
content-type: application/javascript
last-modified: Sun, 06 Oct 2024 10:24:32 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=3366&min_rtt=2853&rtt_var=245&sent=188&recv=60&lost=0&retrans=0&sent_bytes=203431&recv_bytes=7215&delivery_rate=11306752&cwnd=88800&unsent_bytes=0&cid=f34149f77832ebe9&ts=161&x=1", cfHdrFlush;dur=1
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 54362c05a4ef085b95bdfe1b85c113d4.cloudfront.net (CloudFront)
cf-ray: 8ec5084a5bafef6e-SIN
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 AliyunCaptcha.js Show response
o.alicdn.com/captcha-frontend/aliyunCaptcha/ 214 KB
79 KB 153ms
12ms Script
application/javascript 163.181.160.250
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.alicdn.com/captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
Requested by: Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.160.250 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b4d5f92a78c86dee4b124356c0fa7e0d08cdfd92bbe73f99b31f6bdbb4d53ee8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

x-oss-cdn-auth: success
content-md5: Z1LUh7Bfry2B9oGSfUqk4g==
x-oss-storage-class: Standard
content-encoding: gzip
etag: W/"6752D487B05FAF2D81F681927D4AA4E2"
age: 44502
x-oss-object-type: Normal
x-assets-pt: pt0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Tue, 03 Dec 2024 04:24:38 GMT
x-oss-server-time: 8
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-assets-path: /captcha-frontend/aliyunCaptcha/AliyunCaptcha.js
last-modified: Thu, 21 Nov 2024 04:24:19 GMT
cache-control: max-age=604800,s-maxage=86400
x-swift-cachetime: 86401
timing-allow-origin: *
x-er-version: 0.0.6
x-oss-hash-crc64ecma: 7174027000543214425
x-assets-grey: false
via: cache33.l2sg5[92,19,304-0,C], cache36.l2sg5[19,0], ens-cache7.sg17[0,0,200-0,H], ens-cache1.sg17[1,0], ens-cache11.sg17[9,0]
ali-swift-global-savetime: 1733199879
x-swift-savetime: Tue, 03 Dec 2024 04:24:38 GMT
access-control-allow-origin: *
eagleid: a3b5a09f17332443819202099e
x-oss-request-id: 674E88063A212495DAB51BBC
server: Tengine

GET
H3 200 app.js Show response
gwin9au.com/mobile/ 1 MB
362 KB 60ms
60ms Script
text/javascript 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/mobile/app.js?v=5063
Requested by: Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda4a186bb324e7367b4a2ce53ff7a4cd3da9064a939c686ffa5897ff5a5081d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "c51187e1435f0071fa882a74a2dc8ba5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYQE4GHs%2B0EzlC7Nm6bhYRlSVVDZGJlPl1Fcfj9vRmCJ57egCWPmPGXkD1W1t1hESp84KE2q1N%2BLqH%2B9SRl6whDmjt88VLEHOL3tpGHuVw0jY2RgfgWVxJPIrv632A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: QdauYUi-gcRA0d4FmPu5EafSkAB-tgGtj16_nC8eJePEtpcRZkvKyA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: text/javascript
last-modified: Tue, 03 Dec 2024 15:37:11 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=3117&min_rtt=2707&rtt_var=154&sent=222&recv=73&lost=0&retrans=0&sent_bytes=241834&recv_bytes=8023&delivery_rate=5895518&cwnd=129600&unsent_bytes=0&cid=f34149f77832ebe9&ts=553&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 2f37710b411dfd57a465b8ca27d41bee.cloudfront.net (CloudFront)
cf-ray: 8ec5084c8a48ef6e-SIN
accept-ranges: bytes
content-length: 370227
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 8087da301bb66dbe1b523.png
gwin9au.com/media/ 11 KB
12 KB 56ms
51ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/8087da301bb66dbe1b523.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75eb77bc45144030fc9cc794ea86acdc58ce1d75a5e43039dab2061ab862de09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "89f3f3c1916d5f4d748a0766cfd4d809"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQtEnSV%2FOrCZam24HJLjA8foIueqwHfOZ7MWmroMtkd05wN2D35D%2Bb6mvYz0lmtlkwf%2BL2jV7G8qJab85Ry3EEou8Agu4j2nxMoj4h%2Bm9%2BZ3Xz0jcoTbcvHXkdGrbw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4P5cOr9W5xg-YNeQ6ZzybS8gxFT639u0SAj3wFkOXcrXoYIDcrPKgA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Tue, 13 Aug 2024 07:50:19 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=3965&min_rtt=2707&rtt_var=333&sent=548&recv=123&lost=0&retrans=0&sent_bytes=621416&recv_bytes=15271&delivery_rate=40622183&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1151&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 503185d30898f0ec9039d4166605804a.cloudfront.net (CloudFront)
cf-ray: 8ec508506f94ef6e-SIN
accept-ranges: bytes
content-length: 11342
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 kk-bg-menu.jpg
gwin9au.com/other/ 3 KB
4 KB 52ms
51ms Image
image/jpeg 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/other/kk-bg-menu.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: REVALIDATED
etag: "c72f26aa42a64ea3c1adb956bce40552"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJIi2e77uxUDZKqMMvJpAaSMwDqvQ2VlFbsLNu1Gi0HWCMtNajymlank0TqkPlhx5slXp%2FKv05HD0kPa0Ybd4YoHddEDkqbNQVzck3Kt4Ies0CFOLfgkk%2Fw61%2BqRYg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ccq8XTO70kYJCj_L_YgLKJH36E31s-4zY7yrNZkzPTN_qokwvXbWsw==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/jpeg
last-modified: Tue, 01 Dec 2020 01:36:00 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=3965&min_rtt=2707&rtt_var=333&sent=548&recv=123&lost=0&retrans=0&sent_bytes=621416&recv_bytes=15271&delivery_rate=40622183&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1151&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 353eb6198d12bd6d0e80405f6de28832.cloudfront.net (CloudFront)
cf-ray: 8ec508506f9cef6e-SIN
accept-ranges: bytes
content-length: 2993
x-amz-cf-pop: SIN2-P7
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 49ms
13ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gwin9au.com
URL: https://gwin9au.com/RFSEOGWIN9

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ZXbWOQVU' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ZXbWOQVU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: EycQ03vDdMPHqzCrWbse4M1+gb52ggMUR7V00mmycbrt7TXNCq/WeCGN1ebd0elwJPWi76cI22+qdEiQV+YH5Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 9dce9ed4d0d4661de089f.jpg
gwin9au.com/media/ 1 KB
2 KB 44ms
42ms Image
image/jpeg 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/9dce9ed4d0d4661de089f.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1370d234b3364815ba80fdba0b6eaf23ee3efd4bda2ae8f6b08184623d007322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "a9d3bdb0803a0d9216c340a2d6bcc036"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5BakwMtACjcYJBkNdJ8vNNAo36MexS05H4Z3RxMDgl3H16Mxu4myLdJm2d5wlXagcicJyauTYYNhJgMP1s1jCsVeWrFQhcf%2FjptiRyRLwf2WVuYa9Q0ZIek3SeB3g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0_H8F6rfzP5B5C3N1LvLwQ7M8nT0MZwExyT1RQCIgfVi9D56wnfOyQ==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/jpeg
last-modified: Mon, 07 Aug 2023 11:26:26 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=564&recv=126&lost=0&retrans=0&sent_bytes=637777&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1165&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 96284f61084e7118716cb8c5c34dd7a0.cloudfront.net (CloudFront)
cf-ray: 8ec508508febef6e-SIN
accept-ranges: bytes
content-length: 1061
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 fb2564e4d0d4672d2d963.jpg
gwin9au.com/media/ 2 KB
2 KB 47ms
43ms Image
image/jpeg 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/fb2564e4d0d4672d2d963.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de73b432929576bfa55b9c7fe31f9e1f5c5c4f3c9184956b73e3527c3ffe58cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "86a682540f1ea0f9d7466d4fa2aec2d3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBCg0HnlO8Yjpl8AY2i68%2BZXECcRjZPEv%2F2mW4h6rrT23QTXEq8PhQvEvRH1YZ4Di8WkIrLiPtk1%2F308kqx7K4UeS6V4aICMZDNnug1iN0kroe6BJ4H%2BzjCG85c4LA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: VmglPiIXbO--q0o7dHnvNGR7ae4O__VPHRCE6uI7Zfe0T1f0pFcH0w==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/jpeg
last-modified: Mon, 07 Aug 2023 11:26:31 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=566&recv=126&lost=0&retrans=0&sent_bytes=639712&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1169&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 903d095eb644af4425e3808326bdc4e8.cloudfront.net (CloudFront)
cf-ray: 8ec508508ff5ef6e-SIN
accept-ranges: bytes
content-length: 1692
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 ec8d444c3c476c8320f98.gif
gwin9au.com/media/ 728 KB
729 KB 45ms
41ms Image
image/gif 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/ec8d444c3c476c8320f98.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08663e2fbd0dc32d8d4628e439e6ab55bb9320ba7a12082664869d66ae071217

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "90da8c9448e7ba51f1caebafb4cd63bd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6cmb4XK2Cm5Wc1riDfjUqdjQe3%2Bz4viJV8oP5EscOC%2BjH%2BxJKRA3rbSuB9o7oVm7cwn%2FEbUfMNPawO3oFxqp8Se2OkG4RAUYNcwLhXXihMDTimYba7etV7Oe%2FiDYA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: h-lCIxbeZepBY3aZpJyzDvfDGvb8RsJAvugMD0LNSv7l2Mx6S8jeVA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/gif
last-modified: Sun, 01 Dec 2024 10:36:53 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=576&recv=126&lost=0&retrans=0&sent_bytes=649961&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1173&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 6e88e2758d60d31557bd6a2743570ed0.cloudfront.net (CloudFront)
cf-ray: 8ec508509807ef6e-SIN
accept-ranges: bytes
content-length: 745165
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 7739d6f4d0d46d80f7688.jpg
gwin9au.com/media/ 6 KB
7 KB 88ms
83ms Image
image/jpeg 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/7739d6f4d0d46d80f7688.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc05e97ef83ec7346d0d73648e52c0ca3fbab8e7fd83dee80793f82deb5289a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "fa1f5b1ed2dd5ebd68dbfb9683045738"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqxjC9Io9xLbet6WVA%2BJqEh29uW2BepSZurQiA9ReCa5fnKLKAUqoH8pinAk2zOLWO7CpyskoOO2nTCOFKxPv0Zzrt%2BO%2F9M%2FGYIIKVHbBcXaNLskCa1Ws%2BlMczdl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PNO0xAvbJ3ZNXdAGk52t2fWvgORKev6fH3MecEsIrNsKkezhMogc4A==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/jpeg
last-modified: Mon, 07 Aug 2023 11:26:51 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=838&recv=126&lost=0&retrans=0&sent_bytes=960577&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1183&x=1", cfHdrFlush;dur=6
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 1e6c252eb75ca2cd762cd042a9e5c038.cloudfront.net (CloudFront)
cf-ray: 8ec508509809ef6e-SIN
accept-ranges: bytes
content-length: 6450
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 7cf44896d0d460447a0a6.png
gwin9au.com/media/ 2 KB
3 KB 44ms
39ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/7cf44896d0d460447a0a6.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e0c1435e450734d28e6f3df61ad8dfa5f2832e5118374505d74322ef3be98d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: REVALIDATED
etag: "463507dfe18319b432335d7e01c819ed"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oeQjo0u%2BK708U4U8bCYaAtPorFKaCKsp4rWE5CChGXoS%2FfDvF67QHMXziZwBjmdDTu01OM0WQ0YHBe%2BRuQHKR1NkHZeZONxJwXSbIQL9pfNuobCVqf5fI4WsSGVXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZRxP8WIqok7FYkZLieKrF5kg7S01ZsPi-6lcw7WNB-5onyqscIDQsA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:33:47 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=569&recv=126&lost=0&retrans=0&sent_bytes=642305&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1170&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e92fec942bb89530db59f7b8a26d7e26.cloudfront.net (CloudFront)
cf-ray: 8ec50850980bef6e-SIN
accept-ranges: bytes
content-length: 2285
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 b84c53b3e6f36.png
gwin9au.com/media/ 4 KB
5 KB 62ms
58ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/b84c53b3e6f36.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c6e4ec558292cc7c4014ecbd9351dbbd4da3cff3c7aefdfd852e343788e08c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "8bbe7c8042580ce6587902c7f9901004"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cznomqMXAp%2FAtqeB6RAiG2EDz8pAuCognQ93QaH02aDpOSiaFw94F%2FsqE8Xebv3cVLMRiVaYnz27siAVxiUargaDmYz6tuhE1b0L%2BpHLU0VEjKrt%2FtFqkZwT4E7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: U33ZofBbXC75F3smqyFZxmP_qkGbMMv4RWoR0IUEhwzJ8gJ2X1z1Uw==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Thu, 23 Feb 2023 03:55:35 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=685&recv=126&lost=0&retrans=0&sent_bytes=779552&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1176&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 c3691d761a167bc90e6d3311843f48ce.cloudfront.net (CloudFront)
cf-ray: 8ec50850980cef6e-SIN
accept-ranges: bytes
content-length: 4605
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 235f750f9b446.gif
gwin9au.com/media/ 189 KB
189 KB 88ms
84ms Image
image/gif 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/235f750f9b446.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd0aee4cb6cdb86bbd3030910d25f910419933594e5424ef5a4bc4d5c12c672

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "97a0440bf7cbfb3fc356fd850793095e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xovZq4MR4vaABiv5xQeiGBspARpGdEuIyVEhh30zF%2BTUpBfEMC5lzN7xFkW%2BEyR%2F4SMHuQDKUZtB7lBaZmMSK2qxkyNRPi8Oy6Ck8rg4OtGObB4EgwB9nX%2BC55yb4A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Nr8Lt-09NIdF_9VWHYKRrbWVnBcKI03YPO9u-UBSJIzQQKVh7McOhg==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/gif
last-modified: Fri, 28 Apr 2023 10:25:10 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=838&recv=126&lost=0&retrans=0&sent_bytes=960577&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1183&x=1", cfHdrFlush;dur=6
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 6117d3b06db7d2357a500f3a4a01ded2.cloudfront.net (CloudFront)
cf-ray: 8ec50850980eef6e-SIN
accept-ranges: bytes
content-length: 193090
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 da08a9a6d0d46c2d435d3.png
gwin9au.com/media/ 3 KB
4 KB 43ms
40ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/da08a9a6d0d46c2d435d3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c41c13e8e7dd9f0dfa6241dfb9352fe380972aae11027bb812b232848368e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: REVALIDATED
etag: "7f44493157b0052ea783bd76cd32ff14"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlvqwDuY0ZwYu9j%2FhZpwc5tVjQI%2F9W1D8cospflZYrEILqjkHLE1p6w33wyexe10BeGzNo7LTsUEsa8L1i82EjsXMJao6f%2B6yCcchoOF4XkUNwzFKOryyo6r0ORFXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: fI0UjI9Jl9CxqWe4940l8_DOu_uEU3Z7G-XpBH_lzJlyLDiqcAxbhw==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:34:05 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=572&recv=126&lost=0&retrans=0&sent_bytes=645498&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1171&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 744a1a944313f4cfdfc83fe056d50e50.cloudfront.net (CloudFront)
cf-ray: 8ec508509811ef6e-SIN
accept-ranges: bytes
content-length: 3532
x-amz-cf-pop: SIN2-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 894ec2b6d0d467dc99ac9.png
gwin9au.com/media/ 2 KB
3 KB 49ms
45ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/894ec2b6d0d467dc99ac9.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d15b6ec06249788db25c4dd2df348635991180dbdc014b362fc530b0d6838c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "080e3fd91e54a510db10aeabc31f3e8e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyJWB%2F5hmmodvg8zAyxlNqoflbllx%2FLThS0EDQPVvaNVO4F2AKK%2F7MlXidLw3%2FhaUSQHKPZl%2Fy0o1NefvU3J8gJpmu1%2B1W%2B1gWPTonqBiYvC%2FmQvDkKZ6Hj9ceIcZg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 52YdIGoBWc_OtYWWnedhedqj6EUJk1NOfPFqS5BmEe95n9TfUMNDYg==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:34:14 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=603&recv=126&lost=0&retrans=0&sent_bytes=681992&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1174&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 1d57903077f825f5f9b8e3bdb1b93704.cloudfront.net (CloudFront)
cf-ray: 8ec508509813ef6e-SIN
accept-ranges: bytes
content-length: 2501
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 48ms
24ms Font
font/woff2 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gwin9au.com
Referer: https://fonts.googleapis.com/

Response headers

age: 413556
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 21:53:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 21:53:46 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

POST
H3 200 index.php Show response
gwin9au.com/api/v1/ 218 KB
14 KB 50ms
46ms XHR
application/json 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/api/v1/index.php
Requested by: Host: gwin9au.com
URL: https://gwin9au.com/mobile/app.js?v=5063
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08eeb8bba4c40ccbc867083892841b77820722b1d11bdc481bbf2ab1e8de101

Request headers

Referer: https://gwin9au.com/RFSEOGWIN9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uHgaB07%2FdzkBLKTaeb6dQC6%2BI5C7%2FwJrk8PlS%2BGoducoKiFhPokKd664wmSd9WKFb9%2BocDRSW8I59Q7CsRY6k3SmxZ8kZvdIRFnNRmUtgbidwKY%2BpKnXLR%2FRyN%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec508509814ef6e-SIN
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=606&recv=126&lost=0&retrans=0&sent_bytes=685400&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1175&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 f1626a74d0d4650fbe0c5.png
gwin9au.com/media/ 20 KB
21 KB 53ms
49ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/f1626a74d0d4650fbe0c5.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d866e459212c48d6521958d8417a605abdcc983f550e28977a94e29bb86549

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "7af5b74957293876f41bcd041ce54842"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCLXSG1Y%2FRSwwGVWIKWeVUu2zTCQVIgzvvWpEzNFddoRqPNJGH%2B27d5hynwxaGe02dw%2BVIKYu95Y%2BidoN15JhD55GBAeXpw6%2BxXoJzPOLM6ixKszIu8Cqp6fHEpbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: JVTpMvaIeH10LuycEtvripzZ7BpZnFTuAU6NGI02BTangEYCICWnAg==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:24:47 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=675&recv=126&lost=0&retrans=0&sent_bytes=767552&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1176&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
cf-ray: 8ec508509816ef6e-SIN
accept-ranges: bytes
content-length: 20159
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 e9bf6c3e0bb6600166012.png
gwin9au.com/media/ 11 KB
12 KB 94ms
91ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/e9bf6c3e0bb6600166012.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75eb77bc45144030fc9cc794ea86acdc58ce1d75a5e43039dab2061ab862de09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "89f3f3c1916d5f4d748a0766cfd4d809"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APgx97EkEFml90CpWwlPSMXWXlgQK5atNvWmUXdYrdDUuGGrDhH3IIpXbyA%2Fp79AAaWxFZWC%2FY51AsqA2bqjhS2bwZlpyMwx5luGyofOsWnW%2FSc71ywfd%2Ff06CZfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: KOSLT278rQmwD42LfZjUw4V9Xe9FVru-IHYDuwCXN1oWzq1ChoXzMg==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Tue, 13 Aug 2024 07:41:49 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=816&recv=126&lost=0&retrans=0&sent_bytes=935271&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1179&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 69ce12cd28f192f5e142ba57e5fe0b80.cloudfront.net (CloudFront)
cf-ray: 8ec508509818ef6e-SIN
accept-ranges: bytes
content-length: 11342
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 loading.jpg
gwin9au.com/other/ 6 KB
6 KB 60ms
57ms Image
image/jpeg 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/other/loading.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "f610622904b8a5a177f994328edc9167"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DXEDbrGVrrPcEC7CN0IR1jV1ZKsuxOeb%2FhOtZUevZWE88RpG8P91ryLI9ZfTKm%2BGlKt%2FzoF5Cv14z%2BUz6KKGMoTIvWdm2WSEWowNuV%2FhpX4Ocmdxid9SRtEvhS7QA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: n9w3BwyDEdNlOMCd-oVvJaMO0jnb88XpGHdG-nnGRCtqvoIn4JczcQ==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/jpeg
last-modified: Mon, 28 Dec 2020 06:15:34 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=726&recv=126&lost=0&retrans=0&sent_bytes=828062&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1177&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 edbe37857ecef88edf038f3b8d7d9742.cloudfront.net (CloudFront)
cf-ray: 8ec50850981cef6e-SIN
accept-ranges: bytes
content-length: 5752
x-amz-cf-pop: SIN2-P4
server: cloudflare

GET
H3 200 71c9953ea94769b3ef39a.png
gwin9au.com/media/ 15 KB
16 KB 95ms
92ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/71c9953ea94769b3ef39a.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ea22a88b95b0eb3d5687b0c38e7345a2317c3d03b5564458de050f586e329a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "6a87b70023b45b1240d778e22320f1c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsJP9x%2BlOXODUDzuE%2B%2BZQsU76dQJ0c9shDAjtGu6KNYHl50ifHfO7qHvgPiECZGQgnHeFN9EPMBIYmx0wxCr45b%2FYfpnaaAyCPyvmIzOPsCQw3mqTd78Ap6PdrD7Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: EnxKl88UrLPBB82fs02cJt7BaxxKEgBS7vbJgxIIYG_Ts2-FBoQtBQ==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:06:16 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=4625&min_rtt=2707&rtt_var=1342&sent=827&recv=126&lost=0&retrans=0&sent_bytes=947730&recv_bytes=15723&delivery_rate=434455&cwnd=322800&unsent_bytes=0&cid=f34149f77832ebe9&ts=1179&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 65fc716cef7628714eb75fad663eaf38.cloudfront.net (CloudFront)
cf-ray: 8ec50850981eef6e-SIN
accept-ranges: bytes
content-length: 15487
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 d33c40d4d0d4649e5c6a6.png
gwin9au.com/media/ 4 KB
5 KB 81ms
75ms Other
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/media/d33c40d4d0d4649e5c6a6.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1c9e45fadbfc6c19579b661731bd151ce7ef3fcae6d43bf50034899ddbe800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/RFSEOGWIN9

Response headers

cf-cache-status: MISS
etag: "05e2b117028e3e355b3d846e6c187c4f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDv1RdZ8drBLsGFF9X52onbgtD3Gou0u3knjOJFMejGhfBVlFRgYGN5Fp0blwGjpfv%2BaxSEmUqlEKniObs%2FJdVmXcsc5KzzdUwiTHUBs64x2VWn4%2B9uMr8J6PjyE%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0FoVnnjbbhWkTXa6fOQQIjdRgJplRx_lLr0w2mxcGr4wctorBZEAYQ==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:26:12 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=12634&min_rtt=2707&rtt_var=2589&sent=878&recv=139&lost=0&retrans=0&sent_bytes=1008577&recv_bytes=16301&delivery_rate=4618850&cwnd=344700&unsent_bytes=0&cid=f34149f77832ebe9&ts=1190&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
cf-ray: 8ec50850a85aef6e-SIN
accept-ranges: bytes
content-length: 4144
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 162 KB
162 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gwin9au.com
Referer

Response headers

Content-Type: application/x-font-ttf

GET
H3 200 225f9406eff5678a3ee8e.png
gwin9au.com/media/ 997 B
2 KB 43ms
39ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/225f9406eff5678a3ee8e.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9e22ce22fcf44ad3268477875afdc0d662c2bd53a56165d1421ef302484f81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/register

Response headers

cf-cache-status: REVALIDATED
etag: "3b7cb04cdbf81db1ab7d3136fa571fa3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0zqpRgj%2FzFAzwtfgJdisQB1DKPBLevgil25yFMR8lbcVu1ZY%2B8NDju%2BwaS2trL8l6xE2s94zy2x%2FuUIgVV0T8ji0ieBsr%2Bp5Eb189b2%2BEOKrmG0omCKtKbYj9NSew%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: qtBvakhWiCSzWGqMGgBOOEX6Go-21tpWbomC78LP4Rr3-CuhefS_cg==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Sun, 24 Mar 2024 08:36:21 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7155&min_rtt=2707&rtt_var=1625&sent=1650&recv=242&lost=119&retrans=119&sent_bytes=1912059&recv_bytes=22116&delivery_rate=18027373&cwnd=254939&unsent_bytes=0&cid=f34149f77832ebe9&ts=1292&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 503185d30898f0ec9039d4166605804a.cloudfront.net (CloudFront)
cf-ray: 8ec508514a4eef6e-SIN
accept-ranges: bytes
content-length: 997
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 c6290216eff56ccb40ebe.png
gwin9au.com/media/ 925 B
2 KB 42ms
39ms Image
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/c6290216eff56ccb40ebe.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39174fdb052fd4e171f278ad07ef756086c7f8f6b83167bc81b10f2ef84743a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/register

Response headers

cf-cache-status: MISS
etag: "f7acc148e3a7d4963ba63a1e3e1f7afd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ED%2FRimHz2LtptDzYqiYLEaLnPPnaZW8FqVbUXBmrgUUaLUapH7%2BOgqitu6nbLCKLvmpiAyNX84tPf2YBeFFrJvgcsRmf1osNMEmJNXXkdRj%2BMv%2FN2X9M%2Bc0urhonKg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NI2ABflDErDoXJ7jcAgk9hfAUyVya7UzSrTp1kVPsN0k226kqtfHqA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Sun, 24 Mar 2024 08:36:35 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7155&min_rtt=2707&rtt_var=1625&sent=1648&recv=242&lost=119&retrans=119&sent_bytes=1910247&recv_bytes=22116&delivery_rate=18027373&cwnd=254939&unsent_bytes=0&cid=f34149f77832ebe9&ts=1291&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 6e88e2758d60d31557bd6a2743570ed0.cloudfront.net (CloudFront)
cf-ray: 8ec508514a52ef6e-SIN
accept-ranges: bytes
content-length: 925
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 823355bf5b176e1a7ec4b.gif
gwin9au.com/media/ 300 KB
301 KB 37ms
35ms Image
image/gif 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwin9au.com/media/823355bf5b176e1a7ec4b.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e765900f5d37ac6d750ee4792cf8a04715ff57e670b639167a1ea1ba8263bb62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/register

Response headers

cf-cache-status: MISS
etag: "722da4133cbfa95576eb726bbc809278"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmKZcmx2qSdgdvNllGFcwGmqDIH3XoIJsiMa7e1nfLPBO1CHMhs5YohfzjRBXoa4nJw6Hp8Gm4J3Wb3m61PilywHHhXU4gh27531fp2zk0h7h6t6QEw2c2pT7kH0Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -L7g8kWvkZ9pNg7eQdfASFw0BjP9n98DdFlG0xPuA_5zTuOiVfa7SA==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/gif
last-modified: Fri, 25 Oct 2024 09:07:02 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7155&min_rtt=2707&rtt_var=1625&sent=1593&recv=242&lost=119&retrans=119&sent_bytes=1844658&recv_bytes=22116&delivery_rate=18027373&cwnd=254939&unsent_bytes=0&cid=f34149f77832ebe9&ts=1290&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 6117d3b06db7d2357a500f3a4a01ded2.cloudfront.net (CloudFront)
cf-ray: 8ec508514a53ef6e-SIN
accept-ranges: bytes
content-length: 307339
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 d33c40d4d0d4649e5c6a6.png
gwin9au.com/media/ 4 KB
0 0ms
0ms Other
image/png 104.21.44.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwin9au.com/media/d33c40d4d0d4649e5c6a6.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.44.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1c9e45fadbfc6c19579b661731bd151ce7ef3fcae6d43bf50034899ddbe800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/register

Response headers

cf-cache-status: MISS
etag: "05e2b117028e3e355b3d846e6c187c4f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDv1RdZ8drBLsGFF9X52onbgtD3Gou0u3knjOJFMejGhfBVlFRgYGN5Fp0blwGjpfv%2BaxSEmUqlEKniObs%2FJdVmXcsc5KzzdUwiTHUBs64x2VWn4%2B9uMr8J6PjyE%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0FoVnnjbbhWkTXa6fOQQIjdRgJplRx_lLr0w2mxcGr4wctorBZEAYQ==
date: Tue, 03 Dec 2024 16:46:22 GMT
content-type: image/png
last-modified: Mon, 07 Aug 2023 11:26:12 GMT
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=12634&min_rtt=2707&rtt_var=2589&sent=878&recv=139&lost=0&retrans=0&sent_bytes=1008577&recv_bytes=16301&delivery_rate=4618850&cwnd=344700&unsent_bytes=0&cid=f34149f77832ebe9&ts=1190&x=1", cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
cf-ray: 8ec50850a85aef6e-SIN
accept-ranges: bytes
content-length: 4144
x-amz-cf-pop: SIN2-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 876933531016274 Show response
connect.facebook.net/signals/config/ 85 KB
16 KB 284ms
284ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876933531016274?v=2.9.176&r=stable&domain=gwin9au.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

d4dccdf437d78acea053738984ff6b001107103c44530ab6d7fba44be165e631

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-70bCs0tQ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 16:46:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-70bCs0tQ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=57, mss=1232, tbw=70315, tp=65, tpl=0, uplat=275, ullat=0
pragma: public
x-fb-debug: sZaEtvg0n5s1ltRcpammV9y4ilDgbV58Nb1Hxrk2MymcvipqHvqJ/Qex60yvBJneq7/NDb/wH9olbufUkwiYIg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 15ms
5ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876933531016274&ev=PageView&dl=https%3A%2F%2Fgwin9au.com%2Fregister&rl=&if=false&ts=1733244383411&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733244383391.563651853924725&cs_est=true&ler=empty&cdl=API_unavailable&it=1733244383015&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4504, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 03 Dec 2024 16:46:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 281ms
272ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=876933531016274&ev=PageView&dl=https%3A%2F%2Fgwin9au.com%2Fregister&rl=&if=false&ts=1733244383411&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733244383391.563651853924725&cs_est=true&ler=empty&cdl=API_unavailable&it=1733244383015&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gwin9au.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7444227941532392377"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 16:46:23 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7444227941532392377", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: FUQPDG8Ny57/gHLM7WKlJC0KbVrMwS9GrRZL566VkTB1ZgheQSmZ/j0O9dh7u8mQY2z2b4UHXhOskHmurX5PTA==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4920, tp=14, tpl=0, uplat=266, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gwin9au.com/	1970-01-21 03:37:00	Name: _fbp Value: fb.1.1733244383391.563651853924725

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://gwin9au.com/mobile/app.js?v=5063(Line 5) Message: Listener added for a 'DOMSubtreeModified' mutation event. Support for this event type has been removed, and this event will no longer be fired. See https://chromestatus.com/feature/5083947249172480 for more information.
recommendation	verbose	URL: https://gwin9au.com/register Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gwin9au.com
justinnorrisswimacademy.com
o.alicdn.com
www.facebook.com
104.21.44.206
156.67.220.232
163.181.160.250
172.253.118.95
57.144.144.1
57.144.144.128
74.125.130.94
08663e2fbd0dc32d8d4628e439e6ab55bb9320ba7a12082664869d66ae071217
0efb293e15cd30d46cfc5c2acda98f4f34fd83ce06194fbfc3aea69d17046652
1370d234b3364815ba80fdba0b6eaf23ee3efd4bda2ae8f6b08184623d007322
1bd0aee4cb6cdb86bbd3030910d25f910419933594e5424ef5a4bc4d5c12c672
2c2c3ef603cdff3e38cb0a94cd7b8c386f1e47a23c29272aa09a1575b638a963
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
38e0c1435e450734d28e6f3df61ad8dfa5f2832e5118374505d74322ef3be98d
45d866e459212c48d6521958d8417a605abdcc983f550e28977a94e29bb86549
46d15b6ec06249788db25c4dd2df348635991180dbdc014b362fc530b0d6838c
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
61c41c13e8e7dd9f0dfa6241dfb9352fe380972aae11027bb812b232848368e5
61ea22a88b95b0eb3d5687b0c38e7345a2317c3d03b5564458de050f586e329a
660b12437b1d747e3e68b8be0685c08cb728140110ad213f167b14b66f8b1d8e
6e9e22ce22fcf44ad3268477875afdc0d662c2bd53a56165d1421ef302484f81
75eb77bc45144030fc9cc794ea86acdc58ce1d75a5e43039dab2061ab862de09
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
a0c6e4ec558292cc7c4014ecbd9351dbbd4da3cff3c7aefdfd852e343788e08c
a39174fdb052fd4e171f278ad07ef756086c7f8f6b83167bc81b10f2ef84743a
a8e29918d098b2b06e1012bdaeffb4aec0445c5d5654709023e0bd1f442a80e8
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af1c9e45fadbfc6c19579b661731bd151ce7ef3fcae6d43bf50034899ddbe800
b4d5f92a78c86dee4b124356c0fa7e0d08cdfd92bbe73f99b31f6bdbb4d53ee8
c77f4ea2f62778973346617ec829bae202eeee124d44a4d5e0b1f9a5d184291a
d08eeb8bba4c40ccbc867083892841b77820722b1d11bdc481bbf2ab1e8de101
d4dccdf437d78acea053738984ff6b001107103c44530ab6d7fba44be165e631
d9486d61129491dd51f892b40b40ea330ab9c701e760f4dfb7e6e1263bfb0cfa
dc05e97ef83ec7346d0d73648e52c0ca3fbab8e7fd83dee80793f82deb5289a7
de73b432929576bfa55b9c7fe31f9e1f5c5c4f3c9184956b73e3527c3ffe58cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e765900f5d37ac6d750ee4792cf8a04715ff57e670b639167a1ea1ba8263bb62
eda4a186bb324e7367b4a2ce53ff7a4cd3da9064a939c686ffa5897ff5a5081d

gwin9au.com Open in urlscan Pro 104.21.44.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

7 IPs

4 Countries

2373 kBTransfer

4607 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gwin9au.com Open in urlscan Pro
104.21.44.206 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2373 kB
Transfer

4607 kB
Size

1
Cookies

33 HTTP transactions
1 data transactions